Infectado con malware

Hola buenas @Ouroboros en primer lugar mis disculpas en que haya tardado tanto en responder. Pues recientemente (en Setiembre) tuve que someterme a una compleja cirugía médica y esto me ha dejado K.O. durante un mes y algo.

Después llevo muchas cosas en la cabeza y el foro es una de ellas, es uno de mis pequeños pasatiempos… y se me paso tu caso… ahora empezaré a revisar, ya que creo que tengo más casos pendientes de antes … Pero ahora no puedo darles demanda a todos de golpe. Así que se hace lo que buenamente se puede.

OK. Tranquilo lo he analizado, el informe es correcto no hay nada mal hecho por tu parte.

Ok. Tranquilo aunque el rojo y nombres como Trojan.Win32.Hosts2.gen o similares puedan parecer muy alarmantes bueno… no lo son tanto.

OK

Del malwarebytes puede que en un caso haya tardado mucho más y en otro mucho menos dependiendo de si has analizado dispositivos externos u otros discos duros internos.

¿En ambos análisis analizaste el mismo número de dispositivos internos y externos?

Me comentas como sigue tu PC respecto al problema inicial planteado en este tema.

Salu2.

Hola, buenas @Ouroboros

¿Has podido realizar algún avance acerca de lo que te pregunté/comenté?

Me comentas.

Salu2.

Buenas @MIXU

No te preocupes espero que estés recuperado…

Si lo mismo en ambos lo único que cambia es que no estaba activado el análisis de rootkits…

El pc va bien excepto por lo que te comente te dejo lo que te dije por aquí…

Sigo teniendo el mismo problema sobre todo mi cuenta de microsoft todos los días varios intentos de diferentes ip’s para entrar pero todavía no cambie mi mail y en otras cuentas que tengo también hay intentos pero más esporádico… lo del iphone y la unidad externa de dvd me sigue pasando lo que te comente…

Nada más muchas gracias por la ayuda…

Saludos.

Hola buenas @Ouroboros

Ok. Gracias.

OK, entendido.

OK.

OK.

Ok. De esto te comento después.

OK.

Ok. De nada. Vamos a por esto:

Para ello quiero ver más profundamente las entrañas de tu máquina, a ver qué está pasando:

[color=#2271b3] EN BUSCA / ELIMINACIÓN DE MALWARE [/color]

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

[color=#ff00]LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE[/color] (y no en otro sitio).

Descargas Farbar Recovery Scan Tool [color=#ff00]MUY IMPORTANTE[/color] >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe[size=2] (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).[/size]

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

[color=#ff00]Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.[/color] [color=#ff00]También conectas nuevamente tu equipo a Internet.[/color]

[color=#2271b3] PRÓXIMA RESPUESTA[/color]

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

[color=#ff0000]Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:[/color]

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Buenas @MIXU te dejo los informes que me pediste.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 30-11-2023 02
Ejecutado por fjpol (administrador) sobre INFRARED (ASUS System Product Name) (02-12-2023 16:23:39)
Ejecutado desde C:\Users\fjpol\Desktop\FRST64.exe
Perfiles cargados: fjpol
Plataforma: Microsoft Windows 10 Pro Versión 22H2 19045.3693 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Opera
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.141\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.141\BraveCrashHandler64.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.97\msedgewebview2.exe <6>
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Nahimic\NahimicMonitorX64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Opera GX\opera.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera GX\104.0.4944.80\opera_crashreporter.exe
(C:\Users\fjpol\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\fjpol\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(cmd.exe ->) (DroidMonkey Apps, LLC -> ) C:\Program Files\KeePassXC\keepassxc-proxy.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Opera Norway AS -> Opera Software) C:\Program Files\Opera GX\opera.exe <47>
(services.exe ->) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.27\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
(services.exe ->) (GuinpinSoft inc) [Archivo no firmado] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_1d1c7ad354f3422f\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_4e58e7ac1d277d04\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f8a05495a6e8bc10\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Schneider Electric -> Schneider Electric) [Archivo no firmado] C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(services.exe ->) (Schneider Electric -> Schneider Electric) [Archivo no firmado] C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(services.exe ->) (Shenzhen Moyea Software -> Leawo Software) C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files\Windscribe\WindscribeService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\fjpol\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(services.exe ->) (Zaozhuang Shizhong District Bopsoft Sales Department -> ) C:\Program Files\Listary\Listary.Service.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.52331.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f8a05495a6e8bc10\RtkAudUService64.exe [3496120 2022-05-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [14036304 2023-09-28] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3274640 2023-06-03] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [BraveVpnWireguardService] => C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.125\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10797080 2023-11-29] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2023-11-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera GX Browser Assistant] => C:\Program Files\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [480176 2019-06-07] (Schneider Electric -> Schneider Electric) [Archivo no firmado]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restricción <==== ATENCIÓN
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.4.0\GoogleDriveFS.exe --startup_mode (Ningún archivo)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2591152 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.4.0\GoogleDriveFS.exe --startup_mode (Ningún archivo)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2591152 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Run: [] => [X]
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Run: [QMxNetworkSync] => [X]
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2654824 2023-11-13] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3243784 2020-09-08] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Run: [qBittorrent] => C:\Program Files\qBittorrent\qbittorrent.exe [29919744 2023-06-18] (The qBittorrent Project) [Archivo no firmado]
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2591152 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Run: [Listary] => C:\Program Files\Listary\Listary.exe [2275392 2023-07-02] (Zaozhuang Shizhong District Bopsoft Sales Department -> )
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [12277144 2023-10-17] (Proton Technologies AG -> ProtonVPN)
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24743688 2023-02-20] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.4.0\GoogleDriveFS.exe --startup_mode (Ningún archivo)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (Ningún archivo)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.125\Installer\chrmstp.exe [2023-11-29] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{1279CDF3-71C0-4210-AA45-BAB70B367777}] -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2023-08-09]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric -> Schneider Electric) [Archivo no firmado]
Startup: C:\Users\fjpol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pulsar Fusion Wireless Mice.lnk [2023-11-07]
ShortcutTarget: Pulsar Fusion Wireless Mice.lnk -> C:\Program Files (x86)\Pulsar Fusion Wireless Mice\Pulsar Fusion Wireless Mice.exe () [Archivo no firmado]
Startup: C:\Users\fjpol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2023-08-01]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
GroupPolicy: Restricción ? <==== ATENCIÓN
GroupPolicy\User: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {808A2F19-0FED-4226-B19A-6657A37DF4FB} - \Opera GX scheduled assistant Autoupdate 1633336078 -> Ningún archivo <==== ATENCIÓN
Task: {54C77321-A3F3-4866-9790-DE9CDBE6D951} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [309608 2022-09-27] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {FEA4E036-3716-425D-BC4D-CD73FFCD4BB9} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe  (Ningún archivo)
Task: {16F88A5F-36BA-4EDD-8B3B-041689C6F8BB} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1858920 2022-09-27] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {48D4C1D3-B8F8-41E1-963B-780F4C5D3C28} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {54FA98AC-F738-46A5-A1CC-21B4FEBCAED6} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {FA8FDCDC-FC25-429D-ACA5-CCCB25367615} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43797544 2022-09-01] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {4A093585-B7FD-432A-9F3C-D2D8A4B5DE32} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2022-09-29] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {EE7F242C-FB21-4A79-B455-9540C1EE21AF} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (Ningún archivo)
Task: {E8F1A909-6A55-428B-AB19-CE04CB127CDC} - System32\Tasks\Avira\System Speedup\SecurityTestScheduler => "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe"  SchedulerTest (Ningún archivo)
Task: {386650FB-632E-4719-AF4F-DE86C3F850A8} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{F468C002-EEF3-4CF7-807C-F6A14E7DBF16} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-09-07] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {240D6CA0-9C54-493D-A262-9457B988CE49} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{7A028245-B2D6-4BDB-9A35-EB37E5971A5F} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-09-07] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {4D9E5BEE-60C0-485E-925A-BDD32A0D1BCB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C0656097-638F-471D-BBB1-BB54F62A9D7C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "3f77ead6-56ea-4ff6-9fea-201636140ce0" --version "6.18.10838" --silent
Task: {42569422-2675-46E6-8887-67EBE8593EFD} - System32\Tasks\CCleanerSkipUAC - fjpol => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D36B0FD7-82C5-4FBB-BECF-6344821E0FBA} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5340232 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {32B5BB6A-8D5D-4C92-B2CD-A738F87BF9E6} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\fjpol\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-07-29] (ESET, spol. s r.o. -> ESET)
Task: {093A9FF4-8135-4B65-9EF3-954E39676DC3} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\fjpol\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-07-29] (ESET, spol. s r.o. -> ESET)
Task: {CF711664-886D-4498-8B97-9ABE7A77CC25} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [278016 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {2FDD6131-9626-47FC-87DE-471E4DE3B886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4061E0B0-3ECE-4B2F-9E55-711493663B01} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47D9D140-5524-4507-9EE4-66D2504E1742} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {84542842-E52B-410C-8468-EDCC8EAEB7DB} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {F0B5CE45-45BA-4020-A4BC-84785CEFAF6C} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2664040 2023-11-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {7478E045-B2FD-45C0-ACBF-07EA2927E322} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {01962D3E-76F1-4200-9ACB-8E9EF589FDFF} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [833688 2021-11-01] (A-Volute SAS -> Nahimic)
Task: {5412DA0D-B700-4865-8DBA-B85C42513EB9} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1094808 2021-11-01] (A-Volute SAS -> Nahimic)
Task: {E97A2062-65B9-492F-9958-33D99536CCB7} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [833688 ] (A-Volute SAS -> Nahimic)
Task: {B686339E-983C-4EF5-8445-D50DE418BC97} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1094808 ] (A-Volute SAS -> Nahimic)
Task: {2AD9E2DD-7602-49F6-961F-11BA23E5717C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8AA25DB-C7D6-4652-A366-280D72E927B1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-379142082-368627597-1758287532-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2788936-6272-4B93-8633-17FF115D3A05} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-379142082-368627597-1758287532-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B944567F-D902-476B-A4E3-2DC7331BDEC1} - System32\Tasks\Opera GX scheduled Autoupdate 1630667402 => C:\Program Files\Opera GX\launcher.exe [2587040 2023-11-29] (Opera Norway AS -> Opera Software)
Task: {A2466FBB-00A2-432E-A784-831C67B75308} - System32\Tasks\Remove AdwCleaner Application => c:\windows\system32\CMD.EXE [289792 2023-11-14] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "C:\Users\fjpol\Downloads\Qbit\adwcleaner.exe"
Task: {F7F9A928-AD47-4DC7-BBDD-2BCA2FDC2E80} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [133905984 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {F64DAA8D-044C-40C1-9C40-F1F16B15EC1F} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\fjpol\Downloads\Qbit\adwcleaner.exe  /uninstall (Ningún archivo)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{215EF3EE-25CF-48BE-8502-9273C28CB8CD}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{ea2812fb-c350-4f84-8fa4-6759130cb701}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\fjpol\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-02]
Edge HomePage: Default -> javascript:(function(){var%20openWindow=window.open('');var%20url=window.document.URL.toString();var%20src=document.documentElement.innerHTML;var%20note='book';form=document.createElement('form');form.setAttribute('method','POST');form.setAttribute('action','hxxps://www.tubeoffline.com/downloadFrom.php');form.setAttribute('onsubmit','Submit.disabled%20=%20true;return%20true;');srcPlaceholder=document.createElement('input');srcPlaceholder.setAttribute('name','src');srcPlaceholder.setAttribute('type','hidden');srcPlaceholder.setAttribute('value',src);form.appendChild(srcPlaceholder);urlPlaceholder=document.createElement('input');urlPlaceholder.setAttribute('name','url');urlPlaceholder.setAttribute('type','hidden');urlPlaceholder.setAttribute('value',url);form.appendChild(urlPlaceholder);notePlaceholder=document.createElement('input');notePlaceholder.setAttribute('name','note');notePlaceholder.setAttribute('type','hidden');notePlaceholder.setAttribute('value',note);form.appendChild(notePlaceholder);divPlaceholder=document.createElement('div');divPlaceholder.setAttribute('name','label');divPlaceholder.setAttribute('type','div');divPlaceholder.style.textAlign='center';divPlaceholder.style.fontWeight='bold';divPlaceholder.style.fontSize='18px';divPlaceholder.style.fontFamily='arial';divPlaceholder.innerHTML='\u003Cbr>\u003Cbr>Click%20the%20below%20button%20to%20Continue.\u003Cbr>If%20your%20download%20does%20not%20work,%20please%20send%20feedback%20so%20we%20fix%20it%20for%20you.\u003Cbr>\u003Cbr>';form.appendChild(divPlaceholder);btn=document.createElement('input');btn.setAttribute('name','Submit');btn.setAttribute('type','submit');btn.setAttribute('value','Go%20To%20TubeOffline%20download%20page%20>>');btn.style.fontSize='24px';btn.style.fontWeight='bold';btn.style.color='#FA8507';btn.style.width='600px';btn.style.height='100px';btn.style.display='table';btn.style.margin='0%20auto';btn.setAttribute('onclick',%22this.value='Converting%20Video,%20Please%20wait...'%22);form.appendChild(btn);openWindow.document.body.appendChild(form)})();
Edge StartupUrls: Default -> "hxxps://duckduckgo.com/?va=b&t=hr"
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
Edge Extension: (DuckDuckGo) - C:\Users\fjpol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2023-11-20]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\fjpol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-12-01]
Edge Extension: (Avira Safe Shopping) - C:\Users\fjpol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-10-19]
Edge Extension: (Avira Password Manager) - C:\Users\fjpol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-11-04]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\fjpol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-15]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\fjpol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-01]
Edge Extension: (Online Security) - C:\Users\fjpol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jcpgbnbdnakoblgfkbgggankeidkfcdl [2023-11-03]
Edge Extension: (Edge relevant text changes) - C:\Users\fjpol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]
Edge Extension: (Shazam: identifica música desde tu navegador) - C:\Users\fjpol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-10-20]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Edge HKLM-x32\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl]

FireFox:
========
FF HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\fjpol\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\fjpol\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-379142082-368627597-1758287532-1001: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\fjpol\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-379142082-368627597-1758287532-1001: @acestream.net/acestreamplugin,version=3.1.74 -> C:\Users\fjpol\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies)

Chrome: 
=======
CHR HKU\S-1-5-21-379142082-368627597-1758287532-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera: 
=======
StartMenuInternet: (HKLM) Opera GXStable - C:\Program Files\Opera GX\Launcher.exe

Brave: 
=======
BRA Profile: C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-10-22]
BRA DefaultSearchURL: Default -> hxxps://search.brave.com/search?q={searchTerms}&source=desktop
BRA DefaultSearchKeyword: Default -> :br
BRA DefaultSuggestURL: Default -> hxxps://search.brave.com/api/suggest?q={searchTerms}
BRA Extension: (Avira Password Manager) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-09-07]
BRA Extension: (2FAS - Two Factor Authentication) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dbfoemgnkgieejfkaddieamagdfepnff [2023-10-05]
BRA Extension: (Autorrellenado de Microsoft) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fiedbfgcleddlbcmgdigjgdfcggjcion [2023-09-13]
BRA Extension: (Avira Navegación segura) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-09-07]
BRA Extension: (Ace Script) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-10-05]
BRA Extension: (Shazam: identifica música desde tu navegador) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-10-22]
BRA Extension: (Click traductor) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pmlpcplomjofbnlcihpacmcaahellokg [2023-08-08]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-10-22]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-10-22]
BRA Extension: (Brave NTP sponsored images) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\alkblaadjjijngaehljijdimckobegga [2023-10-22]
BRA Extension: (Brave NTP background images) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-09-20]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-10-22]
BRA Extension: (Wallet Data Files Updater) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-10-22]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-10-22]
BRA Extension: (Brave Ads Resources) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\elecgkckipdmnkkgndidemmdhdcdfhnp [2023-07-02]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish (plaintext))) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\fejmaeodjeekfldnbegjagemjgnmhfof [2023-10-22]
BRA Extension: (Brave Ads Resources) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\ganmbmiebelpdlnohnabgkkocholelbp [2023-07-30]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-09-20]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2023-07-02]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-10-22]
BRA Extension: (Brave Ad Block Updater (Adguard Spanish/Portuguese (plaintext))) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\meimhmgfbckapkbbbdaoefgnbppmkodp [2023-10-22]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-10-22]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\fjpol\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-22]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [14256 2019-06-07] (Schneider Electric -> Schneider Electric) [Archivo no firmado]
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [4261808 2019-06-07] (Schneider Electric -> Schneider Electric) [Archivo no firmado]
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [401880 2023-10-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.27\atkexComSvc.exe [903016 2023-10-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [501608 2023-08-18] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2023-06-19] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678256 2022-10-24] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1097624 2022-06-14] (ASUSTeK Computer Inc. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-09-07] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-09-07] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.125\brave_vpn_helper.exe [2762264 2023-11-29] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.125\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10797080 2023-11-29] (Brave Software, Inc. -> Brave Software, Inc.)
R2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [105672 2022-07-14] (Shenzhen Moyea Software -> Leawo Software)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe [9728 2022-07-14] (GuinpinSoft inc) [Archivo no firmado]
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761408 2023-03-10] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R2 CorsairCpuIdService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe [240168 2023-11-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [151080 2023-11-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe [84008 2023-11-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11137128 2023-11-13] (Electronic Arts, Inc. -> Electronic Arts)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{AB346495-6499-47E0-9E8B-1B407F0FFA83} [22384 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncHelper.exe [3509792 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348000 2023-09-29] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-09-29] (GOG  sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
S3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [386600 2023-11-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [92768 2023-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 ListaryServiceV2; C:\Program Files\Listary\Listary.Service.exe [25664 2023-07-02] (Zaozhuang Shizhong District Bopsoft Sales Department -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9341488 2023-11-07] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1920152 2021-11-01] (A-Volute SAS -> Nahimic)
R2 NativePushService; C:\Users\fjpol\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [594320 2023-02-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.226.1031.0003\OneDriveUpdaterService.exe [3846064 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [763904 2023-02-20] (Plex, Inc. -> Plex, Inc.)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.2.4\ProtonVPNService.exe [472168 2023-10-17] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.2.4\ProtonVPN.WireGuardService.exe [471656 2023-10-17] (Proton Technologies AG -> ProtonVPN)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1201648 2023-11-21] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1796568 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [381504 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [37712 2023-09-28] (SteelSeries ApS -> )
R2 SyncBackFreeSchedulesMonitor; C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe [3389168 2023-10-10] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files\Windscribe\WindscribeService.exe [1085280 2023-10-22] (Windscribe Limited -> Windscribe Limited)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.125\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_4e58e7ac1d277d04\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_4e58e7ac1d277d04\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [34384 2021-10-21] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [59440 2023-08-17] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R3 AVoluteSS3Vad; C:\WINDOWS\system32\DRIVERS\AVoluteSS3Vad.sys [93672 2021-10-14] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2022-10-05] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2022-06-25] (Microsoft Corporation) [Archivo no firmado]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63008 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44576 2023-12-02] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [32320 2022-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [607400 2022-02-22] (Intel Corporation -> Intel Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2020-12-07] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S3 fiio_usbaudio; C:\WINDOWS\System32\drivers\fiio_usbaudio.sys [404024 2022-02-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 fiio_usbaudioks; C:\WINDOWS\system32\DRIVERS\fiio_usbaudioks.sys [54872 2022-02-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54752 2023-01-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [51848 2021-07-12] (Eaton Corp -> hxxp://libusb-win32.sourceforge.net)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl644b28b1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{75D2146F-6F12-453F-AC7E-83B3589FFEBE}\MpKslDrv.sys [263560 2023-12-02] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S0 ProtectedELAM; C:\WINDOWS\System32\drivers\protected_elam.sys [18912 2022-09-27] (Microsoft Windows Early Launch Anti-malware Publisher -> TODO: <Company name>)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.2.4\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_008a; C:\WINDOWS\System32\drivers\RzDev_008a.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_00b9; C:\WINDOWS\System32\drivers\RzDev_00b9.sys [64664 2023-02-07] (Razer USA Ltd. -> Razer Inc)
S3 sixaxis; C:\WINDOWS\System32\drivers\sixaxis.sys [28424 2020-12-04] (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)
S3 Sony_Turntable; C:\WINDOWS\system32\drivers\Sony_Turntable_Driver.sys [192664 2016-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [47784 2021-12-06] (SteelSeries ApS -> SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [44456 2023-03-13] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2021-08-08] (Windscribe Limited -> The OpenVPN Project)
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2020-04-21] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WindscribeSplitTunnel; C:\WINDOWS\system32\DRIVERS\WindscribeSplitTunnel.sys [38152 2023-10-22] (Windscribe Limited -> )
R3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2021-08-08] (Windscribe Limited -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-01-25] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 ysusb_w10_64; C:\WINDOWS\system32\drivers\ysusb_w10_64.sys [181784 2023-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Yamaha Corporation)
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X]
S3 PHYMEM2; \??\C:\Program Files (x86)\Leawo\Blu-ray Player\phymem_ext64.sys [X]
S3 VBAudioVMAUXVAIOMME; \SystemRoot\system32\DRIVERS\vbaudio_vmauxvaio64_win10.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\system32\DRIVERS\vbaudio_vmvaio64_win10.sys [X]
U4 WMPNetworkSvc; no ImagePath

El resto del primer reporte…

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-12-02 16:23 - 2023-12-02 16:24 - 000054430 _____ C:\Users\fjpol\Desktop\FRST.txt
2023-12-02 16:20 - 2023-12-02 16:20 - 002384384 _____ (Farbar) C:\Users\fjpol\Desktop\FRST64.exe
2023-11-21 03:41 - 2023-11-21 03:41 - 000000167 _____ C:\WINDOWS\system32\Drivers\mozart_12331795405684_fw_dump.cmm
2023-11-18 11:17 - 2023-11-18 11:17 - 000000150 _____ C:\WINDOWS\system32\Drivers\mozart_12321715933056_fw_dump.cmm
2023-11-16 12:25 - 2023-11-16 12:25 - 000003176 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2023-11-16 12:25 - 2023-11-16 12:25 - 000000000 ____D C:\Program Files\WD
2023-11-16 12:25 - 2023-11-16 12:25 - 000000000 ____D C:\Program Files\Verbatim
2023-11-16 09:33 - 2023-11-16 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2023-11-14 19:25 - 2023-11-14 19:25 - 000000000 ___HD C:\$WinREAgent

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-12-02 16:23 - 2022-09-07 23:55 - 000000000 ____D C:\FRST
2023-12-02 16:22 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-02 16:21 - 2022-06-25 20:34 - 000003128 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2023-12-02 16:21 - 2020-11-20 03:24 - 000000000 ____D C:\Users\fjpol\AppData\Local\ElevatedDiagnostics
2023-12-02 16:21 - 2020-11-20 01:32 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2023-12-02 16:21 - 2020-11-20 01:31 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2023-12-02 16:21 - 2020-11-20 00:31 - 000000000 ____D C:\Users\fjpol\AppData\Roaming\qBittorrent
2023-12-02 16:05 - 2022-06-25 20:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-02 16:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-02 15:14 - 2022-06-25 20:38 - 001772862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-02 15:14 - 2019-12-07 15:55 - 000788342 _____ C:\WINDOWS\system32\perfh00A.dat
2023-12-02 15:14 - 2019-12-07 15:55 - 000155730 _____ C:\WINDOWS\system32\perfc00A.dat
2023-12-02 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-02 15:09 - 2022-10-18 02:11 - 000000000 ____D C:\Users\fjpol\AppData\Roaming\Rainmeter
2023-12-02 15:09 - 2021-04-27 18:57 - 000000000 ____D C:\MSI
2023-12-02 15:09 - 2020-11-20 00:15 - 000000000 ___RD C:\Users\fjpol\OneDrive
2023-12-02 15:08 - 2023-07-22 05:35 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-12-02 15:08 - 2023-07-22 05:35 - 000000000 ____D C:\Program Files\CCleaner
2023-12-02 15:08 - 2023-03-30 08:14 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-02 15:08 - 2022-06-25 20:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-02 15:08 - 2020-11-20 00:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-02 12:51 - 2023-08-09 03:37 - 000099544 _____ C:\WINDOWS\SysWOW64\PCPELog.txt
2023-12-02 12:51 - 2020-11-20 00:54 - 000000000 ____D C:\Program Files (x86)\Steam
2023-12-02 12:51 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-12-02 03:01 - 2022-06-20 18:53 - 000000000 ____D C:\Program Files\ASUS
2023-12-02 02:38 - 2022-10-12 16:57 - 000000000 ____D C:\Users\fjpol\AppData\Roaming\AIMP
2023-12-02 02:33 - 2022-09-22 01:17 - 000000000 ____D C:\Users\fjpol\Downloads\Qbit
2023-12-01 21:00 - 2020-11-20 00:55 - 000000000 ____D C:\Users\fjpol\AppData\Local\Steam
2023-12-01 20:59 - 2023-07-22 05:35 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-12-01 20:59 - 2023-07-22 05:35 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-12-01 20:59 - 2020-11-20 01:41 - 000000000 ____D C:\Users\fjpol\AppData\Local\CrashDumps
2023-12-01 18:05 - 2020-11-20 07:59 - 000000000 ____D C:\ProgramData\Unified Remote
2023-11-30 16:05 - 2021-09-03 12:09 - 000000000 ____D C:\Program Files\Opera GX
2023-11-29 21:04 - 2023-10-29 00:29 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk
2023-11-29 21:04 - 2022-06-25 20:34 - 000003964 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1630667402
2023-11-29 20:45 - 2023-10-22 21:14 - 000000000 ___HD C:\_acestream_cache_
2023-11-29 20:45 - 2023-10-22 21:12 - 000000000 ____D C:\Users\fjpol\AppData\Roaming\.ACEStream
2023-11-29 19:17 - 2023-09-07 16:07 - 000002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-11-28 22:08 - 2021-08-12 13:08 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-28 22:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-25 06:01 - 2022-07-31 05:00 - 000000000 ____D C:\Users\fjpol\AppData\Roaming\deemix-gui
2023-11-21 19:37 - 2020-11-20 01:02 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2023-11-21 19:37 - 2020-11-20 01:01 - 000000000 ____D C:\Program Files\Rockstar Games
2023-11-20 21:11 - 2023-03-30 08:05 - 000000000 ____D C:\Users\fjpol\AppData\Local\D3DSCache
2023-11-18 22:33 - 2023-07-22 06:33 - 000000000 ____D C:\Users\fjpol\AppData\Local\Malwarebytes
2023-11-18 22:30 - 2021-09-12 19:09 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-11-18 09:17 - 2022-06-25 20:34 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-379142082-368627597-1758287532-1001
2023-11-18 09:17 - 2022-06-25 20:34 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-11-18 09:17 - 2021-09-12 19:10 - 000002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-18 08:49 - 2020-11-20 00:14 - 000000000 ____D C:\Users\fjpol\AppData\Local\Packages
2023-11-18 06:37 - 2019-12-07 15:57 - 000000000 ____D C:\WINDOWS\OCR
2023-11-18 00:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-16 12:25 - 2020-11-20 00:18 - 000000000 ____D C:\Program Files\ENE
2023-11-16 12:25 - 2020-11-20 00:16 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-16 09:32 - 2020-11-26 23:59 - 000000000 ____D C:\Users\fjpol\AppData\Roaming\Corsair
2023-11-15 16:53 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-15 10:25 - 2022-06-25 20:29 - 000269608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-15 10:24 - 2022-06-25 20:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2023-11-15 10:24 - 2022-06-25 20:03 - 000000000 ____D C:\WINDOWS\en-GB
2023-11-15 10:24 - 2019-12-07 15:58 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-11-15 10:24 - 2019-12-07 15:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-15 10:24 - 2019-12-07 15:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-11-15 10:24 - 2019-12-07 15:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-15 10:24 - 2019-12-07 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\es
2023-11-15 10:24 - 2019-12-07 15:55 - 000000000 ____D C:\WINDOWS\system32\es
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-15 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-15 10:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-14 19:33 - 2019-12-07 15:58 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-11-14 19:33 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-14 19:33 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-14 19:29 - 2022-06-25 20:31 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-14 19:18 - 2020-11-20 04:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-14 19:15 - 2020-11-20 04:01 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-13 02:06 - 2023-09-07 16:15 - 000000000 ____D C:\Users\fjpol\Downloads\Telegram Desktop
2023-11-12 17:50 - 2023-07-21 11:28 - 000003844 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-11-12 17:50 - 2023-07-21 11:28 - 000003402 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-11-12 17:50 - 2023-07-21 07:26 - 000001378 _____ C:\Users\fjpol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-11-09 17:41 - 2020-11-20 04:05 - 000000000 ____D C:\Users\fjpol\AppData\Local\NVIDIA
2023-11-07 21:45 - 2020-11-20 00:05 - 000000000 ____D C:\ProgramData\ASUS
2023-11-07 17:30 - 2023-08-03 09:22 - 000000000 ____D C:\Users\fjpol\AppData\Local\Pulsar
2023-11-07 08:42 - 2020-11-20 00:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-02 02:55 - 2023-08-26 17:59 - 000000000 ____D C:\Users\fjpol\AppData\Roaming\Telegram Desktop

==================== Archivos en la raíz de algunos directorios ========

2023-08-22 19:57 - 2023-08-22 19:57 - 000000256 _____ () C:\ProgramData\fontcacheev1.dat
2022-09-07 19:19 - 2022-09-07 19:19 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\4570.tmp
2022-09-07 19:19 - 2022-09-07 19:19 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\46C9.tmp
2022-09-07 10:36 - 2022-09-07 10:36 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\5203.tmp
2022-09-07 10:36 - 2022-09-07 10:36 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\52BF.tmp
2022-09-07 10:32 - 2022-09-07 10:32 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\6656.tmp
2022-09-06 19:31 - 2022-09-06 19:31 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\6666.tmp
2022-09-07 10:32 - 2022-09-07 10:32 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\6712.tmp
2022-09-06 19:31 - 2022-09-06 19:31 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\67ED.tmp
2022-09-07 10:25 - 2022-09-07 10:25 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\69E0.tmp
2022-09-07 10:25 - 2022-09-07 10:25 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\6B39.tmp
2022-09-06 05:04 - 2022-09-06 05:04 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\AA78.tmp
2022-09-06 05:04 - 2022-09-06 05:04 - 000000000 _____ () C:\Users\fjpol\AppData\Roaming\ABE0.tmp
2022-06-25 20:09 - 2022-06-25 20:09 - 000042081 ___SH () C:\Users\fjpol\AppData\Roaming\citbsrr
2023-03-05 22:07 - 2023-03-17 05:08 - 000001835 _____ () C:\Users\fjpol\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2023-03-05 22:07 - 2023-03-17 05:08 - 000007051 _____ () C:\Users\fjpol\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2023-03-05 22:07 - 2023-03-17 05:08 - 000002762 _____ () C:\Users\fjpol\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2023-03-05 22:07 - 2023-03-17 05:08 - 000011217 _____ () C:\Users\fjpol\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2022-06-25 20:09 - 2022-06-25 20:09 - 000042064 ___SH (Microsoft Corporation) C:\Users\fjpol\AppData\Roaming\tgdaduf
2022-09-03 11:47 - 2022-09-03 12:59 - 000042975 _____ () C:\Users\fjpol\AppData\Roaming\VoiceMeeterBananaDefault.xml
2022-09-03 11:08 - 2022-09-03 11:58 - 000007393 _____ () C:\Users\fjpol\AppData\Roaming\VoiceMeeterDefault.xml
2023-04-09 17:35 - 2023-04-09 17:35 - 000000218 _____ () C:\Users\fjpol\AppData\Local\recently-used.xbel
2021-06-29 03:54 - 2023-07-19 00:35 - 000007604 _____ () C:\Users\fjpol\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

FRST.txt (67,9 KB)

Addition.txt (84,1 KB)

Addition

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 30-11-2023 02
Ejecutado por fjpol (02-12-2023 16:24:47)
Ejecutado desde C:\Users\fjpol\Desktop
Microsoft Windows 10 Pro Versión 22H2 19045.3693 (X64) (2022-06-25 19:34:19)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-379142082-368627597-1758287532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-379142082-368627597-1758287532-503 - Limited - Disabled)
fjpol (S-1-5-21-379142082-368627597-1758287532-1001 - Administrator - Enabled) => C:\Users\fjpol
Invitado (S-1-5-21-379142082-368627597-1758287532-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-379142082-368627597-1758287532-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7-Zip 23.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2301-000001000000}) (Version: 23.01.00.0 - Igor Pavlov)
Ace Stream Media 3.1.74 (HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\AceStream) (Version: 3.1.74 - Ace Stream Media) <==== ATENCIÓN
Akai F9 Instruments Beats Edition (HKLM-x32\...\Akai F9 Instruments Beats Edition_is1) (Version:  - )
Akai MPC Beats ADSR LoFi Producer Collection (HKLM-x32\...\Akai MPC Beats ADSR LoFi Producer Collection_is1) (Version:  - )
Akai MPC Beats LANIAKEA SOUNDS TrapSoul and LoFi Beats (HKLM-x32\...\Akai MPC Beats LANIAKEA SOUNDS TrapSoul and LoFi Beats_is1) (Version:  - )
Akai MPC Beats MSX Soulful Experience Expansion (HKLM-x32\...\Akai MPC Beats MSX Soulful Experience Expansion_is1) (Version:  - )
Akai MPC Beats Producer Kits (HKLM-x32\...\Akai MPC Beats Producer Kits_is1) (Version:  - )
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.7.3 - ASUS)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1703 - Microsoft Corporation)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{6aabd550-b97f-4b87-8c12-fb271d7c8047}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{4e2b05b0-eb08-41e5-9eb3-cdcc43d6bee0}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.7.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{98ff4518-0cc2-45ec-8152-eeba51c7881a}) (Version: 1.3.7.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 3.1.1.0 - ASUSTeK Computer Inc.)
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 3.02.11 - ASUSTek Computer Inc.)
Audacity 3.3.3 (HKLM-x32\...\Audacity_is1) (Version: 3.3.3 - Audacity Team)
AURA DRAM Component (HKLM\...\{6FB66775-BB93-4D0A-9871-4CC9B2E87BF3}) (Version: 1.1.23 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{179f415f-2ff3-4db1-bcc1-d5730f746db8}) (Version: 1.1.23 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.39 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.39 - ASUS)
AURA Service (HKLM-x32\...\{0fcadbd2-1a6a-4a4a-a56d-fc7163d9b3fa}) (Version: 3.07.25 - ASUSTeK Computer Inc.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.25 - ASUSTeK Computer Inc.) Hidden
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 119.1.60.125 - Los creadores de Brave)
CCleaner (HKLM\...\CCleaner) (Version: 6.18 - Piriform)
Cheat Engine 7.5 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
Corsair iCUE5 Software (HKLM\...\{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.8.130 - Corsair)
CPUID CPU-Z 2.02 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.02 - CPUID, Inc.)
CPUID HWMonitor 1.50 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.50 - CPUID, Inc.)
Crucial Storage Executive (HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Crucial Storage Executive 9.01.012023.01) (Version: 9.04.042023.01 - Crucial)
CrystalDiskInfo 8.8.9 Shizuku Edition (HKLM\...\CrystalDiskInfo_is1) (Version: 8.8.9 - Crystal Dew World)
CrystalDiskMark 8.0.4c Shizuku Edition (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World)
deemix-gui (HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\7ea5d267-de32-53ab-b27a-3748ad144b22) (Version: 2022.5.28-r206.a752a63e0e - RemixDev)
Display Driver Uninstaller 18.0.6.1 (HKLM-x32\...\Display Driver Uninstaller) (Version: 18.0.6.1 - Wagnardsoft)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.63.0.5576 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{a8951d7a-6015-4a6d-9f6c-2ae6c835c6b7}) (Version: 13.63.0.5576 - Electronic Arts)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.12.7.1296 - Steinberg Media Technologies GmbH)
eMule (HKLM-x32\...\eMule) (Version:  - )
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{7f329536-2468-4b20-88dc-5e2defcd5ff3}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{5EDB15EA-8B3E-4C51-AE28-7BFFE25208C2}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
Exact Audio Copy 1.6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.6 - Andre Wiethoff)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.71.2 - GOG.com)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Hi-Res Audio Recorder (HKLM-x32\...\{D6DFFB92-5703-43DD-AE77-26AB8E5DF50C}) (Version: 1.1.0 - Sony Corporation) Hidden
Hi-ResAudioRecorder (HKLM-x32\...\{55E2D859-A1A9-4ED7-AA57-3211CE2F8A47}) (Version: 1.1.0 - Sony Corporation)
Hybrid (HKLM-x32\...\{3dd93c56-a328-42fe-99a9-17d5eefff428}) (Version: 3.0.7 - AIR Music Tech GmbH)
Hybrid AAX32 (HKLM-x32\...\{63FA7BA2-C720-4506-9379-43BFA5BC3A98}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid AAX64 (HKLM\...\{C2CB3E60-B541-418D-A535-D3D73A644EC5}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid Content (HKLM-x32\...\{77129154-5C4A-45D0-AFEF-5D9C2D307246}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid VST64 (HKLM\...\{EB4543A3-A9D8-4354-94BE-22400A619F7A}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Chipset Device Software (HKLM\...\{9796DAAB-D3AD-4FA4-B8F3-6061DBBE1352}) (Version: 10.1.18295.8201 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{b666e502-9089-483b-9816-0774ccc9cb61}) (Version: 10.1.18295.8201 - Intel(R) Corporation)
KeePass Password Safe 2.54 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.54 - Dominik Reichl)
KeePassXC (HKLM\...\{AE8C6DDF-D052-4AEF-9EE3-8F354EC1530D}) (Version: 2.7.6 - KeePassXC Team)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.16 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{39014df0-ccd5-4c61-8e9d-836af9ef56fd}) (Version: 1.1.16 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Listary version 6.2 (HKLM\...\Listary_is1) (Version: 6.2 - )
MakeMKV v1.17.3 (HKLM-x32\...\MakeMKV) (Version: v1.17.3 - GuinpinSoft inc)
Malwarebytes version 4.6.5.293 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.5.293 - Malwarebytes)
MegaDownloader 1.8 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.8 - megadownloaderapp.blogspot.com)
Microsoft .NET Host - 6.0.18 (x64) (HKLM\...\{1A7F6299-C501-49CA-B91D-5E83ED7FB8CA}) (Version: 48.75.61559 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.18 (x64) (HKLM\...\{CB1B935F-234E-452D-91DA-4CBA519E9581}) (Version: 48.75.61559 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.18 (x64) (HKLM\...\{8BBCB5E9-5775-4465-AABC-3E276EBBD496}) (Version: 48.75.61559 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.93 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.18 (x64) (HKLM\...\{81D7013F-AB4C-4DEF-8549-2AC6A3D612BB}) (Version: 48.75.61602 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.18 (x64) (HKLM-x32\...\{70624c55-d0e1-40a6-913e-96560feea689}) (Version: 6.0.18.32522 - Microsoft Corporation)
MKVToolNix 71.1.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 71.1.0 - Moritz Bunkus)
MPC Beats 2.11.1 (HKLM\...\com.akaipro.mpc.beats_is1) (Version: 2.11.1 - Akai Professional)
MPC-BE x64 1.6.8.5 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.6.8.5 - MPC-BE Team)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
MSVCRT Redists (HKLM\...\{73A5B6DE-A93E-11ED-B32E-50E549394757}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{BCE65D30-841A-11E8-8464-408D5CC672F4}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Noise Reduction Plug-In 2.0 (x64) (HKLM\...\{BCD60981-841A-11E8-A5B0-408D5CC672F4}) (Version: 2.0.1318 - MAGIX)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.5.4 - Notepad++ Team)
NVIDIA Controlador de gráficos 537.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 537.42 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Opera GX Stable 104.0.4944.80 (HKLM-x32\...\Opera GX 104.0.4944.80) (Version: 104.0.4944.80 - Opera Software)
Ozone 10 Elements (HKLM\...\Ozone Pro Elements) (Version: 10.3.0 - iZotope, Inc.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.5 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{31850f16-ce9f-4dec-81ca-222c617a9115}) (Version: 1.0.9.5 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.2 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{959e5696-0edd-4896-b1d8-54aaa725f770}) (Version: 1.1.0.2 - Patriot Memory) Hidden
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Plex Media Server (HKLM-x32\...\{1B19B1C2-458D-4880-A5F1-2EDE927720F6}) (Version: 1.31.1733 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{fd6558c0-a051-49a7-9543-7de4ee2c7f84}) (Version: 1.31.1.6733 - Plex, Inc.)
PowerChute Personal Edition (HKLM-x32\...\APC) (Version: 3.1.0 - Schneider Electric)
Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.2.4 - Proton AG)
Pulsar Fusion Wireless Mice (HKLM-x32\...\{D8351EFB-FE5B-4DF5-A42A-49B8A85EA915}_is1) (Version: 1.2.8 - Pulsar Gaming Gears)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.4 - The qBittorrent project)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.5.18 - Rainmeter)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9359.1 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - CD Projekt RED)
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.81.1699 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.3.4 - Rockstar Games)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.2.14.0 - ASUSTek COMPUTER INC.)
RX 10 Advanced (HKLM\...\RX Pro Audio Editor) (Version: 10.0.0 - iZotope, Inc.)
RX 10 Breath Control (HKLM\...\RX 10 Breath Control) (Version: 10.0.0 - iZotope, Inc.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.3.0.1100 - Samsung Electronics)
Sony Turntable Driver (HKLM\...\{0A63A0AE-E76D-4FD6-970E-8CC65857717B}) (Version: 1.0.1 - Sony Corporation) Hidden
Soporte para el iPod (HKLM\...\{D79EE161-F760-4879-A62F-AC8FD459B669}) (Version: 12.11.3.7 - Apple Inc.)
SoulseekQt versión 2019.7.22 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2019.7.22 - Soulseek LLC)
Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 48.0.0 (HKLM\...\SteelSeries GG) (Version: 48.0.0 - SteelSeries ApS)
Stopping Plex (HKLM-x32\...\{7DE56933-1889-439F-AB47-17CD9B5F29D8}) (Version: 1.31.1733 - Plex, Inc.) Hidden
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 11.2.5.0 - 2BrightSparks)
TagScanner 6.1.15 (32bit) (HKLM-x32\...\TagScanner 6.1.15 (32bit)_is1) (Version: 6.1.15 - Sergey Serkov)
Telegram Desktop (HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.11.1 - Telegram FZ-LLC)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 116.0.10231 - Ubisoft)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.8.0 - Unified Intents AB)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.4 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{c8b4688a-f5d4-4236-aec4-df260a88ccc4}) (Version: 1.0.0.4 - PD) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Velvet (HKLM-x32\...\{3cdbd63b-d550-4942-81fd-65cf7eabae1c}) (Version: 2.0.7.19000 - AIR Music Tech GmbH)
Velvet AAX32 (HKLM-x32\...\{D641E4D2-B10C-465D-86CC-298D08C9A468}) (Version: 2.0.7.19000 - AIR Music Tech GmbH) Hidden
Velvet AAX64 (HKLM\...\{8E0C1DD7-A16C-4605-86D6-77C19FB7F259}) (Version: 2.0.7.19000 - AIR Music Tech GmbH) Hidden
Velvet Content (HKLM-x32\...\{F1CF0540-EB81-4837-B6AF-871F4AE4F789}) (Version: 2.0.7.19000 - AIR Music Tech GmbH) Hidden
Velvet Factory Content (HKLM-x32\...\{BDE38DED-D2AC-4FDA-A6FA-93DDAC9956A7}) (Version: 2.0.7.19000 - AIR Music Tech GmbH) Hidden
Velvet VST64 (HKLM\...\{96CF0BB6-DBD5-4A9D-90D0-B752621FC813}) (Version: 2.0.7.19000 - AIR Music Tech GmbH) Hidden
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.19 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.9.5 - Black Tree Gaming Ltd.)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.97 - Microsoft Corporation)
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.18.0.0 - Winaero)
Windscribe (HKLM\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.6.14 - Windscribe Limited)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\Wondershare NativePush_is1) (Version:  - )
Yamaha Steinberg USB Driver (HKLM\...\{E2AEA639-BFC7-4A6E-A9F3-EB11B60C2F33}) (Version: 2.1.5 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 2.1.5 - Yamaha Corporation)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.7.6.0_x64__qmba6cd70vzyy [2023-11-07] (ASUSTeK COMPUTER INC.)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-07-18] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa [2023-10-25] (Apple Inc.) [Startup Task]
Lively Wallpaper -> C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.137.0_x86__97hta09mmv6hy [2023-10-28] (rocksdanister) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10829.535.0_x64__8wekyb3d8bbwe [2023-11-02] (Microsoft Corporation)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.27.0_x64__kzh8wxbdkxb8p [2023-11-22] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Notepads App -> C:\Program Files\WindowsApps\19282JackieLiu.Notepads-Beta_1.4.9.0_x64__echhpq9pdbte8 [2023-07-21] (Jackie Liu)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-09-29] (NVIDIA Corp.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1114.100_x64__8wekyb3d8bbwe [2023-11-28] (Microsoft Corporation)
QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.7.3.0_neutral__egxr34yet59cg [2022-11-28] (Paddy Xu) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2022-09-03] (Realtek Semiconductor Corp)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2022-06-20] (Microsoft Corporation)

el resto del segundo inforte te he subido los archivos de texto también…

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-379142082-368627597-1758287532-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\fjpol\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-379142082-368627597-1758287532-1001_Classes\CLSID\{3e5dba08-7ec3-cc88-1f18-0cf79ce7ade4}\localserver32 -> "C:\Program Files\AtlasVPN\Bin\AtlasVPN.exe" -ToastActivated => Ningún archivo
CustomCLSID: HKU\S-1-5-21-379142082-368627597-1758287532-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> C:\Program Files\Proton\VPN\v3.2.4\ProtonVPN.exe (Proton Technologies AG -> )
ShellIconOverlayIdentifiers: [        OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [        OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [        OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [        OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [        OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [        OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [        OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [       MountainDuckError] -> {6093F40E-856B-4CC7-BA9A-072D08AC5097} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [       MountainDuckIgnored] -> {B3AED949-ED84-432F-87CA-42AD0625021C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [       MountainDuckInfinite] -> {DBE63233-DC1B-4360-94BE-16257112A298} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [       MountainDuckPause] -> {858C99A3-79F8-49B0-82DB-EB8FE97968C5} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [       MountainDuckSync] -> {C508BFF9-B703-452D-B41D-21BA26A5B55C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [       MountainDuckSyncing] -> {0E3B2F5F-8AF5-4016-B64C-D01734329F13} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [       MountainDuckUptodate] -> {A89A99A3-987A-4F63-9A8E-AF15F5136357} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [        OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [        OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [        OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [        OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [        OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [        OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [        OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2023-10-14] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} =>  -> Ningún archivo
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} =>  -> Ningún archivo
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} =>  -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-22] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2023-10-14] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} =>  -> Ningún archivo
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} =>  -> Ningún archivo
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_4e58e7ac1d277d04\nvshext.dll [2023-09-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-22] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2022-10-12 16:23 - 2022-09-01 08:47 - 000522240 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2022-10-12 16:23 - 2022-09-01 08:47 - 000520192 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2022-10-12 16:23 - 2022-09-01 08:47 - 000483328 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\node-system-fonts\build\Release\system-fonts.node
2022-10-12 16:23 - 2022-09-01 08:47 - 000510464 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2022-10-12 16:23 - 2022-09-01 08:47 - 000786432 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2022-10-12 16:23 - 2022-06-08 09:33 - 000081920 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2023-06-20 12:00 - 2023-06-20 12:00 - 000101376 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000136112 _____ (Schneider Electric -> Schneider Electric) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\APC\PowerChute Personal Edition\UIControl.dll
2019-06-07 22:25 - 2019-06-07 22:25 - 000479152 _____ (Schneider Electric -> Schneider Electric) [Archivo no firmado] C:\Program Files (x86)\APC\PowerChute Personal Edition\drvutil.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000915376 _____ (Schneider Electric -> Schneider Electric) [Archivo no firmado] C:\Program Files (x86)\APC\PowerChute Personal Edition\pdcdll.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000016816 _____ (Schneider Electric -> Schneider Electric) [Archivo no firmado] C:\Program Files (x86)\APC\PowerChute Personal Edition\rdp.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000574896 _____ (Schneider Electric -> Schneider Electric) [Archivo no firmado] C:\Program Files (x86)\APC\PowerChute Personal Edition\UpsControl.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000534960 _____ (Schneider Electric -> Schneider Electric) [Archivo no firmado] C:\Program Files (x86)\APC\PowerChute Personal Edition\UpsDevice.dll
2019-06-07 17:02 - 2019-06-07 17:02 - 002767360 _____ (Schneider Electric) [Archivo no firmado] C:\Program Files (x86)\APC\PowerChute Personal Edition\res.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\WINDOWS\system32\.crusader:F1EF9579D6 [2594]
AlternateDataStreams: C:\ProgramData\DeviceList.xml:2838F9B016 [2594]
AlternateDataStreams: C:\ProgramData\PACE:0C1A2C364C4607B9 [217]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Beats.lnk:FCF905613E [2594]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-379142082-368627597-1758287532-1001\Software\Classes\regfile:  <==== ATENCIÓN
HKU\S-1-5-21-379142082-368627597-1758287532-1001\Software\Classes\.reg:  =>  <==== ATENCIÓN
HKU\S-1-5-21-379142082-368627597-1758287532-1001\Software\Classes\.bat:  =>  <==== ATENCIÓN
HKU\S-1-5-21-379142082-368627597-1758287532-1001\Software\Classes\.cmd:  =>  <==== ATENCIÓN

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2021-12-20 05:58 - 2023-10-05 18:11 - 000002624 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 checkhost.local
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirlrepacks.in               # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.in           # Fake FitGirl site
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz         # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz             # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site
109.94.209.70      fitgirlpack.site                # Fake FitGirl site
109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site
109.94.209.70      fitgirl-repack.org              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.org          # Fake FitGirl site
109.94.209.70      fitgirlrepacks.pro              # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.pro          # Fake FitGirl site
109.94.209.70      fitgirlrepack.games             # Fake FitGirl site
109.94.209.70      www.fitgirlrepack.games         # Fake FitGirl site
109.94.209.70      fitgirl-repacks-site.org        # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks-site.org    # Fake FitGirl site

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-379142082-368627597-1758287532-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\fjpol\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\StartupApproved\Run: => "CorsairLink4"
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\StartupApproved\Run: => "Terashare"
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\StartupApproved\Run: => "Quebali dayecaci beboqueg cigowoq baquab gohaxi lama"
HKU\S-1-5-21-379142082-368627597-1758287532-1001\...\StartupApproved\Run: => "ProtonVPN"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{834CBE8E-114A-4B49-8D9B-8631742CF7EB}C:\program files\electronic arts\ea desktop\ea desktop\qtwebengineprocess.exe] => (Block) C:\program files\electronic arts\ea desktop\ea desktop\qtwebengineprocess.exe (Electronic Arts, Inc. -> The Qt Company Ltd.)
FirewallRules: [TCP Query User{C37F3884-10B0-454E-AC1B-EAB36EB1EF2E}C:\program files\electronic arts\ea desktop\ea desktop\qtwebengineprocess.exe] => (Block) C:\program files\electronic arts\ea desktop\ea desktop\qtwebengineprocess.exe (Electronic Arts, Inc. -> The Qt Company Ltd.)
FirewallRules: [UDP Query User{FAA060FB-D7C5-4F41-B10A-C4B1F5AFCBF0}C:\users\fjpol\appdata\roaming\displaycal\dl\argyll_v2.1.2\bin\dispcal.exe] => (Allow) C:\users\fjpol\appdata\roaming\displaycal\dl\argyll_v2.1.2\bin\dispcal.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{683A0989-F8B2-40A4-A5DC-D56A14435E27}C:\users\fjpol\appdata\roaming\displaycal\dl\argyll_v2.1.2\bin\dispcal.exe] => (Allow) C:\users\fjpol\appdata\roaming\displaycal\dl\argyll_v2.1.2\bin\dispcal.exe () [Archivo no firmado]
FirewallRules: [{D10E877F-866F-4E29-9EEE-80C67C2AA6C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CA5CC65F-1237-472B-958F-05063D3EFFA0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{AB771C5B-C248-43F8-9C8F-FA54FE55B813}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{62DBDA68-8809-40AF-B5AD-B5786BBA1994}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{6400EFA2-753F-414D-A487-C702ED08DA9B}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{9FCA0397-6BD2-4935-9F99-A6A70C31AF51}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{5734FAA4-9845-4B0C-86DB-CE98DA53A738}C:\program files (x86)\asus\armourydevice\asus_framework.exe] => (Allow) C:\program files (x86)\asus\armourydevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [TCP Query User{6775EB6E-E3BF-4E49-98D6-6FC75D70E4D3}C:\program files (x86)\asus\armourydevice\asus_framework.exe] => (Allow) C:\program files (x86)\asus\armourydevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [UDP Query User{6241AE7F-FE08-476C-8A70-2DCBD4543FCF}C:\program files (x86)\asus\armourydevice\asus_framework.exe] => (Allow) C:\program files (x86)\asus\armourydevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [TCP Query User{E16DB997-E755-430A-9AF6-730C272F832E}C:\program files (x86)\asus\armourydevice\asus_framework.exe] => (Allow) C:\program files (x86)\asus\armourydevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{58AF71D0-1561-4159-AB31-D2E5225B42D0}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{B0F94DD4-4920-46F2-9013-D15C4A1C9D78}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{A23DC8D0-63AE-4CDD-BCEE-CEA07B741095}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{080BDFCE-92FB-4ED6-A6D9-D3597CF734CC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{21843558-C240-4505-B93B-2A0358604835}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{F80F3BED-070E-4EF6-A368-FB81EB3ACCE4}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Archivo no firmado]
FirewallRules: [{CAFCCEAA-0529-414D-9CF7-75DADCBF8399}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{3628CE8D-D96F-481B-AA7E-77D114894605}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [TCP Query User{68E404B5-A435-45CF-B7B0-AA0265748FB0}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [UDP Query User{8EB91939-C7F3-4AC5-9F75-7463347C47EA}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [{1A2B91DE-6B41-409F-9003-4F58CB8B9A67}] => (Allow) C:\Users\fjpol\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{AAA2BE2D-635A-4AE4-B760-007F8AC8344D}] => (Block) LPort=14433
FirewallRules: [{8B47DA26-C4D1-43CE-960C-86E82F7FAF02}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{31910F53-F5A5-4411-B56E-38830AA4210D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B2DE0F0-2304-4A1A-A6C0-481F69ABC109}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A269B3E6-B24D-4912-8FE1-80F7FBA37A65}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E2BB7998-DE7B-4A26-AD10-2AFCBF2071BE}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{44077DF5-A572-4F46-B29E-B00DDED156A9}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{52C0837C-CD5A-4BDA-97FF-EE8815DFFE1D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [TCP Query User{6C30794D-FB9E-4BC9-89D1-61EC42327CB5}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F6A18C22-23CA-4F8F-A0F7-80A75DFE5281}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{81ED4CBE-E210-4BE0-A5E2-98D90FA8BB2F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{48DD6832-7A31-4407-8FDD-93121729C24F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> )
FirewallRules: [{D3FAFE6E-B138-49BF-BA7B-49FD263C11C7}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{5957E492-DA5F-4528-B956-A4825F55A3F8}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [TCP Query User{EDA20C01-B9B1-42A8-8076-90EC24162BD8}I:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) I:\games\star wars battlefront\starwarsbattlefront.exe => Ningún archivo
FirewallRules: [UDP Query User{ABE447DC-9BFB-458D-AF85-03C71E007D99}I:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) I:\games\star wars battlefront\starwarsbattlefront.exe => Ningún archivo
FirewallRules: [TCP Query User{32E9217E-35C8-4E1A-B901-17E1A0A1F59B}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{4D188620-FD57-4EA0-9D1F-7AE4EEE84DDF}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{7B6F15E9-0A48-42B2-B3A0-FF448319E05B}] => (Allow) I:\Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{7D1E54CB-C0AF-4001-9C0A-8573E087AD31}] => (Allow) I:\Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{F0C5E662-9FB8-422C-820C-C5D2D651D112}] => (Allow) I:\Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{B521D496-25BF-4B0D-AD71-023059AA07F9}] => (Allow) I:\Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{FB163984-35CD-4A24-8045-BF927BA7E3A1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{979603F8-DF88-4868-902F-8ECE6F8EF007}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E388E487-7238-44B5-8C3D-925A1BC906D6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0B8B484C-0370-47A3-8C73-B8CF3C879094}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{AF3F4E8A-CB3C-4E51-894D-67F37CDC3DCF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B11FA369-9FC3-4656-8CE9-2227218EAD00}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{38921076-E550-41BF-9B6D-E21D1979CB7A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7D6A638F-D77E-4E8F-9E48-3DF6B247151E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{AC2B91A7-B25E-4590-9182-27D6817AFFD5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8E151336-1A46-411A-ABE7-875D9854F0FB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B41E7F55-97F2-4528-B03E-8AC818A07112}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{71948B07-3384-47C9-9958-CA212DA1AB22}] => (Allow) I:\Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{0D87E235-9393-4AC3-926B-94641B83B123}] => (Allow) I:\Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{DE7FCA80-20E8-4048-AB2B-92C9D2617C2A}] => (Allow) I:\Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{6BCF3748-2855-4D50-8D26-745324CAFEFE}] => (Allow) I:\Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{89B6484F-BFB6-4D2E-AFCE-0CA92D02FFB1}I:\games\gtav\gta5.exe] => (Allow) I:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{C23E0C56-A4AA-4A38-9773-71EE32D21646}I:\games\gtav\gta5.exe] => (Allow) I:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{3BE0D3BA-A347-4DF5-9C42-164C83DF57F5}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{C3062095-EB91-415F-9319-3E32DBCAF4A2}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{DDC05FE8-C7F8-4465-ADEF-B6EBBBED9D8D}] => (Allow) I:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Archivo no firmado]
FirewallRules: [{661C5232-DA7D-48F6-AFBB-85B1675D0D63}] => (Allow) I:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{4ADD3FE9-95DA-40B6-ACD8-268705BB573E}I:\steamlibrary\steamapps\common\aim lab\aimlab_tb_data\plugins\x86_64\vuplexwebviewchromium\vuplex webview.vuplex] => (Allow) I:\steamlibrary\steamapps\common\aim lab\aimlab_tb_data\plugins\x86_64\vuplexwebviewchromium\vuplex webview.vuplex () [Archivo no firmado]
FirewallRules: [UDP Query User{16A6E443-873F-488E-8B00-AD3C5420D414}I:\steamlibrary\steamapps\common\aim lab\aimlab_tb_data\plugins\x86_64\vuplexwebviewchromium\vuplex webview.vuplex] => (Allow) I:\steamlibrary\steamapps\common\aim lab\aimlab_tb_data\plugins\x86_64\vuplexwebviewchromium\vuplex webview.vuplex () [Archivo no firmado]
FirewallRules: [{EF9D2B8A-AF82-4D9A-A8F5-206B0F48D8C4}] => (Allow) LPort=26820
FirewallRules: [{5A9AF94A-45F2-47C8-B2EB-906218F47055}] => (Allow) LPort=26822
FirewallRules: [TCP Query User{38B63588-B974-4539-8C1D-06982AC2F39E}I:\games\baldur's gate 3\bin\bg3_dx11.exe] => (Allow) I:\games\baldur's gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{EE9E1D79-8C7E-440D-B79E-6683132E5155}I:\games\baldur's gate 3\bin\bg3_dx11.exe] => (Allow) I:\games\baldur's gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{AE1A3B2A-5D61-462F-9D3A-1223B579EABB}] => (Allow) LPort=32682
FirewallRules: [TCP Query User{8AE2CE00-CAE0-4AEF-93D8-5E0724504919}I:\games\baldur's gate 3\bin\bg3.exe] => (Allow) I:\games\baldur's gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{62E029BF-8666-4359-9556-1019325FC9BD}I:\games\baldur's gate 3\bin\bg3.exe] => (Allow) I:\games\baldur's gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [TCP Query User{22D5A955-11F9-4C79-86FD-5DEA5DB2FF7E}I:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) I:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Ningún archivo
FirewallRules: [UDP Query User{3DD6EAD6-580C-477E-A33B-0E39DEC7A8B2}I:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) I:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Ningún archivo
FirewallRules: [TCP Query User{BB8DB74A-4A67-4C10-8059-67783B08A22A}I:\games\baldur's gate 3 - old version\bin\bg3.exe] => (Allow) I:\games\baldur's gate 3 - old version\bin\bg3.exe => Ningún archivo
FirewallRules: [UDP Query User{90C9AFA3-F23A-44D8-956D-A484D9BB2F17}I:\games\baldur's gate 3 - old version\bin\bg3.exe] => (Allow) I:\games\baldur's gate 3 - old version\bin\bg3.exe => Ningún archivo
FirewallRules: [{E954AC1B-FAEA-48BF-A154-EF4AE0303979}] => (Allow) LPort=57209
FirewallRules: [{84B1BAF0-DD0B-4BF4-9F97-4CF0C9FF9AB6}] => (Allow) LPort=57210
FirewallRules: [{3A77245C-F0EE-4617-ACAC-C363CA362943}] => (Allow) LPort=57211
FirewallRules: [{257FDC10-F52A-4EC1-8E1B-1EBC0AD42B80}] => (Allow) LPort=57212
FirewallRules: [{6467B58C-FD50-4214-BCEE-994DBDD8BEB3}] => (Allow) LPort=57213
FirewallRules: [{A37BD54B-4F88-45C1-A009-3005714B7AC1}] => (Allow) LPort=57214
FirewallRules: [{14A3E8F5-E481-41B0-B511-EDDC474C41A9}] => (Allow) LPort=57215
FirewallRules: [{8D27CF6F-BEF5-4992-88E8-7AF085AE06E8}] => (Allow) LPort=57216
FirewallRules: [{87EEE4E3-531C-4C41-B9BC-488EF16DA44E}] => (Allow) LPort=57217
FirewallRules: [{C05DB826-BF91-42A8-9439-9E23F96F9C51}] => (Allow) LPort=57218
FirewallRules: [{04BBAA4B-7ED1-4BCC-8461-26971FCE0B09}] => (Allow) LPort=57209
FirewallRules: [{33302F12-0228-4CBE-AE42-05BF2829F730}] => (Allow) LPort=57210
FirewallRules: [{ACEFAEE3-BCA3-47C6-8A4D-2B3D5AC37EC9}] => (Allow) LPort=57211
FirewallRules: [{161E499E-C601-4A73-AB97-2E9826F4CC88}] => (Allow) LPort=57212
FirewallRules: [{11AD3506-7016-415D-B63A-D9990FD2E937}] => (Allow) LPort=57213
FirewallRules: [{AB2C29CA-1503-4C1A-8AD9-05CED0968EF7}] => (Allow) LPort=57214
FirewallRules: [{D114CBAA-D5DE-440A-8BE3-A7B778CA2C37}] => (Allow) LPort=57215
FirewallRules: [{DC0B5785-2B92-4182-A75C-83B9192EB04C}] => (Allow) LPort=57216
FirewallRules: [{3E7D14A0-FDE6-427D-85DE-4634E3B71F58}] => (Allow) LPort=57217
FirewallRules: [{9CBAE995-343D-4845-B81D-F18173815577}] => (Allow) LPort=57218
FirewallRules: [TCP Query User{397E43F6-31ED-46F1-BD31-CF2C11A7E8F0}C:\users\fjpol\appdata\local\wondershare\wondershare nativepush\wstoastnotification.exe] => (Allow) C:\users\fjpol\appdata\local\wondershare\wondershare nativepush\wstoastnotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [UDP Query User{46E4F69D-630A-485D-9169-AD24C5421B9D}C:\users\fjpol\appdata\local\wondershare\wondershare nativepush\wstoastnotification.exe] => (Allow) C:\users\fjpol\appdata\local\wondershare\wondershare nativepush\wstoastnotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{2C24FA81-E4A3-4074-8DF3-EEAA4FD813BA}] => (Allow) LPort=23007
FirewallRules: [{C999AFED-2F66-4CC0-8D1A-CD1A68814455}] => (Allow) LPort=23008
FirewallRules: [{82B3624E-87F1-438C-8766-BFE9CF7C6BB1}] => (Allow) LPort=33009
FirewallRules: [{BA20D647-38A0-4963-998F-80A9F14119BC}] => (Allow) LPort=33010
FirewallRules: [{7D542208-7392-4B47-92A8-5350B9FE116A}] => (Allow) LPort=33011
FirewallRules: [{5515DD47-C489-48D9-8C54-8EBBA8CF72FB}] => (Allow) LPort=43012
FirewallRules: [{8B18C899-D8B7-4D5A-8347-6712B25109B0}] => (Allow) LPort=43013
FirewallRules: [{E67EFFDC-B977-47FE-B2B7-BD248129F95A}] => (Allow) LPort=53014
FirewallRules: [{E4509509-50BB-43BF-8F86-A35AAA3C0FB1}] => (Allow) LPort=53015
FirewallRules: [{75E3C211-1573-4D62-AF36-76D5958A5964}] => (Allow) LPort=53016
FirewallRules: [{42090CAD-1D59-4645-8A95-3B449DC0C962}] => (Allow) LPort=23007
FirewallRules: [{D3E06748-4584-4BE3-8AE4-19E7BA888AB9}] => (Allow) LPort=23008
FirewallRules: [{D52456AC-E6FF-4CC9-90AF-72F8CBF0046A}] => (Allow) LPort=33009
FirewallRules: [{940375FE-A14D-46ED-9406-FD47F1FB9AC5}] => (Allow) LPort=33010
FirewallRules: [{880CCB4D-1D77-4583-B589-CEA1F6DCA781}] => (Allow) LPort=33011
FirewallRules: [{D7EFE83C-6680-443E-AE52-C051904A5A37}] => (Allow) LPort=43012
FirewallRules: [{B259C2F2-8593-40EF-B7EB-1FFBF0DC6F26}] => (Allow) LPort=43013
FirewallRules: [{2D9215A2-8CBC-4420-8B00-60883EC4028B}] => (Allow) LPort=53014
FirewallRules: [{B71E65B8-4AE3-4A89-ACC9-38C490DA6BA0}] => (Allow) LPort=53015
FirewallRules: [{EA91BF3F-B376-4117-B41D-CC3E5AB10D53}] => (Allow) LPort=53016
FirewallRules: [{0EB423A1-2520-4C6B-8756-E334C539F3DD}] => (Allow) LPort=50053
FirewallRules: [{CE599C09-1580-4107-8F36-AD521CF66F49}] => (Allow) LPort=50053
FirewallRules: [{8CB339B9-124D-489A-83E5-D58198039491}] => (Allow) C:\Users\fjpol\AppData\Roaming\ACEStream\engine\ace_engine.exe (Innovative Digital Technologies, LLC -> Innovative Digital Technologies)
FirewallRules: [{7AB4CB5B-0444-4016-B3E1-A396C0A03C2D}] => (Allow) C:\Users\fjpol\AppData\Roaming\ACEStream\engine\ace_engine.exe (Innovative Digital Technologies, LLC -> Innovative Digital Technologies)
FirewallRules: [{F49475DC-BC89-4856-9813-D7015786976B}] => (Allow) I:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{248002BE-6555-4A7D-838E-EA17299B228F}] => (Allow) I:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{348FB817-6650-4994-9387-90ED5328257B}C:\users\fjpol\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\fjpol\appdata\roaming\acestream\engine\ace_engine.exe (Innovative Digital Technologies, LLC -> Innovative Digital Technologies)
FirewallRules: [UDP Query User{FDB491AF-8E42-45D6-9CC6-996FB8F7C9AA}C:\users\fjpol\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\fjpol\appdata\roaming\acestream\engine\ace_engine.exe (Innovative Digital Technologies, LLC -> Innovative Digital Technologies)
FirewallRules: [{F8E50AF4-DD94-4A2A-8F94-586483C9085F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{475F5D8C-2470-4FCF-A4D8-102E43D04752}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{84C48A66-29F2-46AF-9A70-708922F3E46C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C990B5A5-BBE4-450B-A4E2-32841E371242}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{A33DF1F9-1B45-4071-A799-5D0F88D44A85}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{625B5C9D-F027-4F8E-A156-3CAC8E13A7CB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E528D89B-57D2-4204-842E-6D0B64CC0001}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{01DC4E59-6B5C-465A-BC98-071302E26A1A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C783F265-1EBE-4444-8D0D-C51F07D0516E}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{5098975D-784E-43BC-9B09-8603FB2F03C5}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{EBE39D31-145C-4CE6-94F5-0197862A0594}] => (Allow) C:\Program Files\Opera GX\104.0.4944.74\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{64AB571A-C46E-44C4-B0DD-E87AA1B22872}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{6FEDF898-DDCF-4E69-9093-FEA5AD84086E}] => (Allow) C:\Program Files\Opera GX\104.0.4944.80\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{59A50D08-6D87-4B94-BA27-0BC80BAA79A3}C:\program files\opera gx\opera.exe] => (Allow) C:\program files\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{27713080-A28E-4CDC-929F-F7B933CC57C9}C:\program files\opera gx\opera.exe] => (Allow) C:\program files\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{F35D3785-688C-49CF-9061-941DD179851D}C:\program files\opera gx\opera.exe] => (Allow) C:\program files\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{50888568-0540-4792-A7F3-39742F498EFF}C:\program files\opera gx\opera.exe] => (Allow) C:\program files\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{4535F974-7F3D-4539-88BB-E49C0DAA674D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7739961-7C0D-4B6A-90DF-5EEB182C6545}] => (Allow) LPort=32683
FirewallRules: [{811EB281-536D-438D-AB37-B830ABC54018}] => (Allow) LPort=26822

==================== Puntos de Restauración =========================

14-11-2023 19:25:26 Instalador de Módulos de Windows
16-11-2023 12:22:39 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532
24-11-2023 06:33:44 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Concentrador USB genérico
Description: Concentrador USB genérico
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Concentradores USB estándar)
Service: USBHUB3
Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (12/02/2023 04:23:56 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Error del Servicio de instantáneas de volumen: error al crear la clase de proveedor de instantáneas COM con Id. {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80110802].


Operación:
   Obtener una interfaz disponible para este proveedor
   Mostrar lista de interfaces de todos los proveedores compatibles con este contexto
   Eliminar instantáneas

Contexto:
   Id. de proveedor: {02029a6e-d74a-4ecd-ba26-c12be9323128}
   Id. de clase: {e5b50e88-1fd9-4123-bdad-d0e79026fa55}
   Contexto de instantánea: -1
   Contexto de instantánea: -1
   Contexto de ejecución: Coordinator

Error: (12/02/2023 04:23:56 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} y el nombre SW_PROV no puede iniciarse. [0x80110802]


Operación:
   Obtener una interfaz disponible para este proveedor
   Mostrar lista de interfaces de todos los proveedores compatibles con este contexto
   Eliminar instantáneas

Contexto:
   Id. de proveedor: {02029a6e-d74a-4ecd-ba26-c12be9323128}
   Id. de clase: {e5b50e88-1fd9-4123-bdad-d0e79026fa55}
   Contexto de instantánea: -1
   Contexto de instantánea: -1
   Contexto de ejecución: Coordinator

Error: (12/02/2023 04:23:56 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Error del Servicio de instantáneas de volumen: error al crear la clase de proveedor de instantáneas COM con Id. {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80110802].


Operación:
   Obtener una interfaz disponible para este proveedor
   Mostrar lista de interfaces de todos los proveedores compatibles con este contexto
   Obtener propiedades de instantánea
   Eliminar instantáneas

Contexto:
   Id. de proveedor: {02029a6e-d74a-4ecd-ba26-c12be9323128}
   Id. de clase: {e5b50e88-1fd9-4123-bdad-d0e79026fa55}
   Contexto de instantánea: -1
   Contexto de instantánea: -1
   Contexto de ejecución: Coordinator
   Contexto de ejecución: Coordinator

Error: (12/02/2023 04:23:56 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} y el nombre SW_PROV no puede iniciarse. [0x80110802]


Operación:
   Obtener una interfaz disponible para este proveedor
   Mostrar lista de interfaces de todos los proveedores compatibles con este contexto
   Obtener propiedades de instantánea
   Eliminar instantáneas

Contexto:
   Id. de proveedor: {02029a6e-d74a-4ecd-ba26-c12be9323128}
   Id. de clase: {e5b50e88-1fd9-4123-bdad-d0e79026fa55}
   Contexto de instantánea: -1
   Contexto de instantánea: -1
   Contexto de ejecución: Coordinator
   Contexto de ejecución: Coordinator

Error: (12/02/2023 04:23:56 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Error del Servicio de instantáneas de volumen: error al crear la clase de proveedor de instantáneas COM con Id. {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80110802].


Operación:
   Obtener una interfaz disponible para este proveedor
   Mostrar lista de interfaces de todos los proveedores compatibles con este contexto
   Consultar instantáneas

Contexto:
   Id. de proveedor: {02029a6e-d74a-4ecd-ba26-c12be9323128}
   Id. de clase: {e5b50e88-1fd9-4123-bdad-d0e79026fa55}
   Contexto de instantánea: -1
   Contexto de instantánea: -1
   Contexto de ejecución: Coordinator

Error: (12/02/2023 04:23:56 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} y el nombre SW_PROV no puede iniciarse. [0x80110802]


Operación:
   Obtener una interfaz disponible para este proveedor
   Mostrar lista de interfaces de todos los proveedores compatibles con este contexto
   Consultar instantáneas

Contexto:
   Id. de proveedor: {02029a6e-d74a-4ecd-ba26-c12be9323128}
   Id. de clase: {e5b50e88-1fd9-4123-bdad-d0e79026fa55}
   Contexto de instantánea: -1
   Contexto de instantánea: -1
   Contexto de ejecución: Coordinator

Error: (12/02/2023 04:23:56 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Error del Servicio de instantáneas de volumen: error al crear la clase de proveedor de instantáneas COM con Id. {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80110802].


Operación:
   Obtener una interfaz disponible para este proveedor
   Mostrar lista de interfaces de todos los proveedores compatibles con este contexto
   Consultar instantáneas

Contexto:
   Id. de proveedor: {02029a6e-d74a-4ecd-ba26-c12be9323128}
   Id. de clase: {e5b50e88-1fd9-4123-bdad-d0e79026fa55}
   Contexto de instantánea: -1
   Contexto de instantánea: -1
   Contexto de ejecución: Coordinator

Error: (12/02/2023 04:23:56 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} y el nombre SW_PROV no puede iniciarse. [0x80110802]


Operación:
   Obtener una interfaz disponible para este proveedor
   Mostrar lista de interfaces de todos los proveedores compatibles con este contexto
   Consultar instantáneas

Contexto:
   Id. de proveedor: {02029a6e-d74a-4ecd-ba26-c12be9323128}
   Id. de clase: {e5b50e88-1fd9-4123-bdad-d0e79026fa55}
   Contexto de instantánea: -1
   Contexto de instantánea: -1
   Contexto de ejecución: Coordinator


Errores del sistema:
=============
Error: (12/02/2023 03:08:33 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.

Error: (12/01/2023 09:31:28 PM) (Source: DCOM) (EventID: 10010) (User: INFRARED)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/01/2023 08:58:39 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.

Error: (12/01/2023 09:18:33 AM) (Source: DCOM) (EventID: 10010) (User: INFRARED)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/01/2023 06:34:45 AM) (Source: DCOM) (EventID: 10010) (User: INFRARED)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/01/2023 05:50:45 AM) (Source: DCOM) (EventID: 10010) (User: INFRARED)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/30/2023 11:59:52 PM) (Source: DCOM) (EventID: 10010) (User: INFRARED)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/30/2023 09:07:53 PM) (Source: DCOM) (EventID: 10010) (User: INFRARED)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
================
Date: 2023-09-14 20:11:28
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/OfferCore&threatid=311999&enterprise=0
Nombre: PUADlManager:Win32/OfferCore
Id.: 311999
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Users\fjpol\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_0049b9
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: INFRARED\fjpol
Nombre de proceso: C:\Program Files\Opera GX\opera.exe
Versión de inteligencia de seguridad: AV: 1.397.939.0, AS: 1.397.939.0, NIS: 1.397.939.0
Versión de motor: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

Date: 2023-09-03 08:07:24
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/OfferCore&threatid=311999&enterprise=0
Nombre: PUADlManager:Win32/OfferCore
Id.: 311999
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Users\fjpol\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_023ade
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: INFRARED\fjpol
Nombre de proceso: C:\Program Files\Opera GX\opera.exe
Versión de inteligencia de seguridad: AV: 1.397.211.0, AS: 1.397.211.0, NIS: 1.397.211.0
Versión de motor: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

Date: 2023-07-20 21:11:19
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {F3D3307E-2F5A-47F6-9755-0CCF1CE7DEDA}
Tipo de examen: Antimalware
Parámetros de examen: Examen completo
Usuario: INFRARED\fjpol

Date: 2023-07-20 19:53:28
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {76812EAE-FBB5-4614-967B-D516865D4A85}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: INFRARED\fjpol

Date: 2023-07-01 20:09:13
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {AB6E84C8-40D7-4A32-B5AB-52A1D1E214F1}
Tipo de examen: Antimalware
Parámetros de examen: Examen completo
Usuario: INFRARED\fjpol
Event[0]:

Date: 2023-08-30 15:00:46
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Copia de seguridad
Código de error: 0x80004004
Descripción del error: Operación anulada 
Versión de inteligencia de seguridad: 1.395.1599.0;1.395.1599.0
Versión del motor: 1.1.23070.1005

Date: 2023-08-30 15:00:45
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80004004
Descripción del error: Operación anulada 
Versión de inteligencia de seguridad: 1.397.29.0;1.397.29.0
Versión del motor: 1.1.23080.2005

Date: 2023-08-25 13:18:07
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.395.1274.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.23070.1005
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2023-08-04 14:15:19
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.393.2223.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.23060.1005
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2023-07-14 16:13:40
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Copia de seguridad
Código de error: 0x80004004
Descripción del error: Operación anulada 
Versión de inteligencia de seguridad: 1.391.3493.0;1.391.3493.0
Versión del motor: 1.1.23050.3

CodeIntegrity:
===============
Date: 2023-12-02 15:19:22
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2023-12-02 15:09:17
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 2004 11/02/2021
Placa base: ASUSTeK COMPUTER INC. ROG STRIX Z390-F GAMING
Procesador: Intel(R) Core(TM) i7-9700K CPU @ 3.60GHz
Porcentaje de memoria en uso: 50%
RAM física total: 16295.42 MB
RAM física disponible: 8072.2 MB
Virtual total: 32679.42 MB
Virtual disponible: 20547.92 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:464.5 GB) (Free:212.15 GB) (Model: Samsung SSD 860 EVO 500GB) NTFS
Drive d: (WD Caviar ) (Fixed) (Total:3725.9 GB) (Free:265.84 GB) (Model: WDC WD40EZRX-22SPEB0) NTFS
Drive e: (Seagate Barracuda) (Fixed) (Total:3725.9 GB) (Free:372.53 GB) (Model: ST4000DM000-2AE166) NTFS
Drive f: (Seagate Expansion) (Fixed) (Total:5588.9 GB) (Free:481.02 GB) (Model: Seagate Expansion Desk SCSI Disk Device) NTFS
Drive g: () (CDROM) (Total:0 GB) (Free:0 GB) 
Drive i: (Crucial) (Fixed) (Total:1863 GB) (Free:355.01 GB) (Model: CT2000P3PSSD8) NTFS

\\?\Volume{842c3d69-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{842c3d69-0000-0000-0000-303f74000000}\ () (Fixed) (Total:0.77 GB) (Free:0.23 GB) NTFS
\\?\Volume{c114a37b-2aea-11eb-ab2e-04d4c4ab0e87}\ () () (Total:0 GB) (Free:0 GB) 

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 24F4E5A2)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 842C3D69)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=792 MB) - (Type=27)

==========================================================
Disk: 3 (Size: 3726 GB) (Disk ID: 003F4C41)

Partition: GPT.

==========================================================
Disk: 4 (Size: 5589 GB) (Disk ID: 24C1849F)

Partition: GPT.

==================== Final de Addition.txt =======================

Un Saludo

Hola buenas @Ouroboros

Primero de todo, disculpa en que haya tardado en responder. Pues han sucedido una serie de contratiempos que han hecho que no pudiese responder durante casi un mes aprox.

Pues:

• He estado enfermo varias semanas/días.
• He tenido problemas familiares/personales.
• Estas fechas festivas de navidad, uno tiene muchas cosas que hacer.
• Tengo también mucha carga laboral/trabajos.
• El foro tuvo una serie de problemas técnicos hace un par de semanas y también estuvo caído varios días, pero ya se ha arreglado casi todo.

¿Sigues necesitando ayuda acerca del problema qué comentaste inicialmente en este tema?

Si es así, dímelo y por mi parte a partir del 16 de Enero podré seguir atendiendo tu caso. Puede que antes, pero el 16 de Enero. Seguro.

Salu2.

Hola, buenas @Ouroboros

¿Sigues necesitando ayuda acerca del problema qué comentaste inicialmente en este tema?

Si es así, dímelo y atenderé tu caso en cuando buenamente pueda.

Salu2.

Buenas, @Marr0n

Pues no he tenido problemas de perder alguna cuenta o algo así… Pero sigue habiendo intentos constantes de entrar en algunas de mis cuentas sobre todo en la de microsoft.

8UjQHUP1549×861 29.4 KB

y bueno lo del móvil y la grabadora externa me sigue pasando tampoco es algo que use mucho pero bueno si puedes ayudarme además con eso te lo agradezco.

Te envié algunos reportes pero no mencionaste nada no sé si pudiste sacar algo en claro.

Un Saludo.

Hola buenas @Ouroboros

Referente a:

Con esto poco podemos hacer si tu email (la dirección de email) está en posesión de los cibercriminales y quieren ir probando accesos aleatorios… poco podemos hacer para impedírselo.

Ya tienes una contraseña nueva, te recomiendo que sea lo más robusta posible. No recuerdo, pero sino que lo has hecho activa el 2FA de todas tus cuentas, es decir, el factor de doble autenticación, para aumentar la seguridad de estas.

No sé hasta qué punto podrías hablar con soporte de microsoft y les comentas lo que sucedió con tu cuenta de email, les dices genéricamente que acciones has realizado:

Ya tienes una contraseña nueva, te recomiendo que sea lo más robusta posible. No recuerdo, pero sino que lo has hecho activa el 2FA de todas tus cuentas, es decir, el factor de doble autenticación, para aumentar la seguridad de estas.

Y comentarles si te aconsejan o no seguir con la cuenta de email y que constantemente estás recibiendo intentos de inicio de sesión que no son tuyos, pero todos ellos sin éxito.

OK.

No tuve tiempo y no los mire, la verdad. Tráeme logs frescos, ya que tienen bastante tiempo.

Salu2.