Virus Windows Host Process rundll32

Muy buenas, tengo problemas ya hace 1 semana con un virus que hace que escriba las cosas con doble tilde, busqué acerca de qué me causaba el problema, ya que pensaba que lo causaba una desconfiguración del teclado.

Configuré todo y no se resolvía. Me di con la sorpresa de que era un virus. Buscando que era cada proceso que se estaba ejecutando que me mostraba el administrador de tareas, veo que tenia 4 veces abierto el programa “Windows Host Process (Rundll32) (32 bits)” con la ruta C:\Windows\SysWOW64, buscando acerca de el archivo alguien habla en las consultas de Microsoft sobre este mismo proceso y le generaba el mismo problema de las tildes, tomando de referencia eso, finalizo el proceso para ver que pasaba y cuando vuelvo a escribir si me escribe normal.

Hay otro llamado “Proceso de Host de Windows (Rundll32)” con la ruta C:\Windows\System32 que al cerrar este no ocurre nada. Espero me puedan ayudar.

El MalwareBytes y el antivirus de windows no lo detectan para nada, me sale que est´´a todo limpio.

Psdt: Las palabras con tilde las escrib´´i despu´´es de finalizar el proceso pero ya se volvi´´o a iniciar.

2 Me gusta

Hola @Makedish ¡Te damos la Bienvenida a los foros de InfoSpyware!

Como podrás ver, el sistema de nuestro foro se basa en meritos, necesitas participar en el foro para conseguir algunos de ellos para poder subir imágenes o adjuntar archivos capturada7

Desafortunadamente este malware es muy persistente y requiere el uso de una herramienta muy especial que debe ser supervisada por expertos.

Para empezar lee este tema

Sigue las instrucciones y obtendrás un par de reportes. Traes estos reportes cuando respondas para que uno de nuestros expertos empiece a evaluar tu caso

Saludos.

2 Me gusta

Hola con permiso del compañero @JCTecn1cal y tu permiso @Makedish

Pues el malware que tienes en tu máquina es difícil de eliminar o tiene, digamos que cierta persistencia en el sistema y por eso es más difícil de eliminarlo.

Así que voy a atender este tema. Pues debemos ahora de utilizar una herramienta “un poco especial” para eliminar esos malwares que persisten.

EN BUSCA / ELIMINACIÓN DE MALWARE

:one: Desactivas tu antivirus :arrow_forward: Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

:warning: Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

:two: Farbar Recovery Scan Tool

  1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

  2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

  3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

  4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

:three: Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

:four: PRÓXIMA RESPUESTA

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

1 me gusta

Hola, buenas @Makedish

¿Pudiste realizar algún avance acerca de lo que te comenté?

Me comentas.

Salu2.

1 me gusta

Buenas @MIXU, disculpa por responder tarde, estuve ocupado con unos asuntos de estudio.

Realicé el análisis y ahora adjunto los reportes.

Primero el FRST.txt y segundo el Addition.txt

[size=4]**Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 19.04.2024 01**[/size]
[size=4]**Ejecutado por Bruno Càceres (administrador) sobre LAPTOP-5VT466CM (LENOVO 80E5) (17-05-2024 20:08:31)**[/size]
[size=4]**Ejecutado desde C:\Users\erika\Desktop\FRST64.exe**[/size]
[size=4]**Perfiles cargados: Bruno Càceres**[/size]
[size=4]**Plataforma: Microsoft Windows 10 Home Single Language Versión 22H2 19045.4412 (X64) Idioma: Español (España, internacional)**[/size]
[size=4]**Navegador predeterminado: Chrome**[/size]
[size=4]**Modo de Inicio: Normal**[/size]

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe <4>
(explorer.exe ->) (04797BBC-C7BB-462F-9B66-331C81E27C0E -> TranslucentTB Open Source Developers) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2024.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.081.0421.0003\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3>
(rundll32.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <4>
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-04-24] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [142222176 2023-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37495272 2024-04-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\erika\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated" (Ningún archivo)
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3851184 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [Discord] => C:\Users\erika\AppData\Local\Discord\Update.exe [1525016 2023-02-13] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [71898448 2024-04-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [MicrosoftEdgeAutoLaunch_8D4E6D2024FFE84AF89F70F1F149D078] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start (Ningún archivo)
HKLM\...\Print\Monitors\HP E211 Status Monitor: C:\WINDOWS\system32\hpinkstsE211LM.dll [383496 2014-12-18] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\124.0.6367.208\Installer\chrmstp.exe [2024-05-15] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> "C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.66\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable
IFEO\CompatTelRunner.exe: [Debugger] %windir%\System32\taskkill.exe
IFEO\DeviceCensus.exe: [Debugger] %windir%\System32\taskkill.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1240679C-7560-444E-8313-9453D50EB166} - System32\Tasks\ASC_PerformanceMonitor => "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe"  -> C:\Program Files (x86)\IObit\Advanced SystemCare\\/Task
Task: {30BD3F96-A4B2-4BE7-96DB-1C40986E403A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5672240 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {CE84B99A-C70D-4C93-B183-DF7CBE2C6FCB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{99CEDC0C-52E4-4065-B51C-F4EFD1625FC0} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
Task: {D64A4740-B8DB-4D7D-9672-0A80E1DD300C} - System32\Tasks\HidHide_Updater => C:\Program Files\Nefarius Software Solutions\HidHide\HidHide_Updater.exe [1041856 2022-06-27] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.) -> C:\Program Files\Nefarius Software Solutions\HidHide\\/silent
Task: {BC98A26F-969B-4D6E-98A9-A38EB6F6A4C3} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {538A8C8A-9C08-41C7-AE55-FD843E3DC7AD} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {02D39F96-DBD4-45C0-83C7-43FF986CA42C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {DC3A0751-56A8-4799-9E31-036A6A802B41} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {4F90EE7B-7DB4-436C-B93C-44C8A44AB812} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2880dde6-d629-4497-8e19-d2f1fd8c91c7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DA322371-C6DD-49BE-B61B-07605E9DDB97} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3dab9de1-5475-4f93-a0cc-44867fd65fa6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F689CB02-968C-471C-A372-9DE6EB13F2C4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e75c93a4-5ce3-4e70-8f22-93f83591912d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F9AE8A85-96FF-4556-8729-4FD1BF5659D2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\eba5e2ab-6e84-452b-8c8c-8a2e4abe756d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {2CAFEE57-77D3-4493-BCB1-A1BE1C423DED} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fe36021b-ae2b-4e19-ad19-2ad0c77a1cae => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {B2777E05-5E38-4ADD-8862-774F5AD433D9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"  (Ningún archivo)
Task: {5A8E7BB5-7629-4629-95C2-3EA8E8F88BD7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28436048 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E87A6E6D-9544-4385-9F6F-D9662EC9B7B8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28436048 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F49461BD-6FBA-4D63-AB30-D3B26792EE82} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CCF96BE-906E-4D89-859B-B7A1C2679138} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC41EA47-7291-47B4-8EB7-D05673F4CE7E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168928 2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A0C1D2E-F659-416A-AC9F-0972B2654761} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4447936 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D7A0228-D4C6-498B-80AA-DD08AAB0E7F4} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\System32\rundll32.exe [71680 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F77BE78F-1571-4424-BE3D-713AC945A670} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\wmiM40G => C:\WINDOWS\system32\rundll32.exe [71680 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> C:\ProgramData\TreeCenter\BortValue\cnbsofcVIdcorsn.dll CNAMogus5Soumu
Task: {6B7F0DD7-B665-4965-AA72-C951914122B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1376666-FB19-43E8-A721-32D985BBF5B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DF2860B1-BE24-43F5-ABA5-CE7C2DE40A56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D1EF72B3-18DA-4DA0-B550-2E410A6EE160} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D1D01C53-569E-4192-8238-437A20DA2A9E} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe  /c (Ningún archivo)
Task: {843EEAB4-CB8D-42A4-8FE7-A0AC55B193A8} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe  /ua /installsource scheduler (Ningún archivo)
Task: {02D5D0FB-045E-4F06-A223-A9304242DBFA} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DD7714F-74FF-4097-B24C-531A5FE0A44A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4099771876-1399699478-3733680322-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {1551E8EE-968B-41CF-9D6B-61656DED790E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-04-10] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {57E6DDC6-BC21-400C-8E04-73FE7B30067E} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-09-10] (CyberLink Corp. -> CyberLink Corp.)
Task: {0F0DE5A2-DF2C-4B86-84C8-CAF972CE9866} - System32\Tasks\RunDS4Windows => C:\Users\erika\Downloads\DS4Windows\task.bat [98 2024-05-16] () [Archivo no firmado]

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 200.48.225.146 200.48.225.130
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}: [DhcpNameServer] 200.48.225.146 200.48.225.130
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}: [DhcpDomain] hitronhub.home
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}\6416D696C69616023666022374: [DhcpNameServer] 192.168.18.1
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}\7416C6168797021403330234F6275626367343: [DhcpNameServer] 192.168.2.39
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}\D416B65646963786: [DhcpNameServer] 192.168.158.86
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}\D4F4E44514C46514E4: [DhcpNameServer] 200.48.225.146 200.48.225.130
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}\D4F4E44514C46514E4: [DhcpDomain] telefonica.pe
Tcpip\..\Interfaces\{5aec790e-e4be-4623-8058-1c38bbdcab41}: [DhcpNameServer] 200.48.225.130 200.48.225.146
Tcpip\..\Interfaces\{5aec790e-e4be-4623-8058-1c38bbdcab41}: [DhcpDomain] hitronhub.home

Edge: 
=======
Edge Profile: C:\Users\erika\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-09]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\erika\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-05]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\erika\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-09]
Edge Extension: (Edge relevant text changes) - C:\Users\erika\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\erika\AppData\Local\Google\Chrome\User Data\Default [2024-05-17]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Hola VPN - The Website Unblocker) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2024-05-16]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-17]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\erika\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-11]
CHR Profile: C:\Users\erika\AppData\Local\Google\Chrome\User Data\Profile 8 [2024-05-10]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-22]
CHR Profile: C:\Users\erika\AppData\Local\Google\Chrome\User Data\System Profile [2024-05-17]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
1 me gusta
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 19.04.2024 01
Ejecutado por Bruno Càceres (17-05-2024 19:53:43)
Ejecutado desde C:\Users\erika\Desktop
Microsoft Windows 10 Home Single Language Versión 22H2 19045.4412 (X64) (2022-11-30 07:53:31)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-4099771876-1399699478-3733680322-500 - Administrator - Disabled)
Bruno Càceres (S-1-5-21-4099771876-1399699478-3733680322-1001 - Administrator - Enabled) => C:\Users\erika
DefaultAccount (S-1-5-21-4099771876-1399699478-3733680322-503 - Limited - Disabled)
Invitado (S-1-5-21-4099771876-1399699478-3733680322-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4099771876-1399699478-3733680322-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.17531.20140 - Microsoft Corporation)
Asistente de soporte y recuperación de Microsoft (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\4336df8a13b91f17) (Version: 17.1.495.23 - Microsoft Corporation)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Conexant Audio Filter Agent (HKLM\...\cAudioFilterAgent) (Version: 1.7.83.0 - Conexant Systems)
CPUID CPU-Z 1.99 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.99 - CPUID, Inc.)
CxAudMsg (HKLM\...\CxAudMsg) (Version:  - )
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Discord (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Discord) (Version: 1.0.9011 - Discord Inc.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
DuvApp (HKLM-x32\...\{A8901DD2-3210-44D3-BB45-4ACB2E8705DE}) (Version: 3.7.7 - publub)
Epic Games Launcher (HKLM-x32\...\{3EB077E6-4FDC-4E90-8BCA-FD19BB7624BF}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Fallout Fixt 0.81alpha (Full Custom) (HKLM-x32\...\{83D6B5DC-9C8C-4DE2-B66C-14FA5C8680B5}_is1) (Version: 0.81alpha (Full Custom) - Sduibek)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version:  - Ubisoft)
Forte Config (HKLM\...\ForteConfig) (Version: 1.0.0.0 - Conexant Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.208 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Grand Theft Auto Vice City versión 1.1 (HKLM-x32\...\Grand Theft Auto Vice City_is1) (Version: 1.1 - Rockstar Games)
Half-Life (HKLM-x32\...\Half-Life_is1) (Version: Half-Life - No Steam - KingSOFT DVD)
HidHide (HKLM\...\{27AF679E-48DB-4B49-A689-1D6A3A52C472}) (Version: 1.2.98 - Nefarius Software Solutions e.U.)
Intel(R) Chipset Device Software (HKLM\...\{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390}) (Version: 10.1.1.7 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{8B0B53D2-F5B8-4A67-93B0-5960D6ED6186}) (Version: 11.0.0.1153 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{FD37351B-3074-4652-8188-1B3FB784EC4E}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{303C5CD6-2525-49C5-9E49-DBD92F9F63BD}) (Version: 14.5.2.1088 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BC9BA4BE-DA5C-488C-97ED-0BE86C2E69B4}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{224CC1EA-2433-4106-81BA-5D5432B11744}) (Version: 19.30.0.0905 - Intel Corporation) Hidden
Java(TM) SE Development Kit 18.0.2.1 (64-bit) (HKLM\...\{F3A2A837-F83B-5732-97F2-309BE0F51E0C}) (Version: 18.0.2.1 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.1.17.2 - Lenovo)
Malwarebytes version 4.6.12.323 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.12.323 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Host - 6.0.30 (x64) (HKLM\...\{543852FC-D0E4-481B-B2B2-BEB271DED058}) (Version: 48.120.13561 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.26 (x64) (HKLM\...\{D81A418F-966D-4069-B3E8-5EE4843CA862}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.30 (x64) (HKLM\...\{E80165F8-5F40-42C5-82CE-BE934C750771}) (Version: 48.120.13561 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.26 (x64) (HKLM\...\{1A02C1B1-05BB-49F7-9DFF-99A66C6877FC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.30 (x64) (HKLM\...\{63F2E1E5-10EC-4F55-B92D-D65A7AA41A15}) (Version: 48.120.13561 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.66 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office Profesional Plus 2021 - es-es (HKLM\...\ProPlus2021Retail - es-es) (Version: 16.0.17531.20140 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.081.0421.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.75.1 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM\...\{1F0EB53C-BE30-436A-BC54-FA364227A870}) (Version: 48.104.6996 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM-x32\...\{b2476903-b8da-4dcc-903f-378730bb4c48}) (Version: 6.0.26.33205 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.30 (x64) (HKLM\...\{D624CDFC-3CDA-47F7-9F84-A3CCB8D3396B}) (Version: 48.120.13587 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.30 (x64) (HKLM-x32\...\{b2b66c6f-6c27-49d1-846a-6c27d322b9bb}) (Version: 6.0.30.33617 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20140 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
osu! (HKLM-x32\...\{23c196dc-755e-48b2-8502-395cdb5244de}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.248.120.19 - Overwolf Ltd.)
Porofessor.gg (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.360 - Overwolf app)
Python 3.11.2 (64-bit) (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\{4d5f29cf-3d3f-455f-bd47-5a52fb830b25}) (Version: 3.11.2150.0 - Python Software Foundation)
Python 3.11.2 Add to Path (64-bit) (HKLM\...\{48E8B3E4-EEE2-4DB3-A518-C2B8A3075B5A}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Core Interpreter (64-bit) (HKLM\...\{0D38B9A4-4312-465D-A472-450BF75A0460}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Development Libraries (64-bit) (HKLM\...\{A15F08D3-26E4-4F0B-BA8B-ED59A52D6A02}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Documentation (64-bit) (HKLM\...\{1F5C7063-8305-4755-A643-32DE2BE966F9}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Executables (64-bit) (HKLM\...\{D6BE8071-9505-4EE4-9E42-916584C2D21C}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 pip Bootstrap (64-bit) (HKLM\...\{6E84DCAA-19DD-4560-AAE7-043EADF5C1F8}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Standard Library (64-bit) (HKLM\...\{6C19B2EE-FA34-4270-A87F-1FF008C1AC6E}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Tcl/Tk Support (64-bit) (HKLM\...\{6F13A394-E3EA-4585-9ADE-046B69F1F902}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Test Suite (64-bit) (HKLM\...\{83C32D05-F3C4-4D61-877E-0A4C6717E7DC}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Utility Scripts (64-bit) (HKLM\...\{6CE85987-8440-409D-BE75-F5128943F67B}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C28EE783-FA9C-4E09-910E-181A4A28C29C}) (Version: 3.11.2150.0 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Roblox Player for Bruno Càceres (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\roblox-player) (Version:  - Roblox Corporation)
Silent Hill 2 - Directors Cut (HKLM-x32\...\{D3C80E77-E549-4F76-BC07-61DDBD950345}) (Version:  - )
Software Intel® PROSet/Wireless (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Spotify) (Version: 1.2.37.701.ge66eb7bc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.11166 - Microsoft Corporation)
Traducción Fallout Fixt versión 1.2.3 (HKLM-x32\...\Traducción Fallout Fixt_is1) (Version: 1.2.3 - )
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 114.1 - Ubisoft)
UltraISO Premium V9.76 (HKLM-x32\...\UltraISO_is1) (Version: 9.76 - EZB Systems, Inc.)
Undertale 1.001 (HKLM-x32\...\{193C749E-FAEC-4F9F-A59E-B1BED65723E1}_is1) (Version: 1.001 - Freedom Chan TM)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.66 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\ZoomUMX) (Version: 5.10.1 (4420) - Zoom Video Communications, Inc.)

Chrome apps:
============
Documentos (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\04086a85c7287b7471630d3dc43bd9ef) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\bedcc02b8153db9be242413fb1cb9939) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\7699370b2920fe742c52f7f5a891d06a) (Version: 1.0 - Google\Chrome)
Hojas de cálculo (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\0aedd045b6f2ff9800fcee5c67a5a6e6) (Version: 1.0 - Google\Chrome)
Presentaciones (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\ce0353b511ca3efc1359cc48924bacb5) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\b1fe766b5151ae4302a1fad634ddbb8a) (Version: 1.0 - Google\Chrome)

Packages:
=========

Búsqueda web de Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-03-27] (Microsoft Corporation)
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-29] (Microsoft Corporation)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2023-12-20] (Microsoft Studios)
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2024.1.0.0_x64__v826wp6bftszj [2024-03-06] (Charles Milette) [Startup Task]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-4099771876-1399699478-3733680322-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4099771876-1399699478-3733680322-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4099771876-1399699478-3733680322-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Ningún archivo
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> Ningún archivo
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2020-07-13] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2020-07-13] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.081.0421.0003\FileSyncShell64.dll [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2020-07-13] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\erika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Robloxfun36 Push Notification.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=onfcckhbanknhjcdgbmkjkpfnoghnehb
ShortcutWithArgument: C:\Users\erika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\Valeria - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 8"

==================== Módulos cargados (Lista blanca) =============

0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () [Acceso Denegado] C:\ProgramData\TreeCenter\BortValue\cnbsofcVIdcorsn.dll
2015-07-22 03:44 - 2015-07-22 03:44 - 000285184 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-07-22 03:44 - 2015-07-22 03:44 - 000562688 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite.lnk:073005E2F7 [3770]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite.lnk:5017AE502C [3770]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3770]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [484]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-4099771876-1399699478-3733680322-1001 -> DefaultScope {D5482AE6-AB8C-4CC6-A030-31C335615DF4} URL = 
SearchScopes: HKU\S-1-5-21-4099771876-1399699478-3733680322-1001 -> {D5482AE6-AB8C-4CC6-A030-31C335615DF4} URL = 
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.66\BHO\ie_to_edge_bho_64.dll => Ningún archivo
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.66\BHO\ie_to_edge_bho.dll => Ningún archivo
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Ningún archivo

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\sharepoint.com -> hxxps://senatipe-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2015-10-30 02:24 - 2020-05-14 14:45 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\erika\Pictures\Fondos de pantalla\fondo 3.png
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: CCSDK => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EQU8_19 => 3
MSCONFIG\Services: GDCAgent => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPPrintScanDoctorService => 2
MSCONFIG\Services: ImControllerService => 2
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: uncheater_bgl => 3
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "PhotoMasterImportAgent"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "NZXT.CAM"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "RiotClient"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8D4E6D2024FFE84AF89F70F1F149D078"
1 me gusta
==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{3FCF6C86-CA48-4C00-8602-1F94919260C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe => Ningún archivo
FirewallRules: [{E5EFBFAE-3ED5-4B03-98F8-C8C1DA2BD159}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe => Ningún archivo
FirewallRules: [{10DFDEA4-8D17-4C1B-97F9-1B514D7D2C4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe => Ningún archivo
FirewallRules: [{72E62E55-7A6B-4023-8D19-919D78BC7396}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe => Ningún archivo
FirewallRules: [UDP Query User{AE771E4E-DC63-47F6-A02F-E286A8A8FC56}C:\users\erika\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\erika\appdata\local\discord\app-1.0.9006\discord.exe => Ningún archivo
FirewallRules: [TCP Query User{35BA5266-E461-413A-BB21-891EDC26F93B}C:\users\erika\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\erika\appdata\local\discord\app-1.0.9006\discord.exe => Ningún archivo
FirewallRules: [UDP Query User{69D14F26-2F0F-4A06-847A-B203B74D905C}C:\users\erika\music\ultrakill\ultrakill.exe] => (Allow) C:\users\erika\music\ultrakill\ultrakill.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{383793D4-C25D-4B1F-8F3B-CD90D901ADFF}C:\users\erika\music\ultrakill\ultrakill.exe] => (Allow) C:\users\erika\music\ultrakill\ultrakill.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{B92D8F1B-2805-4EA2-B14D-7124111AE16A}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{400E065A-A0BB-4DA3-B39D-1D6E6D773EC9}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{9AE7C60A-1BC2-488F-930E-530594831BD8}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{A0BE4319-A4DA-48FC-9CE6-E2D4B497FEBC}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{EC413EC7-C911-4F96-8BD5-156BE11F1D54}C:\users\erika\music\ultrakill\ultrakill.exe] => (Allow) C:\users\erika\music\ultrakill\ultrakill.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{A9E204FD-1E4E-4250-8743-D0CFD590A9F4}C:\users\erika\music\ultrakill\ultrakill.exe] => (Allow) C:\users\erika\music\ultrakill\ultrakill.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{6BB42161-DCCE-4BB7-92ED-90DBAE6ED5A3}C:\users\erika\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\erika\appdata\local\discord\app-1.0.9004\discord.exe => Ningún archivo
FirewallRules: [TCP Query User{6E7FA309-7D61-489A-9FCB-B83277018FA1}C:\users\erika\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\erika\appdata\local\discord\app-1.0.9004\discord.exe => Ningún archivo
FirewallRules: [UDP Query User{BA792B15-8965-4E31-81CF-ABB58B9F8FA9}C:\users\erika\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\erika\appdata\local\discord\app-1.0.9004\discord.exe => Ningún archivo
FirewallRules: [TCP Query User{B1BCA482-1E23-4D49-8272-380BEF919148}C:\users\erika\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\erika\appdata\local\discord\app-1.0.9004\discord.exe => Ningún archivo
FirewallRules: [UDP Query User{16DDF5DC-366D-47F7-8FC5-3989ABF2B462}C:\program files\epic games\neonabyss\neonabyss.exe] => (Allow) C:\program files\epic games\neonabyss\neonabyss.exe => Ningún archivo
FirewallRules: [TCP Query User{00B46CF9-2F9C-4938-85FE-804AC7604810}C:\program files\epic games\neonabyss\neonabyss.exe] => (Allow) C:\program files\epic games\neonabyss\neonabyss.exe => Ningún archivo
FirewallRules: [UDP Query User{997891E3-357C-44DE-99B1-A61EB972D9D4}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [TCP Query User{0E07BE56-4770-4414-9062-5DD6031C1935}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [UDP Query User{FEA69ACC-83FA-4794-B180-9C3FC5DF2C85}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [TCP Query User{1E5213C6-596C-4A90-A746-890EFF29ADCF}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [UDP Query User{04D71724-51B5-40C1-B503-DC1A95654AA0}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{CBCD515E-1DBD-405E-BA94-9897CACBE652}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{86497C3B-C3D4-498A-8D5C-62C243E3A21D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [Archivo no firmado]
FirewallRules: [{0DA81D71-CB9E-4382-A998-77F6916F2B01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{5C90A8E6-507E-4334-80D0-E44E95863494}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C985BAB8-ED25-47E3-88AE-077EEDD74725}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{126DA483-2581-4693-86D6-43E5DCF8CFBB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A90A3786-6F06-4BF8-8A49-2B75A40D99E3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5F29796-01FF-4A48-B4B8-2BD918A8F3FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast 2\Binaries\Win64\Outlast2.exe (Red Barrels Inc.) [Archivo no firmado]
FirewallRules: [{110D86F3-1D45-4B5D-9FD8-A1C28C5DB02E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast 2\Binaries\Win64\Outlast2.exe (Red Barrels Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{06248CC1-500B-4BF9-83D3-EF101F1ED286}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{3211A032-8E98-4932-870C-F073EB47FE8A}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{A4E330B7-1AE1-450C-96C7-9BE5D34BE762}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{353A8232-818C-4120-BAAE-A229CA15019D}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{DF79E80B-2104-4BCB-93CF-F46255E4258F}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{27BDED2F-6F5C-49A5-83CB-FA0CEC4588A4}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{CCD84569-7EE6-4DDC-B98B-94E5CA5F84AE}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{D264F368-E4F2-40A1-AAA6-A65C8859E2AC}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [Archivo no firmado]
FirewallRules: [{35A2DF18-FD63-4668-8432-EAE4436E6D31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [Archivo no firmado]
FirewallRules: [{5FCB26D7-8B62-4B50-B825-531B71E317B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{E364020F-0AC7-47B3-86B4-0D5DD3FF72C3}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{10F480DD-73E6-46F6-BD02-364A732BC09B}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{54FD9D9D-EE34-43EC-897F-0857A3892E2D}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{066F7AD0-C9C3-4E04-85F4-2FC064118FD0}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{39C363EA-6454-45F3-8F7F-AC0F008713BB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => Ningún archivo
FirewallRules: [{0A49587B-663E-4B22-A26F-634BD2C21242}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => Ningún archivo
FirewallRules: [{CCD1EAC2-1A82-4E67-84E9-37133488F686}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => Ningún archivo
FirewallRules: [{39A7517E-0CBD-40D3-B6B2-9BCC0C84B557}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => Ningún archivo
FirewallRules: [UDP Query User{C8190946-DDA0-42C5-B6C0-738696D5FE81}C:\users\erika\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\erika\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B7EB4F6D-2FFD-4114-B5F7-85932ED4CB95}C:\users\erika\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\erika\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{89D62229-BFD9-4FED-90FE-B8878F01D423}C:\users\erika\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\erika\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{92B7AC9E-DD8B-4B4A-B04F-EAE773A85CAD}C:\users\erika\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\erika\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E6770EA3-CF2A-4DF6-8B36-2A343F265339}C:\users\erika\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{BD265C53-4A9E-4EC8-B387-68076ECD65D7}C:\users\erika\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{1A81A575-345D-4A96-8B6D-C000B840A881}C:\users\erika\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{3AD4A878-B916-44E1-88E0-B7EBB52461E8}C:\users\erika\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe => Ningún archivo
FirewallRules: [{922492A9-0ED8-4567-9C73-6D3ED4188823}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D86CE7B-8BA3-4B99-82C0-8B8569134281}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF284163-3989-4B8E-B8CB-FA3134E92579}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{ACAF961C-B700-45B4-A1A4-69016B1A0CE6}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{301D1A5B-7A94-4A91-AD4C-9A678C79F49F}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{AFEBDDF9-B527-4788-9DFB-2E82F0F198DA}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{0DF117F5-431A-4379-84CC-3AA46734B07F}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{4CE83B07-C76D-4E7C-A442-5D0A0B2BFAC0}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{FECD2A51-E12D-4A2D-83C4-0F1E65668F70}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{05EB8723-0B9B-4C57-AB8B-A6385EBF0AFE}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{2C269432-BC9C-47C1-9FCF-B7525C26C9A7}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{778D9DFF-5F66-45A4-B4F6-B48F36198A8B}C:\users\erika\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{8730167A-BC91-4EC8-B037-2F5CA20E7EAF}C:\users\erika\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{192BB372-A71C-4F8D-8EC5-A021291BED44}C:\users\erika\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{8DE01D79-6E7C-4470-A49E-D9149BFA2C91}C:\users\erika\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{6A96F6EF-5B55-4792-9ED6-B43684F4C1D9}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{DF012FAE-FAAC-4147-9BC1-B93E2216CE1B}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{11F19651-6E31-4698-BDC3-4C066BFE24AC}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{5894EE60-A49E-498A-81B5-1AC05A53DFA1}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Ningún archivo
FirewallRules: [{F53FC516-D1B1-407E-AED1-03C252A0F388}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DC5DEC5C-8B33-4DF0-AD0A-2ED9842223D7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{55001B47-4809-41FB-A17D-C4A28F2542DF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1347D7F2-334F-43B2-9FCC-64EC9434597E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B0765756-ABC6-42DF-825A-6BF63314D867}] => (Allow) C:\Users\erika\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo
FirewallRules: [{21D8EEDB-494F-4C60-8FB8-921790927765}] => (Allow) C:\Users\erika\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{901A625E-ED60-451F-85E5-4F4CC3FF8FA7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{4407BC5A-226A-4E9C-BF29-3E5CEA82BC04}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Ningún archivo
FirewallRules: [{998FA323-8ED3-47CB-B033-4101448117A8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [TCP Query User{944706DC-0A31-477A-B4B4-EA9E625D0B8D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A06B14A0-5C57-4C21-9B34-E8066892BB64}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4064381C-74EB-41CA-981F-D6EB978AEA88}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{EF83285E-7D49-475E-8E76-AFA2AE404AFF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{5239F5AD-75F0-4F47-9F10-AF8B7C3DCD77}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E6E14DDA-A0EF-4DE0-AE6B-B2111E6B70E8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{5ECFB916-812C-4991-B47E-09198AFE8360}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{EF548BFB-AEB6-4988-BC2B-D0DCF3CD099E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{E94E7686-D055-4ED4-94EF-0EAF4B3D04ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{703E1DB5-14E8-4BE3-A45F-A965BBD97C9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{9F393C1C-42C8-4E36-A893-FE602FB1E823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muck\Muck.exe () [Archivo no firmado]
FirewallRules: [{1C7E5033-A453-48BF-893A-22BD02D8C181}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muck\Muck.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{B86C5D21-6064-4792-B601-25E7B3A8C4CB}C:\program files\java\jre1.8.0_361\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_361\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{31978072-558E-4A91-A10F-76F0E11D543F}C:\program files\java\jre1.8.0_361\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_361\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{2F3D4B4B-7915-4B01-A48D-6DD0DF06E838}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{EB860072-11CD-4FAE-A036-9EE06EF372EF}C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{D44F8FCA-C8E6-4A93-AA0E-949419CB51D6}] => (Block) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{153109B2-734E-4E86-B4FF-D54424BB04BC}] => (Block) C:\users\erika\appdata\roaming\.minecraft\runtime\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{64798097-0B99-41AF-BF00-96DAC3166F82}C:\users\erika\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\erika\appdata\local\discord\app-1.0.9013\discord.exe => Ningún archivo
FirewallRules: [UDP Query User{B3ED806C-4315-4261-8185-9786AC075876}C:\users\erika\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\erika\appdata\local\discord\app-1.0.9013\discord.exe => Ningún archivo
FirewallRules: [TCP Query User{11845AB2-1B5B-4EE6-A5A5-74CA13CF3EE1}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe => Ningún archivo
FirewallRules: [UDP Query User{3580B690-2905-4AE4-9072-25B232A4E6A1}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe => Ningún archivo
FirewallRules: [TCP Query User{F50BECC2-F12E-4C1C-8F34-DDBC5EF6E018}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{37FA5027-597E-4010-B266-EFD37EDD5EBB}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{026F2566-6588-46F8-9C3C-166622E3A419}C:\users\erika\downloads\half-life\hl.exe] => (Allow) C:\users\erika\downloads\half-life\hl.exe => Ningún archivo
FirewallRules: [UDP Query User{45972CA2-BD19-494C-AAC8-05B9F1219755}C:\users\erika\downloads\half-life\hl.exe] => (Allow) C:\users\erika\downloads\half-life\hl.exe => Ningún archivo
FirewallRules: [{25E047FF-A003-41C6-A8C9-DC43711C82A3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6CF4E7A-7BEE-4B6E-B952-45AAF67AFFCB}] => (Allow) C:\Program => Ningún archivo
FirewallRules: [{B82D7D6F-5736-4077-B27C-D1D8BDEB26F8}] => (Allow) C:\Program => Ningún archivo
FirewallRules: [{CFC8F9B6-BB85-4CD4-8620-3226CA7374B5}] => (Allow) C:\Program => Ningún archivo
FirewallRules: [{A68BCBB0-F848-4814-9FC9-5464393FD87E}] => (Allow) C:\Program => Ningún archivo
FirewallRules: [TCP Query User{B77B7DED-DD5D-4315-9C24-E29D55CA212F}C:\program files (x86)\mumu\emulator\nemu\emulatorshell\nemuplayer.exe] => (Allow) C:\program files (x86)\mumu\emulator\nemu\emulatorshell\nemuplayer.exe => Ningún archivo
FirewallRules: [UDP Query User{8ED0E726-A1AB-4877-AB8D-43A5FD55F5EC}C:\program files (x86)\mumu\emulator\nemu\emulatorshell\nemuplayer.exe] => (Allow) C:\program files (x86)\mumu\emulator\nemu\emulatorshell\nemuplayer.exe => Ningún archivo
FirewallRules: [{CA1B90A9-39C4-4C3B-8466-48B0D7DABE32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe () [Archivo no firmado]
FirewallRules: [{C0F3F7BB-DA44-4761-8DCA-026477319B88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{143EF6C2-3EF0-4CF0-ACB9-4F277355F255}C:\users\erika\music\half-life\hl.exe] => (Allow) C:\users\erika\music\half-life\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [UDP Query User{E4DBC058-A3B0-4BB4-9F6A-648777C2106C}C:\users\erika\music\half-life\hl.exe] => (Allow) C:\users\erika\music\half-life\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [TCP Query User{6ED0C918-6934-40C0-82E6-26EFDDA7525E}C:\program files\java\jdk-18.0.2.1\bin\javaw.exe] => (Allow) C:\program files\java\jdk-18.0.2.1\bin\javaw.exe
FirewallRules: [UDP Query User{5E463738-D411-4F97-AE75-A0C84CE26181}C:\program files\java\jdk-18.0.2.1\bin\javaw.exe] => (Allow) C:\program files\java\jdk-18.0.2.1\bin\javaw.exe
FirewallRules: [TCP Query User{0A92DBBD-DD86-48A4-8B30-25E86FA34FC8}C:\users\erika\music\stranded deep\stranded_deep.exe] => (Allow) C:\users\erika\music\stranded deep\stranded_deep.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{9881C7E1-5B16-4078-B5DB-E669ABAA586C}C:\users\erika\music\stranded deep\stranded_deep.exe] => (Allow) C:\users\erika\music\stranded deep\stranded_deep.exe () [Archivo no firmado]
FirewallRules: [{5578989E-5486-4CA1-BCA8-90F151431893}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [{9D53CD1D-B722-489D-8C90-EFB0DAB74EF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [{E969685C-B7DD-4C0D-976C-E74743A90B30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (UBISOFT ENTERTAINMENT INC. -> Blue Mammoth Games)
FirewallRules: [{26F80AC8-2E58-4781-BA04-418FB9227B2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (UBISOFT ENTERTAINMENT INC. -> Blue Mammoth Games)
FirewallRules: [TCP Query User{76BA7857-DDBE-42F5-A690-A14D8AC1D7D3}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{29D8EF79-482A-4F8D-9F3E-545E1C0867A2}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3BD35C32-E4A0-4BED-94E4-1CA3283B6754}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.66\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7608722F-3B49-4B65-B251-3AA760F6FFEF}] => (Allow) C:\Program Files (x86)\Overwolf\0.248.120.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{ACDC6FC4-5E6F-472F-9F68-2E03E21CBF34}] => (Allow) C:\Program Files (x86)\Overwolf\0.248.120.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{20043A98-FB75-48AC-AAC4-FBD110328166}] => (Block) C:\Program Files (x86)\Overwolf\0.248.120.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{885963D1-52A8-4BCE-B2C9-12E04131D57A}] => (Block) C:\Program Files (x86)\Overwolf\0.248.120.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{594483F8-FA12-432E-BEDE-2866AA1F1B74}] => (Allow) C:\Users\erika\AppData\Local\Overwolf\ProcessCache\0.248.120.19\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{BD7F09B0-4A06-4B96-A355-8CE8D7A6467C}] => (Allow) C:\Users\erika\AppData\Local\Overwolf\ProcessCache\0.248.120.19\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{3EA574E4-0D93-48D6-93B5-EAFFFA5E29C4}] => (Block) C:\Users\erika\AppData\Local\Overwolf\ProcessCache\0.248.120.19\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2D355BF4-3FE3-4503-A96F-9B69681FFFC7}] => (Block) C:\Users\erika\AppData\Local\Overwolf\ProcessCache\0.248.120.19\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{5ECE35C5-7D75-4188-B4C5-32593A54CF04}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

04-05-2024 04:51:50 Punto de control programado
13-05-2024 03:34:57 Punto de control programado
14-05-2024 12:25:25 Instalador de Módulos de Windows

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/16/2024 10:53:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x259c
Hora de inicio de la aplicación con errores: 0x01daa80dc35fb8cc
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: f1a7db94-3825-4a66-8745-722bf679ca3b
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/16/2024 09:12:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x19c
Hora de inicio de la aplicación con errores: 0x01daa7ff9ea1f255
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: 4fc845c2-a6c3-4d6c-805a-25299c5b4e27
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/16/2024 05:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RobloxPlayerBeta.exe, versión: 0.624.607.14927, marca de tiempo: 0x09673f95
Nombre del módulo con errores: RobloxPlayerBeta.exe, versión: 0.624.607.14927, marca de tiempo: 0x09673f95
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x0000000003491871
Identificador del proceso con errores: 0x1f68
Hora de inicio de la aplicación con errores: 0x01daa7df71330cd9
Ruta de acceso de la aplicación con errores: C:\Users\erika\AppData\Local\Roblox\Versions\version-25dd522b4efe432a\RobloxPlayerBeta.exe
Ruta de acceso del módulo con errores: C:\Users\erika\AppData\Local\Roblox\Versions\version-25dd522b4efe432a\RobloxPlayerBeta.exe
Identificador del informe: ad979f3a-094c-4ec9-942c-ccec2c20b0a7
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/16/2024 03:31:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa StartMenuExperienceHost.exe (versión 0.0.0.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 1c30

Hora de Inicio: 01daa7d003ff1044

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

Id. de informe: 68bfe6f7-bf97-4e46-9071-5500a1e09968

Nombre completo del paquete con errores: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy

Id. de la aplicación relativa al paquete con errores: App

Tipo de bloqueo: Cross-thread

Error: (05/16/2024 03:29:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x1eb8
Hora de inicio de la aplicación con errores: 0x01daa7cfb509e22b
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: ed4e88e1-3447-467b-9fda-3461cdd70c67
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/16/2024 02:40:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x630
Hora de inicio de la aplicación con errores: 0x01daa7c8f03c9a95
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: 1948087d-13b3-40a7-8979-7848a764ebcc
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/16/2024 01:40:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x53c
Hora de inicio de la aplicación con errores: 0x01daa75bd11a2f32
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: c107e3be-acda-4fe5-b52a-701c38b0e615
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/14/2024 08:55:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.3636, marca de tiempo: 0x122dc5a3
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x18cc
Hora de inicio de la aplicación con errores: 0x01daa66acdda363f
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: c253606a-3670-4b7c-b3cc-7a4cc2e54e00
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (05/17/2024 05:20:03 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5VT466CM)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (05/16/2024 10:53:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servicio FrameServer de la Cámara de Windows se terminó de manera inesperada. Esto ha sucedido 4 veces.

Error: (05/16/2024 09:12:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servicio FrameServer de la Cámara de Windows se terminó de manera inesperada. Esto ha sucedido 3 veces.

Error: (05/16/2024 05:23:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5VT466CM)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (05/16/2024 03:50:38 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5VT466CM)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (05/16/2024 03:29:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servicio FrameServer de la Cámara de Windows se terminó de manera inesperada. Esto ha sucedido 2 veces.

Error: (05/16/2024 02:43:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Google Update Servicio (gupdate) no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (05/16/2024 02:43:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Google Update Servicio (gupdate).


Windows Defender:
================
Date: 2024-05-15 19:13:37
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {3B106A97-787A-430B-AF3E-2A30CA7D6343}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2024-05-13 19:46:56
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {AB350D5A-F8A1-4749-9F9E-86EB092FC16D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2024-05-12 21:49:49
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {534B8E85-6367-4069-9996-DF5AE37E2357}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2024-05-12 13:26:13
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {0818054F-ADF2-487F-B267-15F434619064}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2024-05-10 19:34:02
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {2AF10D01-660F-469C-9372-6AF9CBC13785}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2024-05-16 01:57:32
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.411.173.0
Versión anterior de inteligencia de seguridad: 1.411.153.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.24040.1
Versión anterior del motor: 1.1.24040.1
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2024-05-16 01:57:32
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.411.173.0
Versión anterior de inteligencia de seguridad: 1.411.153.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.24040.1
Versión anterior del motor: 1.1.24040.1
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2024-05-16 01:57:24
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.411.153.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.24040.1
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

Date: 2024-04-30 21:24:30
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x80004005
Descripción del error: Error no especificado 
Motivo: El controlador de filtro no examinó los elementos y está en el modo indirecto. Esto puede deberse a recursos insuficientes.

Date: 2024-04-25 20:16:10
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x80004005
Descripción del error: Error no especificado 
Motivo: El controlador de filtro no examinó los elementos y está en el modo indirecto. Esto puede deberse a recursos insuficientes.

CodeIntegrity:
===============
Date: 2024-05-04 11:35:42
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2023-11-22 22:04:22
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-11-04 19:26:30
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Información de la memoria =========================== 

BIOS: LENOVO B0CN97WW 01/08/2016
Placa base: LENOVO Lenovo G50-80
Procesador: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Porcentaje de memoria en uso: 79%
RAM física total: 4011.08 MB
RAM física disponible: 835.75 MB
Virtual total: 6018.47 MB
Virtual disponible: 1793.04 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:885.69 GB) (Free:605.47 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.61 GB) (Model: ST1000LM024 HN-M101MBB) NTFS

\\?\Volume{8b043abd-6d0a-44d7-b613-c68f021fed64}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.29 GB) NTFS
\\?\Volume{aabffd7d-6558-411a-a26c-10e545deacf7}\ (LENOVO_PART) (Fixed) (Total:18.6 GB) (Free:5.54 GB) NTFS
\\?\Volume{4b86d8c1-cdc5-4ed6-af8f-7d1bc8f3b801}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D8404FE0)

Partition: GPT.

==================== Final de Addition.txt =======================
1 me gusta

Hola buenas @Makedish

Ok, tranquilo, no pasa nada. Igualmente gracias por avisar.

Ok.

Falta una parte de este, actualmente se encuentra incompleto y finaliza en la parte de extensiones de Chrome.

Tráelo todo completo, por favor.

Este está todo correcto.

Así que solo sería el primero.

Salu2.

El FRST.txt me sale hasta donde dice chrome. ¿Vuelvo a hacer el análisis? ¿Y envío los dos de nuevo o solo el FRST.txt?