Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 22.05.2024 01 Ejecutado por Marshelo (27-05-2024 00:32:04) Ejecutado desde C:\Users\Marshelo\Desktop Microsoft Windows 10 Home Single Language Versión 22H2 19045.4412 (X64) (2022-11-10 07:33:48) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= (Si una entrada es incluida en el fixlist, será eliminada.) Administrador (S-1-5-21-3531466799-1529173174-3847564146-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3531466799-1529173174-3847564146-503 - Limited - Disabled) Invitado (S-1-5-21-3531466799-1529173174-3847564146-501 - Limited - Disabled) Marshelo (S-1-5-21-3531466799-1529173174-3847564146-1001 - Administrator - Enabled) => C:\Users\Marshelo WDAGUtilityAccount (S-1-5-21-3531466799-1529173174-3847564146-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) Action! (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\Mirillis Action!) (Version: 4.14.0 - Mirillis) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.002.20759 - Adobe) Adobe Audition 2024 (HKLM-x32\...\AUDT_24_2) (Version: 24.2 - Adobe Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.2.0.554.2 - Adobe Inc.) Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_5) (Version: 25.5.0.375 - Adobe Inc.) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AirDroid 3.7.1.2 (HKLM-x32\...\AirDroid) (Version: 3.7.1.2 - Sand Studio) Audacity 3.4.1 (HKLM\...\Audacity_is1) (Version: 3.4.1 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.21.205.1001 - now.gg, Inc.) BlueStacks Services (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\BlueStacksServices) (Version: 3.0.9 - now.gg, Inc.) BlueStacks X (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\BlueStacks X) (Version: 10.41.0.1014 - now.gg, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Camtasia 9 (HKLM\...\{8AD50DED-EE14-4FEC-BC2C-F229C3BEFE58}) (Version: 9.0.3.1627 - TechSmith Corporation) Cheat Engine 7.4 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine) Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Corel Graphics - Windows Shell Extension (HKLM\...\_{52166132-E642-447F-9785-F9133563CE59}) (Version: 17.6.0.1021 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{52166132-E642-447F-9785-F9133563CE59}) (Version: 17.6.1021 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{909C0E2F-44AB-46A4-AE04-8FFCCDEECCFC}) (Version: 17.6.1021 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) CPUID CPU-Z 2.03 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.03 - CPUID, Inc.) Cuphead Deluxe Edition - ElAmigos versión 1.3.2 (HKLM-x32\...\{769FAE74-94DA-476F-8C88-300E6E932232}_is1) (Version: 1.3.2 - StudioMDHR) Desinstalar impresora EPSON L210 Series (HKLM\...\EPSON L210 Series) (Version: - SEIKO EPSON Corporation) Desinstalar Traducción de Camtasia (HKLM\...\{7EE19AB2-A523-4E54-9DF7-EAF087408D59}_is1) (Version: 9.0.3.1627 - Octatec) Discord (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\Discord) (Version: 1.0.9007 - Discord Inc.) ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{A962DC45-5399-454F-B233-46345BCE62C5}) (Version: 1.3.51.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.7 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{CB3DEB84-D804-446F-A6E7-91B83D5F8910}) (Version: 3.11.77 - Seiko Epson Corporation) EPSON L3250 Series Printer Uninstall (HKLM\...\EPSON L3250 Series) (Version: - Seiko Epson Corporation) Epson Photo+ (HKLM-x32\...\{12DE33D1-6FE8-42E1-B54B-6114806BBA40}) (Version: 3.8.2.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{3615C893-F844-4A5B-B949-8409EAB62271}) (Version: 3.00.05 - Seiko Epson Corporation) EPSON Scan PDF Extensions (HKLM-x32\...\{E4C6B326-8218-4FC2-8B48-85A19DAB3AE4}) (Version: 1.03.02.01 - Seiko Epson Corporation) Epson ScanSmart (HKLM-x32\...\{1A1B60BB-F156-4F6D-AD79-8A096B67E9AB}) (Version: 3.7.10 - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) Free Batch Music Splitter version 1.2 (HKLM-x32\...\{9712EBC1-62C7-4875-8E86-8A5C450C3448}_is1) (Version: 1.2 - ozok) Google Earth Pro (HKLM\...\{3470AD08-85F2-4B1D-8487-FC4750732087}) (Version: 7.3.6.9796 - Google) Honeygain (HKLM-x32\...\{A1337C96-49E3-4F97-9916-16853F77D2D4}) (Version: 1.4.0.0 - Honeygain) <==== ATENCIÓN Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Lenovo Now (HKLM-x32\...\Lenovo Now) (Version: 3.13.0.15 - Lenovo Group Ltd.) Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.) Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains) Malwarebytes version 5.1.4.112 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.4.112 - Malwarebytes) Manual Epson L3250_L3251 (HKLM-x32\...\UsersGuideManual Epson L3250_L3251_is1) (Version: 1.0 - Epson America, Inc.) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.67 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{50D6B005-B0D6-425F-953B-01331E2C7FCB}) (Version: 12.3.6024.0 - Microsoft Corporation) Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.17531.20152 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.091.0505.0003 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 RsFx Driver (HKLM\...\{8BE875AE-2A3C-46C1-AD46-5548B86127FA}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2014 Setup (English) (HKLM\...\{EBB05812-AB75-4928-8903-E0EC1570BFCB}) (Version: 12.3.6024.0 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{6CC673B9-F743-47AD-8962-C00CA5300016}) (Version: 12.3.6024.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden Microsoft Visual Basic for Applications 7.1 (x64) Spanish (HKLM\...\{90F60C0A-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.3.6024.0 - Microsoft Corporation) MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2024.0318.01 - MSI) MSVCRT Redists (HKLM\...\{52116C70-79F9-11E6-9541-BB95F5A309BD}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden NVIDIA Controlador de audio HD 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA Controlador de gráficos 546.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.01 - NVIDIA Corporation) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20500 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20152 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden Opera GX Stable 109.0.5097.100 (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\Opera GX 109.0.5097.100) (Version: 109.0.5097.100 - Opera Software) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.250.1.1 - Overwolf Ltd.) Porofessor.gg (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.360 - Overwolf app) ProtonVPN (HKLM-x32\...\{5D0F40C5-4278-4AA0-A06C-7BD24B088624}) (Version: 2.4.3 - Proton Technologies AG) Hidden ProtonVPN (HKLM-x32\...\ProtonVPN 2.4.3) (Version: 2.4.3 - Proton Technologies AG) ProtonVPNTap (HKLM-x32\...\{87BDF456-9882-44E6-8FFC-F73B83E42EAD}) (Version: 1.1.4 - Proton Technologies AG) ProtonVPNTun (HKLM-x32\...\{B1EBF050-CC3E-45B0-9DE5-339C6241F3DA}) (Version: 0.13.1 - Proton Technologies AG) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Rave 1.12.2 (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\be557dd2-1201-5931-9663-5f29db56628a) (Version: 1.12.2 - Rave Inc.) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 10.13.12.0 - Razer Inc.) Riot Client (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc) Riot Repair Tool 1.1.3 (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\980795d3-660d-5bf1-af59-4286bb5d9647) (Version: 1.1.3 - Riot Games Inc.) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.) SelfishNetV3 (HKLM-x32\...\{13B38752-ABCE-4C62-A6DE-A902212A48B7}) (Version: 3.0.0 - nov0caina) Service Pack 3 for SQL Server 2014 (KB4022619) (64-bit) (HKLM\...\KB4022619) (Version: 12.3.6024.0 - Microsoft Corporation) Spotify (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\Spotify) (Version: 1.2.38.720.ga4a70a0e - Spotify AB) SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.3.6024.0 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Turok 2 Seeds of Evil Remastered (HKLM-x32\...\Turok 2 Seeds of Evil Remastered_is1) (Version: - ) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VALORANT (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software) VEGAS Pro 14.0 (64-bit) (HKLM\...\{4D911470-79F9-11E6-9145-BB95F5A309BD}) (Version: 14.0.161 - VEGAS) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.48.0.0 - Voicemod, Inc., Sucursal en España) WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.67 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft) X-Mouse Button Control 2.19.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.19.2 - Highresolution Enterprises) Zoom (HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\ZoomUMX) (Version: 5.17.11 (34827) - Zoom Video Communications, Inc.) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-03-22] (Adobe Systems Incorporated) Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-05-22] (Adobe Systems Incorporated) Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2024-03-22] (Microsoft Corporation) Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20500.501.0_x64__rz1tebttyb220 [2024-03-22] (Dolby Laboratories) Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2403.25.0_x64__k1h2ywk1493x8 [2024-04-09] (LENOVO INC.) Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-05-21] (LENOVO INC) [Startup Task] Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2024-05-08] (Microsoft Studios) MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.35.0_x64__kzh8wxbdkxb8p [2024-04-23] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-23] (NVIDIA Corp.) Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.155.0_x64__pwbj9vvecjh7j [2024-05-07] (Amazon Development Centre (London) Ltd) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2024-03-22] (Realtek Semiconductor Corp) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2419.11.0_x64__cv1g1gvanyjgm [2024-05-20] (WhatsApp Inc.) [Startup Task] XboxInsiderHub -> C:\Program Files\WindowsApps\Microsoft.XboxInsider_1.2404.12001.0_x64__8wekyb3d8bbwe [2024-05-02] (Microsoft Corporation) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001_Classes\CLSID\{04271989-C4D2-E1A3-75E8-CE2AEDE3E344} -> [OneDrive - unica.edu.pe] => C:\Users\Marshelo\OneDrive - unica.edu.pe [2022-12-13 07:38] CustomCLSID: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B973D53DDCA9} -> [Creative Cloud Files Personal Account pamdan88@gmail.com 6C6E5501589F981B0A495EF6@AdobeID] => C:\Users\Marshelo\Creative Cloud Files Personal Account pamdan88@gmail.com 6C6E5501589F981B0A495EF6@AdobeID [2023-05-28 17:25] CustomCLSID: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001_Classes\CLSID\{35A1DBDF-D082-4BE2-9512-C5096B5281B4} -> [MEGAsync] => C:\Users\Marshelo\Documents\MEGAsync [2022-11-12 17:47] CustomCLSID: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001_Classes\CLSID\{52198ba3-aef2-4fea-a304-b2b2edc7cdb1}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2022\CamtasiaStudio.exe" -ToastActivated => Ningún archivo CustomCLSID: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001_Classes\CLSID\{66d7c868-b22d-c2f9-ef63-90654392c6da}\localserver32 -> D:\Voicemod Desktop\VoicemodDesktop.exe (VOICEMOD, INC. SUCURSAL EN ESPAÑA -> Voicemod) CustomCLSID: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> ProtonVPN) CustomCLSID: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marshelo\AppData\Local\MEGAsync\ShellExtX64.dll [2024-03-04] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marshelo\AppData\Local\MEGAsync\ShellExtX64.dll [2024-03-04] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marshelo\AppData\Local\MEGAsync\ShellExtX64.dll [2024-03-04] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-05-22] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-05-22] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-05-22] (Adobe Inc. -> ) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-24] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-05-22] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-11] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Marshelo\AppData\Local\MEGAsync\ShellExtX64.dll [2024-03-04] (Mega Limited -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Marshelo\AppData\Local\MEGAsync\ShellExtX64.dll [2024-03-04] (Mega Limited -> ) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-26] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Marshelo\AppData\Local\MEGAsync\ShellExtX64.dll [2024-03-04] (Mega Limited -> ) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-24] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Marshelo\AppData\Local\MEGAsync\ShellExtX64.dll [2024-03-04] (Mega Limited -> ) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-24] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_13e554e5b0753033\nvshext.dll [2023-08-05] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-05-22] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-11] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-26] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [Archivo no firmado] HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [Archivo no firmado] ==================== Accesos directos & WMI ======================== (Las entradas pueden ser listadas para ser restauradas o eliminadas.) ShortcutWithArgument: C:\Users\Marshelo\Desktop\Trabajo - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\Users\Marshelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1" ==================== Módulos cargados (Lista blanca) ============= 2024-05-27 00:26 - 2024-05-27 00:26 - 002338304 _____ () [Archivo no firmado] \\?\C:\Users\Marshelo\AppData\Local\Temp\f118a787-8464-409f-bb8d-971032096865.tmp.node 2024-05-20 16:40 - 2024-05-08 03:18 - 002862080 _____ () [Archivo no firmado] C:\Users\Marshelo\AppData\Local\Programs\bluestacks-services\ffmpeg.dll 2024-05-20 16:40 - 2024-05-08 03:18 - 000479232 _____ () [Archivo no firmado] C:\Users\Marshelo\AppData\Local\Programs\bluestacks-services\libegl.dll 2024-05-20 16:40 - 2024-05-08 03:18 - 007513600 _____ () [Archivo no firmado] C:\Users\Marshelo\AppData\Local\Programs\bluestacks-services\libglesv2.dll 2024-05-20 16:40 - 2024-05-08 03:18 - 005209088 _____ () [Archivo no firmado] C:\Users\Marshelo\AppData\Local\Programs\bluestacks-services\vk_swiftshader.dll 2018-01-20 03:34 - 2018-01-20 03:34 - 000373248 _____ (IntelleSoft) [Archivo no firmado] C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\BugTrapU-x64.dll 2022-11-23 19:10 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\Newtonsoft.Json.dll 2023-08-08 19:59 - 2023-08-08 19:59 - 000242688 _____ (Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll 2023-08-08 19:59 - 2023-08-08 19:59 - 000057856 _____ (Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\EPNWPSHDevFinder.DLL 2023-08-08 19:59 - 2023-08-08 19:59 - 000291328 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Windows\System32\enppmon.dll 2022-11-23 19:10 - 2017-03-01 10:30 - 000087040 _____ (Wondershare) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCollect.dll 2022-11-23 19:10 - 2017-03-01 10:30 - 000197632 _____ (Wondershare) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCommon.dll ==================== Alternate Data Streams (Lista blanca) ======== (Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.) AlternateDataStreams: C:\ProgramData\bgdcbjgp.cyj:6EA95FB0B0 [5154] AlternateDataStreams: C:\ProgramData\guaoxfgv.mxw:16AED835FD [5154] AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [5154] AlternateDataStreams: C:\ProgramData\rtpeskt:1F3D48CBE8 [5154] AlternateDataStreams: C:\ProgramData\saxdtxmy.hsi:289FB123A5 [5154] AlternateDataStreams: C:\ProgramData\sblcloly.sqw:B8756EACC0 [5154] AlternateDataStreams: C:\ProgramData\wjupqann.dtu:B1EFA54615 [5154] AlternateDataStreams: C:\ProgramData\ygwpujab.vxl:91300E2DFB [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk:93337121EE [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2024.lnk:709CBF00C8 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk:D6CCC992C2 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk:088221F38A [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk:FE00AE19CB [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk:D4B8FFC6DE [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk:C5D586BE93 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk:18AB97065D [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [5154] AlternateDataStreams: C:\Users\Marshelo\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [140] AlternateDataStreams: C:\Users\Marshelo\Downloads\esetonlinescanner (1).exe:MBAM.Zone.Identifier [178] AlternateDataStreams: C:\Users\Marshelo\Downloads\esetonlinescanner.exe:MBAM.Zone.Identifier [162] AlternateDataStreams: C:\Users\Marshelo\Downloads\KVRT.exe:MBAM.Zone.Identifier [182] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8476] ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer (Lista blanca) ========== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-09] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-09] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-09] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-09] (Microsoft Corporation -> Microsoft Corporation) (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE trusted site: HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\sharepoint.com -> hxxps://unicaedupe-files.sharepoint.com ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2023-03-29 16:18 - 2024-05-26 23:28 - 000001031 _____ C:\Windows\system32\drivers\etc\hosts ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %C_EM64T_REDIST11%bin\Intel64;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\QuickTime\QTSystem\ HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marshelo\AppData\Roaming\Microsoft\Windows\Themes\WallpaperEngineOverride_randomWKUVHM.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "AutoAD" HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\StartupApproved\Run: => "AutoAD" HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\StartupApproved\Run: => "Opera GX Stable" HKU\S-1-5-21-3531466799-1529173174-3847564146-1001\...\StartupApproved\Run: => "Discord" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [TCP Query User{8669700C-35BD-41E1-A58B-C66708091CAA}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{1C2C1749-FAC4-44CE-A169-D7784313BE58}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{40686D62-B8E6-4D4F-9BD8-D61B845DE530}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{4A82DA46-59E5-42DE-9B70-0C860B878B61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{DB153E95-1283-4B7D-B899-43B257FBA23D}] => (Allow) C:\Users\Marshelo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{9EE0CC05-36C5-41BC-A7C9-ADDB036B5BAF}] => (Allow) C:\Users\Marshelo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{713A7F6A-C8A7-43DD-ABB9-6300B1CDCAE7}] => (Allow) C:\Users\Marshelo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [TCP Query User{75F66015-38B0-457A-895B-5C98B5828611}C:\users\marshelo\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\marshelo\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{B3D14131-8BE6-43DC-A654-CFF934E87F28}C:\users\marshelo\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\marshelo\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{6F4A0A3C-4168-4267-B8FF-DEFEEDA6BC19}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{B1BEB805-EA60-4EBB-B749-91DDAFEFDC57}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{11BFA0CF-98CE-487E-BE66-2D10F5ABD3B5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{2BD9CA75-9A9C-4562-929D-2E7707867D25}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{0D95340A-F0B9-474A-B2B0-8491236EECD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> ) FirewallRules: [{94737AA6-462A-4A0F-B5DE-09ECD52C2ED2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> ) FirewallRules: [{454D0559-AA56-4E55-8768-191373D065C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{FFFEB259-6329-4345-A803-DE48C34F12EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{2DA85ED9-3037-4A2F-A73B-43B10B10C28B}] => (Allow) C:\Users\Marshelo\Desktop\Office 2019 Fix\Office_2019_Fix\Office_2019_Fix\Programs\AAct Network v1.1.0 Portable\AAct_Network_x64.exe => Ningún archivo FirewallRules: [{6487670F-5325-4BFE-B494-C28A834F2EC5}] => (Allow) C:\Users\Marshelo\Desktop\Office 2019 Fix\Office_2019_Fix\Office_2019_Fix\Programs\AAct Network v1.1.0 Portable\AAct_Network_x64.exe => Ningún archivo FirewallRules: [{6BF7D76C-35E4-437C-A1A1-4F7DF2B2A434}] => (Allow) LPort=1688 FirewallRules: [TCP Query User{E41BB9AD-85DC-45FC-B02C-DADDC277391F}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Ningún archivo FirewallRules: [UDP Query User{2FBC20FF-31F0-49D2-B860-9B79FD94EFC9}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Ningún archivo FirewallRules: [TCP Query User{1F466F46-4F64-4A9C-AF07-93044E413361}C:\windows.old\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\windows.old\program files (x86)\overwatch\_retail_\overwatch.exe => Ningún archivo FirewallRules: [UDP Query User{B998FEC1-C534-4B21-B666-146188C120CE}C:\windows.old\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\windows.old\program files (x86)\overwatch\_retail_\overwatch.exe => Ningún archivo FirewallRules: [TCP Query User{D7F27A80-AD1D-4D13-8FB4-A751B3226FDD}C:\program files (x86)\call of duty\_retail_\cod.exe] => (Allow) C:\program files (x86)\call of duty\_retail_\cod.exe => Ningún archivo FirewallRules: [UDP Query User{56C5C6DC-BB3F-4A82-8B7F-19421F2AB5AE}C:\program files (x86)\call of duty\_retail_\cod.exe] => (Allow) C:\program files (x86)\call of duty\_retail_\cod.exe => Ningún archivo FirewallRules: [TCP Query User{B1B0EF30-52D7-461A-9871-D4E2A4FFA877}C:\program files (x86)\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files (x86)\wondershare\mirrorgo\mirrorgo.exe => Ningún archivo FirewallRules: [UDP Query User{0D155F05-6856-4991-AD13-F4D385899A82}C:\program files (x86)\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files (x86)\wondershare\mirrorgo\mirrorgo.exe => Ningún archivo FirewallRules: [TCP Query User{8ADF14C8-3C83-474C-B7F2-C0CCE24E5F4A}C:\users\marshelo\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\marshelo\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{FB3EB87D-9CCF-4D19-BDF2-F986D249A22C}C:\users\marshelo\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\marshelo\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{5AAA8C8F-9D80-4B16-B8F7-D66C874018AE}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{4178A5A7-C5B6-4961-A493-2CE6E2DCEF72}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{B6BE1278-8F5D-4F40-BAD4-9BA579E12475}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{B6513C18-C248-410C-8214-B230AB7C614E}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{5AF379A1-FBDE-434F-952E-B7A89B76879C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Ningún archivo FirewallRules: [UDP Query User{CFEAEB3E-EA52-40F5-9855-00911CFCB1E3}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Ningún archivo FirewallRules: [TCP Query User{F8BBD6C1-792B-41E1-B019-0AECFBA6B2BA}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{7A82E1ED-3C49-4289-B13E-79AE9B6725F1}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{04D96DF4-11ED-4E24-B13B-2618F4FF7769}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Archivo no firmado] FirewallRules: [{A011802C-E746-41BD-9A3E-32715C2BDE62}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Archivo no firmado] FirewallRules: [TCP Query User{5F0BEC25-3DA0-410B-AD05-AE93DE304C9B}D:\games\pummel party v1.11.2d-pivigames.blog\pummelparty.exe] => (Allow) D:\games\pummel party v1.11.2d-pivigames.blog\pummelparty.exe => Ningún archivo FirewallRules: [UDP Query User{4AE1A4E9-B631-4825-9B53-3C8EDE0A8400}D:\games\pummel party v1.11.2d-pivigames.blog\pummelparty.exe] => (Allow) D:\games\pummel party v1.11.2d-pivigames.blog\pummelparty.exe => Ningún archivo FirewallRules: [{47B69706-C007-460C-9CAE-84FA0061711F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{009F6907-5293-4534-AF2A-D4B83D2ED9E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C2F3286E-3A43-44CA-B889-47402C3337B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A9B37BF1-6058-4C46-A95D-C80A14394600}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{20646715-ECEA-4474-A5FA-FAF56FBEC1E6}] => (Allow) C:\Users\Marshelo\AppData\Roaming\.Salwyrr\launcher\bootstrap\jre\bin\javaw.exe => Ningún archivo FirewallRules: [{FCE7D631-BFB2-41F2-A5C7-779B99B29BFC}] => (Allow) C:\Users\Marshelo\AppData\Roaming\.Salwyrr\launcher\jre\bin\javaw.exe => Ningún archivo FirewallRules: [{66465188-5BB0-4C9B-A1C7-F73667BC760F}] => (Allow) C:\Users\Marshelo\AppData\Roaming\.Salwyrr\launcher\java-runtime-alpha\bin\javaw.exe => Ningún archivo FirewallRules: [{705E7028-55C7-4D7D-B7EC-1DABF2327D03}] => (Allow) C:\Users\Marshelo\AppData\Roaming\.Salwyrr\launcher\bootstrap\jre\bin\java.exe => Ningún archivo FirewallRules: [{B1CA3FAA-C341-44C0-9E7D-7BBD4496DB66}] => (Allow) C:\Users\Marshelo\AppData\Roaming\.Salwyrr\launcher\jre\bin\java.exe => Ningún archivo FirewallRules: [{EE3E7DDD-F485-44A7-AA18-ACCF469FA09B}] => (Allow) C:\Users\Marshelo\AppData\Roaming\.Salwyrr\launcher\java-runtime-alpha\bin\java.exe => Ningún archivo FirewallRules: [TCP Query User{72C87631-8F7F-4126-B718-699D809ABF48}C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{48167E2B-5412-4083-9B6F-192A9131874B}C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{142DBC42-C7C7-4B8C-9969-9FFAEB5F0C5D}C:\program files\ansys inc\ansys student\v222\licensingclient\winx64\ansyscl.exe] => (Allow) C:\program files\ansys inc\ansys student\v222\licensingclient\winx64\ansyscl.exe => Ningún archivo FirewallRules: [UDP Query User{41B91A9B-4047-492F-B93C-A9EFA6FB7342}C:\program files\ansys inc\ansys student\v222\licensingclient\winx64\ansyscl.exe] => (Allow) C:\program files\ansys inc\ansys student\v222\licensingclient\winx64\ansyscl.exe => Ningún archivo FirewallRules: [TCP Query User{4ACAEBE4-7797-41CB-AB46-4BE2B7C4209F}C:\program files\ansys inc\ansys student\v222\turbogrid\bin\winnt-amd64\tggui_ogl.exe] => (Allow) C:\program files\ansys inc\ansys student\v222\turbogrid\bin\winnt-amd64\tggui_ogl.exe => Ningún archivo FirewallRules: [UDP Query User{D8512226-997E-4558-985D-EFDE9564DEA8}C:\program files\ansys inc\ansys student\v222\turbogrid\bin\winnt-amd64\tggui_ogl.exe] => (Allow) C:\program files\ansys inc\ansys student\v222\turbogrid\bin\winnt-amd64\tggui_ogl.exe => Ningún archivo FirewallRules: [TCP Query User{DC24C4D8-51C8-4D50-A03B-457D1691499E}C:\program files\ansys inc\ansys student\v222\turbogrid\bin\winnt-amd64\tgengine.exe] => (Allow) C:\program files\ansys inc\ansys student\v222\turbogrid\bin\winnt-amd64\tgengine.exe => Ningún archivo FirewallRules: [UDP Query User{9903D3B4-6C92-4C31-977B-8F94AFEE6CDF}C:\program files\ansys inc\ansys student\v222\turbogrid\bin\winnt-amd64\tgengine.exe] => (Allow) C:\program files\ansys inc\ansys student\v222\turbogrid\bin\winnt-amd64\tgengine.exe => Ningún archivo FirewallRules: [TCP Query User{46A289A7-635A-4D85-8D6F-271EEC15F9EB}C:\program files\ansys inc\ansys student\v222\cei\ensight222\machines\win64\ens222cl.exe] => (Allow) C:\program files\ansys inc\ansys student\v222\cei\ensight222\machines\win64\ens222cl.exe => Ningún archivo FirewallRules: [UDP Query User{0D963708-916E-4366-9B71-01ECBF9FAE75}C:\program files\ansys inc\ansys student\v222\cei\ensight222\machines\win64\ens222cl.exe] => (Allow) C:\program files\ansys inc\ansys student\v222\cei\ensight222\machines\win64\ens222cl.exe => Ningún archivo FirewallRules: [{007E89CB-35D5-4129-BB6A-9B941A33BEE2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4A9ECE65-0CE9-461E-9C3B-BFB7C983CA67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E4E34079-00A4-4BFA-99D9-E0067B448663}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1F235451-781D-48A7-9818-4CA7CA0F5E11}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0687B727-89E6-4C22-B3EC-559439FBBDD6}] => (Allow) LPort=8028 FirewallRules: [{6FF1067F-AE2B-43E2-A93A-3F3539DE0017}] => (Allow) LPort=8028 FirewallRules: [{DB9A66A9-1682-4AA0-A5C2-29603532C8B7}] => (Allow) LPort=8028 FirewallRules: [TCP Query User{FC619605-D638-42F3-B0F5-DE030DDBCD5C}C:\users\marshelo\appdata\local\programs\opera gx\94.0.4606.79_0\opera.exe] => (Allow) C:\users\marshelo\appdata\local\programs\opera gx\94.0.4606.79_0\opera.exe => Ningún archivo FirewallRules: [UDP Query User{182A5C00-D823-4D9B-BB86-FE1743847B51}C:\users\marshelo\appdata\local\programs\opera gx\94.0.4606.79_0\opera.exe] => (Allow) C:\users\marshelo\appdata\local\programs\opera gx\94.0.4606.79_0\opera.exe => Ningún archivo FirewallRules: [{2EB4220C-7F42-4F96-9119-FF0CBD34E603}] => (Allow) LPort=8028 FirewallRules: [TCP Query User{E822A272-265A-4D19-BE9B-06A1A16F1BE0}C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe FirewallRules: [UDP Query User{14A2AD7E-E17A-4ABD-B343-51E7ECA75099}C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe FirewallRules: [TCP Query User{2BA165FD-C771-44B4-896B-22B9ADAB6A39}C:\users\marshelo\appdata\local\programs\opera gx\94.0.4606.79_0\opera.exe] => (Allow) C:\users\marshelo\appdata\local\programs\opera gx\94.0.4606.79_0\opera.exe => Ningún archivo FirewallRules: [UDP Query User{8C058A9B-7714-42E7-97B1-955651E0EC8C}C:\users\marshelo\appdata\local\programs\opera gx\94.0.4606.79_0\opera.exe] => (Allow) C:\users\marshelo\appdata\local\programs\opera gx\94.0.4606.79_0\opera.exe => Ningún archivo FirewallRules: [{C14F1C71-5917-4EC7-A861-98DA016466D4}] => (Allow) LPort=8028 FirewallRules: [TCP Query User{043ACEDD-C4FF-4424-A981-E66018FD1D40}C:\users\marshelo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marshelo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{DD1E0383-B9CF-488E-8EE6-88BA3FDDFC99}C:\users\marshelo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marshelo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{77811557-5AB8-4EBD-9EDA-BB400DCC6628}C:\users\marshelo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marshelo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{7E694736-E26F-405F-8ADD-35CFF966425B}C:\users\marshelo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marshelo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{AE569634-C25A-4AD3-8F62-05B1F2F08AC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{F8C2D72F-5CFB-4A26-9D19-FED46344179F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{06474F4C-D765-48A8-BF9E-195A004B10EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{C16E7378-CD84-4A22-BB51-4A58E169631D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{5BC3965B-9670-4F3D-BD3D-822480DB320B}C:\users\marshelo\desktop\kovaak's aim trainer by random paradise\kovaaks fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) C:\users\marshelo\desktop\kovaak's aim trainer by random paradise\kovaaks fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe => Ningún archivo FirewallRules: [UDP Query User{E2C65AC4-0282-4375-B0A6-36C445EF8188}C:\users\marshelo\desktop\kovaak's aim trainer by random paradise\kovaaks fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) C:\users\marshelo\desktop\kovaak's aim trainer by random paradise\kovaaks fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe => Ningún archivo FirewallRules: [{FBC6125B-529D-4F75-B6B6-A1D17761C2CD}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => Ningún archivo FirewallRules: [{956BDB30-3D66-4879-85D7-234EC21539F2}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => Ningún archivo FirewallRules: [{56BBC3AB-DF11-497B-94A3-A6AE7D7FEB79}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Ningún archivo FirewallRules: [{52CDF26F-DE76-4941-A683-2585151B0A68}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Ningún archivo FirewallRules: [{365FD413-0DE7-4574-8AA4-97900B8C95B6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Ningún archivo FirewallRules: [{ABEBC732-3FB6-4E85-B314-EFDE82627957}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Ningún archivo FirewallRules: [{BCFA8B63-E01F-4F5B-B63D-763D578C9E4F}] => (Allow) LPort=8318 FirewallRules: [{3652334C-4B2C-4D19-A2A7-59F559E02C75}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C3E22149-17F0-48B2-BE81-4E10EF300C28}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8E97DFB5-E473-4100-BFB2-3F1929FE5E8D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2A70CABF-8BA9-4085-AC7F-4372D8DDE53F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{19D340AB-2042-46A6-B6CE-56A1B1D8C067}C:\games\resident evil 4 2023\re4.exe] => (Allow) C:\games\resident evil 4 2023\re4.exe => Ningún archivo FirewallRules: [UDP Query User{A651CDC0-CE96-4115-B9B2-FE9747CFA45B}C:\games\resident evil 4 2023\re4.exe] => (Allow) C:\games\resident evil 4 2023\re4.exe => Ningún archivo FirewallRules: [{9119429E-CD70-4A8F-AA60-D8E10B02F32A}] => (Allow) LPort=32682 FirewallRules: [{D6A22232-EF4D-4DD0-A606-E410A3C8E768}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation) FirewallRules: [{0BBA869F-1E62-4E43-9FFD-27BA9EBFA06F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation) FirewallRules: [{59E2DAC7-A8E0-47F3-9E5C-089558D6DBA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{93FCB818-CB88-476B-B506-AC18C69418E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [TCP Query User{4DA72178-74E8-40A0-8587-76680B5F6046}C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{7E156F6E-B7F4-402D-B562-C41F7C7C2990}C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\marshelo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{0D19C2D4-EB25-4BAC-BAE2-57DA216C7876}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [UDP Query User{4B3DD6B2-D5B8-477C-8E28-8B8B1CEFDF69}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [TCP Query User{8BC9AB28-9F84-4B82-8A36-58A4C5F4B582}C:\program files (x86)\imyfone magicmic\magicmic.exe] => (Allow) C:\program files (x86)\imyfone magicmic\magicmic.exe => Ningún archivo FirewallRules: [UDP Query User{304BAF87-6473-4C49-8FF9-1CC47A1E0261}C:\program files (x86)\imyfone magicmic\magicmic.exe] => (Allow) C:\program files (x86)\imyfone magicmic\magicmic.exe => Ningún archivo FirewallRules: [TCP Query User{F0B90112-D998-481B-BBD6-1C4BC4D3AE31}C:\users\marshelo\downloads\mmvcserversio_win_onnxgpu-cuda_v.1.5.3.16a\mmvcserversio\mmvcserversio.exe] => (Allow) C:\users\marshelo\downloads\mmvcserversio_win_onnxgpu-cuda_v.1.5.3.16a\mmvcserversio\mmvcserversio.exe => Ningún archivo FirewallRules: [UDP Query User{0403E5A3-FC68-4DD8-A91D-E58D92B64DC6}C:\users\marshelo\downloads\mmvcserversio_win_onnxgpu-cuda_v.1.5.3.16a\mmvcserversio\mmvcserversio.exe] => (Allow) C:\users\marshelo\downloads\mmvcserversio_win_onnxgpu-cuda_v.1.5.3.16a\mmvcserversio\mmvcserversio.exe => Ningún archivo FirewallRules: [TCP Query User{1DB1B082-E856-4C0B-A3F6-69BACEC86F0C}C:\users\marshelo\desktop\gd 2.2\geometry 2.2.exe] => (Allow) C:\users\marshelo\desktop\gd 2.2\geometry 2.2.exe () [Archivo no firmado] FirewallRules: [UDP Query User{78380BD1-8C17-47AB-BC0A-AC85D1F384D2}C:\users\marshelo\desktop\gd 2.2\geometry 2.2.exe] => (Allow) C:\users\marshelo\desktop\gd 2.2\geometry 2.2.exe () [Archivo no firmado] FirewallRules: [{C747327B-C779-455C-BBD1-4A8D193FC1A8}] => (Allow) D:\Voicemod Desktop\VoicemodDesktop.exe (VOICEMOD, INC. SUCURSAL EN ESPAÑA -> Voicemod) FirewallRules: [{6D206569-75F0-48EE-9EC6-986D64788E97}] => (Allow) D:\Voicemod Desktop\VoicemodDesktop.exe (VOICEMOD, INC. SUCURSAL EN ESPAÑA -> Voicemod) FirewallRules: [TCP Query User{B7F3B89E-C76B-4FB6-BF51-DEC2B2E951F5}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{A3A6AE76-F00C-48FB-8305-6EEA71CB051D}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{E732692A-EE74-4C5E-A907-29679B9848F6}] => (Allow) C:\Users\Marshelo\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Ningún archivo FirewallRules: [{0669AFA3-E84E-4A85-BCB8-A800D2F99430}] => (Allow) C:\Users\Marshelo\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Ningún archivo FirewallRules: [{9BF5439B-17D6-4E24-AA82-1A8BE1ECF4E2}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{7F659356-7709-4D73-BE8B-805D40D6B5D7}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [TCP Query User{D29ECD62-29DE-473E-8E04-EF6E1E23F3E3}C:\users\marshelo\appdata\local\programs\rave-desktop\rave.exe] => (Allow) C:\users\marshelo\appdata\local\programs\rave-desktop\rave.exe (Rave Inc. -> Rave Inc.) FirewallRules: [UDP Query User{06C20698-CF18-49F0-AF16-DBD5C39E4E48}C:\users\marshelo\appdata\local\programs\rave-desktop\rave.exe] => (Allow) C:\users\marshelo\appdata\local\programs\rave-desktop\rave.exe (Rave Inc. -> Rave Inc.) FirewallRules: [{390A3D5A-A294-416A-B3CA-A461249BE1A0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{33C6DD30-3CC5-4486-805B-50F6A9F1BA9B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{92DF8C62-AA29-445A-A72B-4D64E8AB84A7}] => (Allow) C:\Program Files (x86)\Overwolf\0.250.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{28680D10-130D-4A10-BBC7-6C6B3084CA57}] => (Allow) C:\Program Files (x86)\Overwolf\0.250.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{267D7218-84A6-4B5F-904D-ED492697237B}] => (Block) C:\Program Files (x86)\Overwolf\0.250.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{FFF19CC2-FFDC-44A2-9B7F-01DB491AE7A9}] => (Block) C:\Program Files (x86)\Overwolf\0.250.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{7234FEF6-FE9F-4011-AB0E-D1FC3730F394}] => (Allow) C:\Users\Marshelo\AppData\Local\Overwolf\ProcessCache\0.250.1.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{F389D7D1-56D1-42A9-BE52-3120880B30C1}] => (Allow) C:\Users\Marshelo\AppData\Local\Overwolf\ProcessCache\0.250.1.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{D897E13A-2C51-4CF5-B001-C5D2AA198F36}] => (Block) C:\Users\Marshelo\AppData\Local\Overwolf\ProcessCache\0.250.1.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{77B759C3-CFBB-49AE-93E6-923927B77A32}] => (Block) C:\Users\Marshelo\AppData\Local\Overwolf\ProcessCache\0.250.1.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{CF5A54CE-A74C-4776-B89B-1FDE4AD093DC}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.) FirewallRules: [{4959DA34-EFA2-4E48-BAE7-1FAD36CC72E7}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Ningún archivo FirewallRules: [{26E20FDA-65C4-4E23-8E4D-2212F23C30C8}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems) FirewallRules: [{69913259-F995-49EF-BA26-C06B461A3C67}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.) FirewallRules: [TCP Query User{9EB5DFDD-2246-4496-A394-DC55ABBB6202}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [UDP Query User{7AE20677-94B6-4D5B-9A52-3DCA20FC9362}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [TCP Query User{5F156BB0-D3C8-41C7-8A3B-2BC18E5332C9}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC) FirewallRules: [UDP Query User{7D42B1CF-C216-4A3E-B801-8541EDB961EC}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC) FirewallRules: [{CB207489-AD3D-43EB-8FBE-E569DB4FDF99}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{92CAAA02-F43D-49B7-9D15-4DE57A1B6374}] => (Allow) LPort=32683 FirewallRules: [{268AD0F2-4F86-4F4E-B13A-D1A71E40FB22}] => (Allow) LPort=26822 ==================== Puntos de Restauración ========================= 27-05-2024 00:10:18 Quitado TeighaX 3.09 ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (05/27/2024 12:25:06 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.. Error: (05/27/2024 12:25:06 AM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.] Error: (05/27/2024 12:25:06 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.. Error: (05/27/2024 12:25:06 AM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.] Error: (05/27/2024 12:13:32 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.. Error: (05/27/2024 12:13:32 AM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.] Error: (05/27/2024 12:07:46 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.. Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Error: (05/27/2024 12:05:37 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.. Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Errores del sistema: ============= Error: (05/27/2024 12:28:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Google Update Servicio (gupdate) no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control. Error: (05/27/2024 12:28:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Google Update Servicio (gupdate). Error: (05/27/2024 12:25:51 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: La actualización de arranque seguro no pudo actualizar una variable de arranque seguro con el error -2147020471. Para más información, consulta https://go.microsoft.com/fwlink/?linkid=2169931 Error: (05/27/2024 12:25:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio GameInput Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio. Error: (05/27/2024 12:25:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio SolidWorks Flexnet Server no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado. Error: (05/27/2024 12:25:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio GameInput Service se cerró con el siguiente error: El archivo compuesto GameInput Service se creó con una versión de almacenamiento más reciente. Error: (05/27/2024 12:25:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ElevationService no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado. Error: (05/27/2024 12:16:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Malwarebytes Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio. Windows Defender: ================ Date: 2024-05-25 14:17:37 Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {C0A4C5CD-C959-4880-B424-40814D16114A} Tipo de examen: Antimalware Parámetros de examen: Examen completo Usuario: DESKTOP-1P1R208\Marshelo Date: 2024-05-24 10:34:17 Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {651509F2-24F5-4353-9623-D9F42C27025B} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2024-05-23 17:58:41 Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS!pz&threatid=2147890609&enterprise=0 Nombre: HackTool:Win32/AutoKMS!pz Id.: 2147890609 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: DESKTOP-1P1R208\Marshelo Nombre de proceso: C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe Versión de inteligencia de seguridad: AV: 1.411.318.0, AS: 1.411.318.0, NIS: 1.411.318.0 Versión de motor: AM: 1.1.24040.1, NIS: 1.1.24040.1 Date: 2024-05-23 17:58:39 Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS!pz&threatid=2147890609&enterprise=0 Nombre: HackTool:Win32/AutoKMS!pz Id.: 2147890609 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: DESKTOP-1P1R208\Marshelo Nombre de proceso: C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe Versión de inteligencia de seguridad: AV: 1.411.318.0, AS: 1.411.318.0, NIS: 1.411.318.0 Versión de motor: AM: 1.1.24040.1, NIS: 1.1.24040.1 Date: 2024-05-23 14:50:21 Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS.I!MTB&threatid=2147743522&enterprise=0 Nombre: HackTool:MSIL/AutoKMS.I!MTB Id.: 2147743522 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\Marshelo\Downloads\KMSAutoPortable\KMSAuto.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: DESKTOP-1P1R208\Marshelo Nombre de proceso: C:\Windows\explorer.exe Versión de inteligencia de seguridad: AV: 1.411.318.0, AS: 1.411.318.0, NIS: 1.411.318.0 Versión de motor: AM: 1.1.24040.1, NIS: 1.1.24040.1 Event[0]: Date: 2024-05-27 00:13:33 Description: Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior. Inteligencia de seguridad intentada: Copia de seguridad Código de error: 0x80004004 Descripción del error: Operación anulada Versión de inteligencia de seguridad: 1.411.375.0;1.411.375.0 Versión del motor: 1.1.24040.1 Date: 2024-05-27 00:13:33 Description: Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior. Inteligencia de seguridad intentada: Actual Código de error: 0x80501102 Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. Versión de inteligencia de seguridad: 1.411.378.0;1.411.378.0 Versión del motor: 1.1.24040.1 Date: 2024-03-22 13:54:00 Description: Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior. Inteligencia de seguridad intentada: Actual Código de error: 0x80070003 Descripción del error: El sistema no puede encontrar la ruta especificada. Versión de inteligencia de seguridad: 0.0.0.0;0.0.0.0 Versión del motor: 0.0.0.0 Date: 2024-03-22 13:28:53 Description: Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior. Inteligencia de seguridad intentada: Actual Código de error: 0x80070003 Descripción del error: El sistema no puede encontrar la ruta especificada. Versión de inteligencia de seguridad: 0.0.0.0;0.0.0.0 Versión del motor: 0.0.0.0 Date: 2024-03-22 12:35:09 Description: La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. CodeIntegrity: =============== Date: 2024-05-27 00:28:31 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2024-05-27 00:26:09 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2024-05-27 00:25:55 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Información de la memoria =========================== BIOS: LENOVO BGCN36WW 05/24/2022 Placa base: LENOVO LNVNB161216 Procesador: Intel(R) Core(TM) i5-9300HF CPU @ 2.40GHz Porcentaje de memoria en uso: 43% RAM física total: 16295.18 MB RAM física disponible: 9253.34 MB Virtual total: 20007.18 MB Virtual disponible: 11087.23 MB ==================== Unidades ================================ Drive c: (Windows) (Fixed) (Total:464.96 GB) (Free:113.52 GB) (Model: NVMe KINGSTON SNV2S50) NTFS Drive d: (awa) (Fixed) (Total:680.26 GB) (Free:634.51 GB) (Model: WDC WD10SPZX-24Z10) NTFS Drive e: (uwu) (Fixed) (Total:250 GB) (Free:249.17 GB) (Model: WDC WD10SPZX-24Z10) NTFS \\?\Volume{f4a63ec2-1225-487a-8d0a-b22e5134bbca}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.43 GB) NTFS \\?\Volume{a7328f1c-608a-11ed-aa67-283926c62c2e}\ (WINRE_DRV) (Fixed) (Total:0.54 GB) (Free:0 GB) NTFS \\?\Volume{d7706ce2-d1ac-4187-a2f3-032cbabce0d1}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 \\?\Volume{8a39cfbe-2710-0000-686a-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: A6C8A3CE) Partition: GPT. ========================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: 00004823) Partition: GPT. ==================== Final de Addition.txt =======================