Virus doble acento

Hola buenas tardes.

Necesito ayuda con un posible virus que hace que escriba doble acento tanto " ´´ " como " `` ". He probado con Malwarebytes, Adwarecleaner, el Antivirus de Windows 11 y no hay manera. Lo que he notado es que cuando reinicio mi ordenador, soy capaz de escribir una tilde los 30 segundos posteriores al reinicio, luego de esto son dobles.

Voy a poner un poco de contexto de mi ordenador por si sirve de ayuda o es util en el hilo.

En disco C guardo los programas que uso y las funcionalidades de Windows, disco D es para juegos y guardo los instaladores y programas portables y disco E juegos de Steam.

Otra duda es, en el hipotetico caso de ser infectado con algo. ¿Debo cambiar contraseñas de todas mis cuentas aunque no haya notado nada?

Un saludo y gracias de antemano.

image Malwarebytes me avisa de que hay un sitio web bloqueado por malware.

Añado los logs que me han salido con FRST.

FRST.txt

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 09.06.2024
Ejecutado por jorge (administrador) sobre DESKTOP-H975GEV (Micro-Star International Co., Ltd. MS-7C80) (09-06-2024 17:39:53)
Ejecutado desde C:\Users\jorge\Desktop\FRST64.exe
Perfiles cargados: jorge & Administrador
Plataforma: Microsoft Windows 11 Pro Versión 23H2 22631.3672 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(C:\Windows\SysWOW64\cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
(D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) D:\Oculus\Support\oculus-runtime\OVRRedir.exe
(D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) D:\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Cameron Gutman -> Moonlight Game Streaming Project) C:\Program Files (x86)\Moonlight Internet Hosting Tool\miss.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe
(services.exe ->) (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(services.exe ->) (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <5>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_23954e33c8a39da4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1803724721d1a34c\RtkAudUService64.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1803724721d1a34c\RtkAudUService64.exe [1945544 2024-02-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MsmqIntCert] => "C:\WINDOWS\System32\regsvr32.exe" /s "C:\WINDOWS\System32\mqrt.dll" [241664 2024-03-01] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [HuionTablet] => C:\Program Files\HuionTablet\HuionTablet.exe [5827608 2024-03-22] (Shenzhen Huion Trend Technology Co.,LTD -> ShenZhen Huion Animation Technology Co.Ltd.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2265096 2023-05-26] (voidtools -> voidtools)
HKLM-x32\...\Run: [HuionTablet] => C:\Program Files\HuionTablet\HuionTablet.exe [5827608 2024-03-22] (Shenzhen Huion Trend Technology Co.,LTD -> ShenZhen Huion Animation Technology Co.Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [7811960 2024-03-25] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [44975656 2024-02-23] (NGWIN Software co. -> NGWIN)
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-12-06] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3580352 2024-06-05] (Skutta Software GmbH -> )
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\Run: [MicrosoftEdgeAutoLaunch_80D287FEB234B8893328BFC5AFC360F1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136912 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\jorge\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2024-05-08] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\MountPoints2: {09a03b6f-c8ce-11ee-b0f9-d8bbc14ebbca} - "L:\autorun.exe" 
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\MountPoints2: {09a04063-c8ce-11ee-b0f9-d8bbc14ebbca} - "L:\autorun.exe" 
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\MountPoints2: {49af5825-f891-11ee-b14c-d8bbc14ebbca} - "H:\LuckyCosplay.exe" 
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\MountPoints2: {581236ee-4f53-11ee-afee-d8bbc14ebbca} - "L:\setup.exe" 
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\MountPoints2: {9d5648bd-2d8e-11ee-afa2-d8bbc14ebbca} - "L:\setup.exe" 
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\MountPoints2: {9d56499d-2d8e-11ee-afa2-d8bbc14ebbca} - "L:\autorun.exe" 
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\MountPoints2: {a45745e7-c8e3-11ee-b0fa-d8bbc14ebbca} - "H:\autorun.exe" 
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\MountPoints2: {c769b70c-c8b7-11ee-b0f8-d8bbc14ebbca} - "L:\autorun.exe" 
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\MountPoints2: {da1e15a5-2f0f-11ee-afa7-d8bbc14ebbca} - "L:\Setup.exe" 
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\MountPoints2: {fd0923eb-cd73-11ee-b105-d8bbc14ebbca} - "H:\setup.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\chrmstp.exe [2024-06-04] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenRGB.exe.lnk [2023-12-08]
ShortcutTarget: OpenRGB.exe.lnk -> D:\Programas descargados\OpenRGB Windows 64-bit\OpenRGB.exe () [Archivo no firmado]
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {46A326EF-B7B6-4D3E-9E1A-AA1B148AFD71} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2024-05-10] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {727322A8-F7F3-4175-8208-F284861E470B} - System32\Tasks\Chrome-Reporting Task-dhtdxtiz => c:\windows\system32\cmd.exe [323584 2024-05-30] (Microsoft Windows -> Microsoft Corporation) -> /c start /min powershell.exe -NoProfile -WindowStyle Hidden -Command "Start-Process -FilePath 'C:\Windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe' -ArgumentList 'C:\Users\jorge\zdhtdxtiz\dhtdxtiz.csproj', '/t:dhtdxtiz' -WindowStyle Hidden" <==== ATENCIÓN
Task: {6DF1E629-E716-45C2-871C-801B48497254} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{636571F8-A01F-46A6-BCE9-0F0B05F8C338} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {813F2810-7320-41E7-8B67-1920DCD1F88B} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2064744 2021-01-19] (Intel(R) Production Software -> Intel Corporation)
Task: {C71446A6-39D9-4C2D-A1E8-39E1B2B226D3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe  --automatic (Ningún archivo)
Task: {3426A9EE-BACD-418F-9BFC-30F89E8AAE1B} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => c:\windows\system32\rundll32.exe [73728 2024-04-23] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Ningún archivo)
Task: {58E3F04A-83E9-4214-99BB-4B8027A70BE1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe  LogonUpdateResults (Ningún archivo)
Task: {7E987616-66C8-4BD5-B87F-C1D04180EE02} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC ReadyToReboot (Ningún archivo)
Task: {80FE8323-883F-4972-A307-F2B824B9F917} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery ReadyToReboot (Ningún archivo)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Ningún archivo)
Task: {9556AB3B-4B15-4C55-A8BF-CF5EDAC0A995} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1628AE0C-B135-4FC1-B284-1D013F5847C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E713DFD6-DA70-48BF-BAE2-3E12D185965A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC300485-5272-4921-AE1B-38C4E9C8BB9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6444C593-D8BA-46ED-B2DD-A4A8045192A2} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-06-03] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {ED97A705-D173-422E-8AAC-8E773FDAEAE7} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1896488798-3670652003-289040072-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-06-03] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {15DBF4E7-9BD8-4F65-9339-EA216C40F876} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-06-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {4CD55B34-7922-48B8-97A7-B9F5FCF6818C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2023-04-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {A300D5F3-7B9A-433E-B5D6-D38FE96FC30A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D377204B-6A55-4FA7-84B6-CED083F62D12} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {76AA49CF-6DDF-4108-B2A4-BBC30CA56E0C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {244790E8-A551-483A-BFBC-A969F2356439} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AD0645F-CB6B-403D-8FE4-CE069AB27B60} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34E55FB5-7122-4ED1-BDDF-A80D2437F6F4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80E876DA-1B2C-4EEA-954A-AB392BCCCCF4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {111CF340-B030-42C3-9646-758D173C69A6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EEB4908D-F276-4300-80FC-2D916F526B60} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0B50FCA8-CF14-4406-AC88-24175AE8F944} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [525696 2024-03-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {45DCF970-9272-4322-9957-F723AC6CD149} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [140405056 2024-03-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\--disable-gpu-sandbox /AUTOHIDE

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\..\Interfaces\{1185dac6-2da6-404f-98ec-12504d45e179}: [DhcpNameServer] 212.230.135.1 212.230.135.2
Tcpip\..\Interfaces\{1185dac6-2da6-404f-98ec-12504d45e179}: [DhcpDomain] Home

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\jorge\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-09]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\jorge\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-08]
Edge Extension: (Edge relevant text changes) - C:\Users\jorge\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: jp5epsqf.default
FF ProfilePath: C:\Users\jorge\AppData\Roaming\Mozilla\Firefox\Profiles\jp5epsqf.default [2022-03-17]
FF ProfilePath: C:\Users\jorge\AppData\Roaming\Mozilla\Firefox\Profiles\ktbg8yvg.default-release [2024-06-09]
FF Notifications: Mozilla\Firefox\Profiles\ktbg8yvg.default-release -> hxxps://colab.research.google.com
FF Extension: (nazeka) - C:\Users\jorge\AppData\Roaming\Mozilla\Firefox\Profiles\ktbg8yvg.default-release\Extensions\[email protected] [2021-07-12]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2021-07-13] (Adobe Systems Incorporated -> )

Chrome: 
=======
CHR Profile: C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default [2024-06-09]
CHR Extension: (Pixiv Toolkit) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajlcnbbeidbackfknkgknjefhmbngdnj [2023-11-18]
CHR Extension: (uBlock Origin) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-23]
CHR Extension: (Clipboard Inserter) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\deahejllghicakhplliloeheabddjajm [2023-11-18]
CHR Extension: (Return YouTube Dislike) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2024-04-18]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-03]
CHR Extension: (Download with JDownloader) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpmbokkdeapjommajdfmmheiiakdlgo [2023-11-18]
CHR Extension: (Image Search Options) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljmejbpilkadikecejccebmccagifhl [2023-11-18]
CHR Extension: (Yomitan) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\likgccmbimhjbgkjambclfkhldnlhbnn [2024-06-09]
CHR Extension: (TabCopy) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\micdllihgoppmejpecmkilggmaagfdmb [2024-02-02]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-18]
CHR Extension: (Yomichan) - C:\Users\jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogmnaimimemjmbakcfefmnahgdfhfami [2023-11-18]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18681128 2024-06-06] (BattlEye Innovations e.K. -> )
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761664 2024-03-14] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [960752 2024-03-29] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 Everything; C:\Program Files\Everything\Everything.exe [2265096 2023-05-26] (voidtools -> voidtools)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2350048 2023-10-25] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-10-25] (GOG  sp. z o.o -> GOG.com)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GSv6FwdSvc; C:\Program Files (x86)\Moonlight Internet Hosting Tool\GSv6Fwd.exe [35048 2023-08-26] (Cameron Gutman -> Moonlight Game Streaming Project)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [4920184 2024-03-25] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10209536 2023-02-23] (Logitech Inc -> Logitech, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe [9903656 2024-04-18] (Logitech Inc -> Logitech, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887344 2024-05-20] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-20] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MISS; C:\Program Files (x86)\Moonlight Internet Hosting Tool\miss.exe [40168 2023-08-26] (Cameron Gutman -> Moonlight Game Streaming Project)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_23954e33c8a39da4\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-06-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OVRLibraryService; D:\Oculus\Support\oculus-librarian\OVRLibraryService.exe [148024 2024-05-14] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [418360 2024-05-14] (Oculus VR, LLC -> Facebook Technologies, LLC)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.2.11\ProtonVPNService.exe [474824 2024-03-27] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.WireGuardService.exe [474312 2024-02-01] (Proton AG -> ProtonVPN)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [445760 2024-03-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16971576 2023-03-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R1 bdvpn_netfilter; C:\WINDOWS\System32\drivers\bdvpn_netfilter.sys [94600 2021-09-16] (Pango Inc. -> Pango Inc)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [394176 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 CEDRIVER73; C:\Program Files\Cheat Engine 7.5\dbk64.sys [118016 2023-09-01] (Cheat Engine -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2021-09-19] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2021-09-19] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [607400 2022-02-16] (Intel Corporation -> Intel Corporation)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218608 2024-05-30] (Microsoft Windows -> Microsoft Corporation)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2021-07-26] (Windows (R) Win 7 DDK provider) [Archivo no firmado]
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-22] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-22] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray.sys [98864 2024-04-18] (Logitech Inc -> Logitech, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223184 2024-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-11-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-06-03] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [73400 2024-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2022-09-30] (Oculus VR, LLC -> Facebook Inc.)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.2.11\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)
S3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2021-09-21] (Famatech Corp. -> Famatech Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2021-09-16] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2023-02-09] (Windscribe Limited -> The OpenVPN Project)
U5 UnlockerDriver5; D:\Programas descargados\unlocker1.9.0-portable\x64\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2023-10-27] (Microsoft Windows -> )
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [20496 2024-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 VoiceAIDriver; C:\WINDOWS\System32\DriverStore\FileRepository\voiceaidriver.inf_amd64_214d6aacf9c41414\voiceaidriver.sys [73616 2023-06-20] (Voice AI LLC -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2023-02-09] (Windscribe Limited -> WireGuard LLC)
R2 WinRing0x64; C:\WINDOWS\System32\Drivers\WinRing0x64.sys [14544 2023-01-07] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-09-29] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-02-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 zttap300; C:\WINDOWS\System32\drivers\zttap300.sys [31744 2020-11-24] (Microsoft Windows Hardware Compatibility Publisher -> ZeroTier Networks LLC)
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
S3 VBAudioVACMME; \SystemRoot\System32\drivers\vbaudio_cable64_win7.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2024-06-09 17:39 - 2024-06-09 17:40 - 000035865 _____ C:\Users\jorge\Desktop\FRST.txt
2024-06-09 17:35 - 2024-06-09 17:35 - 000001272 _____ C:\Users\jorge\Desktop\ESET Online Scanner.lnk
2024-06-09 17:14 - 2024-06-09 17:14 - 000000253 _____ C:\Users\jorge\Downloads\DelFix.txt
2024-06-09 17:12 - 2024-06-09 17:12 - 000000000 ____D C:\WINDOWS\ERUNT
2024-06-09 17:11 - 2024-06-09 17:11 - 000797760 _____ C:\Users\jorge\Downloads\delfix_1.013 (1).exe
2024-06-09 16:47 - 2024-06-09 17:39 - 000001378 _____ C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-06-09 16:47 - 2024-06-09 16:47 - 000000000 ____D C:\Users\jorge\AppData\Local\ESET
2024-06-09 16:33 - 2024-06-09 16:47 - 000000000 ____D C:\ProgramData\HitmanPro
2024-06-09 16:31 - 2024-06-09 16:31 - 014287912 _____ (Sophos B.V.) C:\Users\jorge\Downloads\HitmanPro_x64.exe
2024-06-09 16:30 - 2024-06-09 16:30 - 008389496 _____ (ESET) C:\Users\jorge\Downloads\qqq.exe
2024-06-09 15:27 - 2024-06-09 15:27 - 000797760 _____ C:\Users\jorge\Downloads\delfix_1.013.exe
2024-06-09 15:16 - 2024-06-09 15:16 - 000887368 _____ C:\WINDOWS\system32\perfh00A.dat
2024-06-09 15:16 - 2024-06-09 15:16 - 000510266 _____ C:\WINDOWS\system32\perfh011.dat
2024-06-09 15:16 - 2024-06-09 15:16 - 000195864 _____ C:\WINDOWS\system32\perfc00A.dat
2024-06-09 15:16 - 2024-06-09 15:16 - 000157970 _____ C:\WINDOWS\system32\perfc011.dat
2024-06-09 14:03 - 2024-06-09 14:03 - 003364512 _____ (Nicolas Coolman) C:\Users\jorge\Downloads\ZHPCleaner.exe
2024-06-09 13:24 - 2024-06-09 17:14 - 000076305 _____ C:\Users\jorge\Downloads\Addition.txt
2024-06-09 13:22 - 2024-06-09 17:40 - 000000000 ____D C:\FRST
2024-06-09 13:22 - 2024-06-09 17:39 - 000021045 _____ C:\Users\jorge\Downloads\FRST.txt
2024-06-09 13:22 - 2024-06-09 13:22 - 002395136 _____ (Farbar) C:\Users\jorge\Desktop\FRST64.exe
2024-06-09 12:14 - 2024-06-09 12:14 - 000000000 ____D C:\_DT-Kill
2024-06-09 01:06 - 2024-06-09 01:06 - 000000000 ____D C:\Users\jorge\AppData\Local\egroj
2024-06-09 01:05 - 2024-06-09 01:05 - 000003818 _____ C:\WINDOWS\system32\Tasks\Chrome-Reporting Task-dhtdxtiz
2024-06-09 01:05 - 2024-06-09 01:05 - 000000000 ____D C:\Users\jorge\zdhtdxtiz
2024-06-09 01:05 - 2024-06-09 01:05 - 000000000 ____D C:\Users\jorge\AppData\Local\Yandex
2024-06-08 20:43 - 2024-06-08 20:43 - 000000000 ____D C:\Users\jorge\Downloads\Hifumi date valentine
2024-06-08 00:38 - 2024-06-08 00:38 - 000000000 ____D C:\Users\jorge\AppData\LocalLow\SKYBOX STUDIO
2024-06-05 19:03 - 2024-06-05 20:25 - 000000000 ____D C:\Users\jorge\temp
2024-06-04 23:49 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2024-06-04 23:24 - 2024-06-02 20:28 - 002031376 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-06-04 23:24 - 2024-06-02 20:28 - 002031376 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-06-04 23:24 - 2024-06-02 20:28 - 001578768 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-06-04 23:24 - 2024-06-02 20:28 - 001578768 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-06-04 23:24 - 2024-06-02 20:28 - 001295120 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-06-04 23:24 - 2024-06-02 20:28 - 001295120 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-06-04 23:24 - 2024-06-02 20:27 - 001445136 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-06-04 23:24 - 2024-06-02 20:27 - 001445136 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-06-04 23:24 - 2024-06-02 20:27 - 000477720 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-06-04 23:24 - 2024-06-02 20:27 - 000374832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-06-04 23:24 - 2024-06-02 20:24 - 001068568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-06-04 23:24 - 2024-06-02 20:24 - 000670256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-06-04 23:24 - 2024-06-02 20:24 - 000505896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-06-04 23:24 - 2024-06-02 20:23 - 002178688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-06-04 23:24 - 2024-06-02 20:23 - 001547912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-06-04 23:24 - 2024-06-02 20:23 - 001203864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-06-04 23:24 - 2024-06-02 20:23 - 000847896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-06-04 23:24 - 2024-06-02 20:22 - 001630360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-06-04 23:24 - 2024-06-02 20:22 - 001033368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-06-04 23:24 - 2024-06-02 20:22 - 000796312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-06-04 23:24 - 2024-06-02 20:22 - 000459816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-06-04 23:24 - 2024-06-02 20:21 - 016117808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-06-04 23:24 - 2024-06-02 20:21 - 013007512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-06-04 23:24 - 2024-06-02 20:21 - 006914072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-06-04 23:24 - 2024-06-02 20:21 - 005913648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-06-04 23:24 - 2024-06-02 20:21 - 005867032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-06-04 23:24 - 2024-06-02 20:21 - 003788312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-06-04 23:24 - 2024-06-02 20:20 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-06-04 23:24 - 2024-06-02 20:19 - 007060272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-06-04 23:24 - 2024-06-02 20:19 - 006141096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-06-04 23:24 - 2024-06-02 05:42 - 000123973 _____ C:\WINDOWS\system32\nvinfo.pb
2024-06-04 19:44 - 2022-09-30 05:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2024-06-03 20:26 - 2024-06-03 20:26 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-06-03 19:29 - 2024-06-03 19:31 - 000000000 ____D C:\Users\Public\PikPak
2024-06-03 19:29 - 2024-06-03 19:29 - 000000000 ____D C:\Users\jorge\AppData\Roaming\Electron
2024-06-03 19:29 - 2024-06-03 19:29 - 000000000 ____D C:\Users\jorge\AppData\Local\pikpak-updater
2024-06-03 19:22 - 2024-06-04 07:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-06-02 00:43 - 2024-06-02 00:43 - 000000000 ____D C:\Users\jorge\AppData\Local\TestForER2
2024-06-01 14:31 - 2024-06-01 14:31 - 000000000 ____D C:\Users\jorge\Downloads\119169367
2024-05-30 12:34 - 2024-05-31 14:34 - 000000000 ____D C:\Program Files (x86)\Steam Link
2024-05-30 12:34 - 2024-05-30 12:34 - 000000000 ____D C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam Link
2024-05-30 11:00 - 2024-05-30 11:00 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-30 10:59 - 2024-05-30 10:59 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-05-30 10:54 - 2024-05-30 10:56 - 000000000 ___HD C:\$WinREAgent
2024-05-30 00:01 - 2024-05-30 00:01 - 000000000 ____D C:\Users\jorge\AppData\LocalLow\LastFlame
2024-05-29 00:22 - 2024-05-29 00:22 - 000000000 ____D C:\Users\jorge\AppData\LocalLow\FuusenHanabi
2024-05-26 21:02 - 2024-06-06 23:00 - 000000000 ____D C:\Users\jorge\AppData\Local\DayZ
2024-05-26 21:02 - 2024-05-26 21:10 - 000000000 ____D C:\Users\jorge\Documents\DayZ
2024-05-26 20:20 - 2024-05-26 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2024-05-26 20:20 - 2024-05-26 20:20 - 000000000 ____D C:\Program Files\qBittorrent
2024-05-26 10:36 - 2024-05-26 10:36 - 000000000 ____D C:\Users\jorge\AppData\Roaming\Frontier Developments
2024-05-25 22:33 - 2024-05-25 22:33 - 000000000 ____D C:\Users\jorge\AppData\Local\BitchOut_Audition
2024-05-25 22:19 - 2024-05-25 22:20 - 000000000 ____D C:\Users\jorge\AppData\Roaming\Cleargirl
2024-05-25 22:16 - 2024-05-25 22:16 - 000000000 ____D C:\Users\jorge\AppData\LocalLow\Quad Quartetto
2024-05-24 07:59 - 2024-05-24 07:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2024-05-24 07:59 - 2024-05-24 07:59 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2024-05-23 22:05 - 2024-05-14 04:22 - 000121872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-05-18 00:49 - 2024-05-18 00:49 - 000000000 ____D C:\Users\jorge\AppData\LocalLow\Circle 2 Labs Grey Label
2024-05-17 10:30 - 2024-06-08 21:29 - 000000000 ____D C:\ProgramData\bst_boost_interprocess
2024-05-17 10:30 - 2024-05-17 10:29 - 000006579 _____ C:\Users\jorge\-1.14-windows.xml
2024-05-17 10:29 - 2024-06-09 14:35 - 000000000 ____D C:\Users\jorge\AppData\Roaming\bluestacks-services
2024-05-17 10:29 - 2024-06-08 21:29 - 000000000 ____D C:\Users\jorge\AppData\Local\BlueStacks X
2024-05-17 10:29 - 2024-05-17 10:29 - 000002438 _____ C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueStacks Services.lnk
2024-05-17 10:29 - 2024-05-17 10:29 - 000000000 ____D C:\Users\jorge\AppData\Local\bluestacks-services-updater
2024-05-17 10:29 - 2024-05-17 10:29 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2024-05-10 22:27 - 2024-05-10 22:27 - 000000000 ____D C:\Users\jorge\AppData\LocalLow\Tree Games Studios
2024-05-10 07:59 - 2024-05-10 07:59 - 000000000 ____D C:\Users\jorge\AppData\Local\INetHistory

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2024-06-09 17:40 - 2024-03-25 15:56 - 000000000 ____D C:\ProgramData\MISS
2024-06-09 17:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2024-06-09 17:39 - 2024-04-23 22:48 - 000000000 ____D C:\ProgramData\NVIDIA
2024-06-09 17:39 - 2022-09-30 11:08 - 000000000 ____D C:\Users\jorge\AppData\Local\Oculus
2024-06-09 17:39 - 2022-05-01 19:32 - 000000000 ____D C:\Users\jorge\AppData\Roaming\Samsung Magician
2024-06-09 17:39 - 2021-07-13 10:08 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2024-06-09 17:38 - 2023-07-26 13:34 - 000000446 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-06-09 17:38 - 2023-06-25 14:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-09 17:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-09 17:38 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-09 17:38 - 2021-07-12 22:15 - 000000000 ____D C:\Program Files\TeamViewer
2024-06-09 17:38 - 2021-07-10 10:38 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-09 17:37 - 2024-04-30 00:30 - 000000000 ____D C:\Users\jorge\AppData\Local\Everything
2024-06-09 17:37 - 2024-04-29 23:03 - 000000000 ____D C:\Users\jorge\AppData\Roaming\Everything
2024-06-09 17:37 - 2023-12-04 18:39 - 000000000 ____D C:\Users\jorge\AppData\Roaming\discord
2024-06-09 17:37 - 2023-07-04 20:21 - 000003142 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2024-06-09 17:37 - 2022-10-14 16:03 - 000000000 ____D C:\Users\jorge\AppData\Local\CrashDumps
2024-06-09 17:37 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-06-09 17:37 - 2021-07-12 22:01 - 000000000 ____D C:\Program Files (x86)\Steam
2024-06-09 17:35 - 2023-11-24 20:21 - 000000000 ____D C:\Users\jorge\AppData\Local\Malwarebytes
2024-06-09 17:10 - 2023-12-04 18:39 - 000000000 ____D C:\Users\jorge\AppData\Local\Discord
2024-06-09 16:39 - 2021-07-12 15:12 - 000000000 ___RD C:\Users\jorge\OneDrive
2024-06-09 16:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-09 16:09 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-09 16:09 - 2021-07-12 15:11 - 000000000 ____D C:\Users\jorge\AppData\Local\Packages
2024-06-09 16:09 - 2021-07-12 15:10 - 000000000 ____D C:\ProgramData\Packages
2024-06-09 15:16 - 2023-06-25 14:34 - 002731690 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-09 15:16 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-06-09 15:07 - 2021-07-19 19:30 - 000000000 ____D C:\Users\jorge\AppData\Roaming\LGHUB
2024-06-09 15:07 - 2021-07-19 19:30 - 000000000 ____D C:\Users\jorge\AppData\Local\LGHUB
2024-06-09 14:31 - 2023-06-25 14:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-09 14:29 - 2023-01-17 16:23 - 000000000 ____D C:\Users\jorge\AppData\Roaming\ZHP
2024-06-09 14:03 - 2023-01-17 16:23 - 000000000 ____D C:\Users\jorge\AppData\Local\ZHP
2024-06-09 13:44 - 2024-04-23 22:48 - 000000000 ____D C:\Users\jorge\AppData\Local\D3DSCache
2024-06-09 13:06 - 2021-07-12 23:51 - 000000000 ____D C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-06-09 13:04 - 2024-01-23 20:24 - 000000000 ____D C:\Users\jorge\AppData\LocalLow\DefaultCompany
2024-06-09 13:03 - 2021-07-12 15:25 - 000000000 ____D C:\Users\jorge\Documents\Libros
2024-06-09 13:00 - 2023-12-11 16:32 - 000000000 ____D C:\Users\DefaultAppPool
2024-06-09 12:27 - 2022-02-09 12:43 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-06-09 12:14 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-09 12:07 - 2021-07-12 15:26 - 000000000 ____D C:\Users\jorge\AppData\Local\Google
2024-06-09 12:03 - 2022-04-10 09:18 - 000000000 ____D C:\Users\jorge\AppData\Roaming\qBittorrent
2024-06-09 01:05 - 2023-06-25 14:27 - 000000000 ____D C:\Users\jorge
2024-06-09 01:00 - 2022-09-27 18:13 - 000000000 ____D C:\Users\jorge\AppData\Roaming\OculusClient
2024-06-08 23:46 - 2023-11-23 22:35 - 000000000 ____D C:\Program Files (x86)\Oculus Tray Tool
2024-06-08 23:12 - 2021-07-12 23:22 - 000000000 ____D C:\Users\jorge\AppData\Roaming\Anki2
2024-06-08 21:29 - 2023-12-19 23:34 - 000001363 _____ C:\Users\jorge\Desktop\BlueArchive.lnk
2024-06-07 18:27 - 2023-12-08 10:43 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-07 18:19 - 2023-12-16 13:03 - 000002413 _____ C:\Users\jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-07 18:19 - 2023-06-25 14:34 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1896488798-3670652003-289040072-1001
2024-06-07 18:19 - 2023-06-25 14:34 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1896488798-3670652003-289040072-1001
2024-06-07 12:44 - 2023-12-16 23:37 - 000000000 ____D C:\Users\jorge\Documents\dzsalauncher
2024-06-07 08:21 - 2023-06-25 14:34 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-07 08:21 - 2023-06-25 14:34 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-06 23:39 - 2024-04-23 22:48 - 000000000 ____D C:\Users\jorge\AppData\Local\NVIDIA Corporation
2024-06-06 16:31 - 2022-05-24 22:20 - 000000000 ____D C:\Users\jorge\AppData\LocalLow\Club-kon
2024-06-06 07:56 - 2023-12-04 18:39 - 000002243 _____ C:\Users\jorge\Desktop\Discord.lnk
2024-06-06 00:19 - 2023-08-12 12:07 - 000003126 _____ C:\WINDOWS\system32\Tasks\RTSS
2024-06-05 22:08 - 2023-02-11 16:11 - 000000000 ____D C:\Users\jorge\AppData\Roaming\obs-studio
2024-06-05 21:03 - 2021-07-12 22:29 - 000000000 ____D C:\Users\jorge\AppData\Roaming\Notepad++
2024-06-05 20:07 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-06-05 20:04 - 2021-07-12 21:35 - 000000000 ____D C:\ProgramData\Package Cache
2024-06-05 13:53 - 2021-07-12 15:13 - 000000000 ____D C:\Users\jorge\AppData\Local\ElevatedDiagnostics
2024-06-05 07:50 - 2023-06-27 07:59 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-06-04 23:33 - 2024-04-23 22:48 - 000000000 ____D C:\Users\jorge\AppData\Local\NVIDIA
2024-06-04 22:56 - 2021-07-10 10:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-04 19:37 - 2023-08-13 09:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2024-06-04 07:50 - 2021-07-12 22:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-06-04 00:15 - 2023-07-04 19:37 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-06-02 00:44 - 2022-09-30 11:16 - 000000000 ____D C:\Users\jorge\AppData\Roaming\Oculus
2024-06-01 22:19 - 2023-12-16 23:36 - 000000000 ____D C:\Users\jorge\AppData\Local\DZSALauncher
2024-06-01 17:04 - 2023-12-16 23:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DZSALauncher
2024-06-01 01:20 - 2021-11-13 02:12 - 000000000 ____D C:\Users\jorge\AppData\Local\User Data
2024-06-01 01:18 - 2022-01-15 01:29 - 000000000 ____D C:\Users\jorge\AppData\Local\tyranoscript
2024-06-01 01:17 - 2022-01-15 01:31 - 000000000 ____D C:\Users\jorge\AppData\Roaming\tyranogame
2024-05-30 15:02 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-30 14:46 - 2023-06-25 14:25 - 000364768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-30 14:45 - 2023-07-27 14:23 - 000000000 ____D C:\Program Files\Hyper-V
2024-05-30 14:45 - 2022-05-07 12:28 - 000000000 ____D C:\WINDOWS\InboxApps
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-05-30 14:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-30 14:45 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-05-30 11:03 - 2022-05-07 12:28 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-05-30 11:03 - 2022-05-07 12:28 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-05-30 11:00 - 2023-06-25 14:28 - 003216384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-05-29 21:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-05-29 10:07 - 2023-06-07 18:41 - 000000000 ____D C:\Program Files (x86)\dotnet
2024-05-29 10:07 - 2022-04-19 17:48 - 000000000 ____D C:\Program Files\dotnet
2024-05-26 21:33 - 2021-07-28 21:05 - 000000000 ____D C:\Users\jorge\AppData\Local\DayZ Launcher
2024-05-26 10:36 - 2022-05-01 12:15 - 000000000 ____D C:\Users\jorge\AppData\Local\Frontier Developments
2024-05-25 22:21 - 2021-09-22 23:43 - 000000000 ____D C:\Users\jorge\AppData\Roaming\RenPy
2024-05-25 01:04 - 2022-05-08 22:02 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2024-05-23 20:04 - 2022-11-03 11:31 - 000000000 ____D C:\Users\jorge\AppData\Roaming\audacity
2024-05-22 23:49 - 2022-05-08 21:59 - 000000000 ____D C:\Users\jorge\AppData\Local\LogMeIn Hamachi
2024-05-20 08:07 - 2023-12-04 18:41 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-05-20 08:06 - 2023-11-24 20:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-05-20 08:06 - 2023-11-24 20:20 - 000000000 ____D C:\Program Files\Malwarebytes
2024-05-17 23:29 - 2023-11-28 08:58 - 004342878 ____N C:\WINDOWS\Minidump\051724-9000-01.dmp
2024-05-17 23:29 - 2023-07-16 15:10 - 000000000 ____D C:\WINDOWS\Minidump
2024-05-17 17:17 - 2021-08-14 22:52 - 000000000 ____D C:\Users\jorge\AppData\Roaming\EasyAntiCheat
2024-05-17 10:29 - 2023-12-04 18:57 - 000003938 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2024-05-17 10:29 - 2023-12-04 18:42 - 000000000 ____D C:\Users\jorge\AppData\Local\Bluestacks
2024-05-17 10:26 - 2023-12-04 18:42 - 000000000 ____D C:\Users\Public\BlueStacks
2024-05-16 08:00 - 2023-09-27 09:42 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-05-16 08:00 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-05-14 20:36 - 2021-07-12 21:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-14 20:34 - 2021-07-12 21:06 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Archivos en la raíz de algunos directorios ========

2022-09-29 18:43 - 2023-09-26 20:55 - 000000000 _____ () C:\Users\jorge\AppData\Roaming\.OculusDebugToolGUI
2023-07-27 13:21 - 2023-07-27 13:21 - 000000068 _____ () C:\Users\jorge\AppData\Roaming\changzhi_leidian.data
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (1).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (10).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (11).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (12).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (13).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (14).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (15).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (16).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (2).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (3).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (4).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (5).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (6).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (7).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (8).db
2023-01-25 19:26 - 2023-01-25 19:26 - 104857600 _____ () C:\Users\jorge\AppData\Roaming\huy_NATO (9).db
2022-12-31 00:12 - 2023-07-16 18:35 - 000000269 _____ () C:\Users\jorge\AppData\Roaming\MelonLoader.Installer.cfg
2023-02-11 16:17 - 2023-02-11 18:42 - 000000016 _____ () C:\Users\jorge\AppData\Roaming\obs-virtualcam.txt
2023-07-30 21:19 - 2023-07-30 23:15 - 000000132 _____ () C:\Users\jorge\AppData\Roaming\Prefs. de formato BMP de Adobe CS6
2021-11-07 01:01 - 2023-08-10 23:34 - 000000132 _____ () C:\Users\jorge\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2021-10-02 13:08 - 2023-07-22 00:41 - 000001456 _____ () C:\Users\jorge\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2022-05-16 17:49 - 2023-09-08 00:05 - 001065984 _____ () C:\Users\jorge\AppData\Local\file__0.localstorage
2021-10-02 16:30 - 2021-10-08 15:38 - 000000364 _____ () C:\Users\jorge\AppData\Local\karboncalligraphyrc
2021-10-06 21:23 - 2021-10-06 21:23 - 000000136 _____ () C:\Users\jorge\AppData\Local\krita-scripterrc
2021-10-02 11:29 - 2024-03-22 20:49 - 000007908 _____ () C:\Users\jorge\AppData\Local\krita-sysinfo.log
2021-10-02 11:29 - 2024-03-22 20:50 - 000554134 _____ () C:\Users\jorge\AppData\Local\krita.log
2021-10-02 12:00 - 2021-10-02 12:01 - 000022363 _____ () C:\Users\jorge\AppData\Local\kritacrash.log
2024-03-22 20:50 - 2024-03-22 20:50 - 000000185 _____ () C:\Users\jorge\AppData\Local\kritadisplayrc
2021-10-02 11:29 - 2024-03-22 20:50 - 000024861 _____ () C:\Users\jorge\AppData\Local\kritarc
2021-10-02 11:29 - 2023-08-05 15:29 - 000027659 _____ () C:\Users\jorge\AppData\Local\kritarc.backup
2021-10-31 13:20 - 2022-10-07 19:27 - 000007605 _____ () C:\Users\jorge\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Addition.txt

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 09.06.2024
Ejecutado por jorge (09-06-2024 17:41:36)
Ejecutado desde C:\Users\jorge\Desktop
Microsoft Windows 11 Pro Versión 23H2 22631.3672 (X64) (2023-06-25 12:34:35)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-1896488798-3670652003-289040072-500 - Administrator - Disabled) => C:\Users\Administrador
DefaultAccount (S-1-5-21-1896488798-3670652003-289040072-503 - Limited - Disabled)
Invitado (S-1-5-21-1896488798-3670652003-289040072-501 - Limited - Disabled)
jorge (S-1-5-21-1896488798-3670652003-289040072-1001 - Administrator - Enabled) => C:\Users\jorge
WDAGUtilityAccount (S-1-5-21-1896488798-3670652003-289040072-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Total Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
Airships: Conquer the Skies (HKLM-x32\...\1232664301_is1) (Version: 1.2.6 - GOG.com)
Airships: Heroes and Villains (HKLM-x32\...\1271311395_is1) (Version: 1.2.6 - GOG.com)
Anki (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\Anki) (Version: 23.12.1 - )
Asistente para la instalación de Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation)
Audacity 3.4.2 (HKLM\...\Audacity_is1) (Version: 3.4.2 - Audacity Team)
Blackmagic RAW Common Components (HKLM\...\{BF8B97B1-9BEE-422A-9893-AC7A52ACA23A}) (Version: 3.3 - Blackmagic Design)
BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.21.205.1001 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\BlueStacksServices) (Version: 3.0.9 - now.gg, Inc.)
BlueStacks X (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\BlueStacks X) (Version: 10.41.0.1014 - now.gg, Inc.)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 9.5.6 - Andrew Sampson)
Cheat Engine 7.5 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
CLIP STUDIO 2.0.0 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 2.0.0 - CELSYS)
CLIP STUDIO PAINT 2.0.0 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 2.0.0 - CELSYS)
Core Temp 1.18 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.18 - ALCPU)
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
DaVinci Resolve (HKLM\...\{F65E5DB0-4724-46EC-8E87-87976B1BED65}) (Version: 18.5.00041 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{D1ACF467-9FB4-45DA-942F-A19452E70A3F}) (Version: 2.0.7.0 - Blackmagic Design)
DZSALauncher version 0.0.5.5 (HKLM-x32\...\DZSALauncher_is1) (Version: 0.0.5.5 - Maca134)
Everything 1.4.1.1024 (x64) (HKLM\...\Everything) (Version: 1.4.1.1024 - voidtools)
FFmpeg v2.2.2 for Audacity - 64bit (HKLM\...\FFmpeg for Audacity_is1) (Version:  - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.73.27 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.142 - Google LLC)
Hamachi (HKLM-x32\...\{C00E2143-38F2-49BA-AB8A-03F22F02F0A4}) (Version: 2.3.0.111 - LogMeIn, Inc.) Hidden
Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.3.0.111 - LogMeIn, Inc.)
HandBrake 1.7.1 (HKLM-x32\...\HandBrake) (Version: 1.7.1 - )
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Huion Firmware (HKLM-x32\...\HuionFirmware) (Version: 1.1.1.1 - Huion)
HuionTablet (HKLM-x32\...\HuionTablet) (Version: 15.7.6.756 - Shenzhen Huion Animation Technology Co.,LTD)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{CCB78529-CC80-456F-BBFE-4F12A50D6F8B}) (Version: 4.1.8 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{9b79ab4c-1596-44ee-84e2-a2001f7af089}) (Version: 10.1.18836.8283 - Intel(R) Corporation)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{96d90b75-794d-49b2-9c6a-fb35a86c32a1}) (Version: 7.3.0.33 - Intel Corporation)
IPv6 Forwarder for GameStream (HKLM-x32\...\{ABE6DCED-D292-4A86-ABE1-9B6188494F4B}) (Version: 2.6.0.0 - Moonlight Game Streaming Project) Hidden
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
JDownloader 2 (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Krita (x64) 5.2.1 (HKLM\...\Krita_x64) (Version: 5.2.1.100 - Krita Foundation)
LAV Filters 0.77.2 (HKLM-x32\...\lavfilters_is1) (Version: 0.77.2 - Hendrik Leppkes)
Malwarebytes version 5.1.4.112 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.4.112 - Malwarebytes)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.31 (x64) (HKLM\...\{59ED1DC1-E3E4-4BC0-B43F-143CCC38FF17}) (Version: 48.124.15198 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.31 (x86) (HKLM-x32\...\{7BA19BCB-4274-4F0B-AC7A-701026197097}) (Version: 48.124.15198 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.20 (x64) (HKLM\...\{EE5EB03B-D65C-4991-848E-2C6E024326DB}) (Version: 56.80.15184 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.31 (x64) (HKLM\...\{9992D04E-553E-4BC2-B0EC-4A394DD19986}) (Version: 48.124.15198 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.31 (x86) (HKLM-x32\...\{FE056116-B4D5-4279-BD2C-2B48F99CE797}) (Version: 48.124.15198 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.20 (x64) (HKLM\...\{B0FC828F-678C-4868-9B5B-99639758E6F3}) (Version: 56.80.15184 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.31 (x64) (HKLM\...\{0950F07D-F1C4-47A5-AC88-C5FAA5DC564D}) (Version: 48.124.15198 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.31 (x86) (HKLM-x32\...\{3FF9C48B-C566-448C-A95D-C4862AC74524}) (Version: 48.124.15198 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.20 (x64) (HKLM\...\{221BB52A-B763-4C9D-AA62-4B0B6C9AAD62}) (Version: 56.80.15184 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\OneDriveSetup.exe) (Version: 24.101.0519.0010 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1896488798-3670652003-289040072-500\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{610487D9-3460-328A-9333-219D43A75CC5}) (Version: 10.0.60922 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM\...\{5BEE5F3E-4D78-4DE8-A8F3-36D3E9D8868C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM-x32\...\{0eddeab6-01c1-4cf7-83ba-164ea8974c90}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.31 (x64) (HKLM\...\{EFE53353-800E-4987-B965-1C968D0F23A4}) (Version: 48.124.15242 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.31 (x64) (HKLM-x32\...\{1a7abdc5-639b-4af0-87c6-dbc511750c6e}) (Version: 6.0.31.33720 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.31 (x86) (HKLM-x32\...\{558558E9-EF67-4CC1-8D73-4FE680754D59}) (Version: 48.124.15242 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.31 (x86) (HKLM-x32\...\{aa5b5915-5045-4655-8b27-20fcb15d7386}) (Version: 6.0.31.33720 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.20 (x64) (HKLM\...\{72C29BED-666F-4E5E-BC49-DF44C890742E}) (Version: 56.80.15245 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.20 (x64) (HKLM-x32\...\{362ea044-f96f-45c7-b59f-0dbe5ca98ff4}) (Version: 7.0.20.33720 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Moonlight Internet Hosting Tool (HKLM-x32\...\{23CC640E-9CCB-4B70-A6B4-5FD2A6398F40}) (Version: 5.6.1.0 - Moonlight Game Streaming Project) Hidden
Moonlight Internet Hosting Tool (HKLM-x32\...\{ac61df64-d443-4a89-8c0b-4147c28750f4}) (Version: 5.6.1.0 - Moonlight Game Streaming Project)
Motrix 1.8.19 (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\1c69d6f0-819e-59ee-95e7-e2b930a46bea) (Version: 1.8.19 - Dr_rOot)
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 126.0.1 (x64 es-ES)) (Version: 126.0.1 - Mozilla)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.5.4 - Notepad++ Team)
NVIDIA Controlador de audio HD 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 555.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 555.99 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.412 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.412 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.2 - OBS Project)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Oculus Tray Tool v0.87.8 (HKLM-x32\...\Oculus Tray Tool_is1) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paquete de controladores de Windows - GigaDevice (GDDFUDriver) USBDevice  (06/16/2015 13.57.56.210) (HKLM\...\84F7DB67E2A74D9F4EB01D7578210B5E3E676F65) (Version: 06/16/2015 13.57.56.210 - GigaDevice)
Paradox Launcher v2 (HKLM\...\{E68BBC18-9E69-436B-B20F-E294DE62ECAB}) (Version: 2.3.0 - Paradox Interactive)
PicPick (HKLM-x32\...\PicPick) (Version: 7.2.8 - NGWIN)
Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.2.11 - Proton AG)
Python 3.10.8 (64-bit) (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\{371d0d73-d418-4ffe-b280-58c3e7987525}) (Version: 3.10.8150.0 - Python Software Foundation)
Python 3.10.8 Core Interpreter (64-bit) (HKLM\...\{6463E43B-54B1-4407-818D-DD90D11CDD06}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Development Libraries (64-bit) (HKLM\...\{B7DEC02E-E147-40A2-86C9-1F910DC43D1C}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Documentation (64-bit) (HKLM\...\{02E2EFF4-C685-4151-9A40-E50DE7A8A5D7}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Executables (64-bit) (HKLM\...\{361761A0-847E-4A8B-B375-1F77E475321E}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 pip Bootstrap (64-bit) (HKLM\...\{12EB4B8C-1F27-4A73-9B33-4545D52637D6}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Standard Library (64-bit) (HKLM\...\{9D731829-C401-4DFE-8906-79EBFAD18AF7}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Tcl/Tk Support (64-bit) (HKLM\...\{5ADA7829-A477-4BE0-8112-7C0C720F7093}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Test Suite (64-bit) (HKLM\...\{025F829D-844C-4E80-8C2C-ECBD6FB455BC}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Utility Scripts (64-bit) (HKLM\...\{BBF729BB-B0D3-4180-A4A7-3A713F0BE254}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.11.0 (64-bit) (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\{7f8381ad-2e42-4432-8de5-c7beebe1009f}) (Version: 3.11.150.0 - Python Software Foundation)
Python 3.11.0 Core Interpreter (64-bit) (HKLM\...\{1ED03561-12AC-4A6A-AA85-583281BF0121}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Development Libraries (64-bit) (HKLM\...\{74A2D2BF-BD4F-4D82-812F-EDEB21EA443F}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Documentation (64-bit) (HKLM\...\{D3773C88-43C6-46CD-AE5F-627FF6C6E5D4}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Executables (64-bit) (HKLM\...\{B28E4BED-428C-40CB-9A29-41E46263246D}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 pip Bootstrap (64-bit) (HKLM\...\{0D8459AB-4636-4CD5-A41B-569D7CE159B8}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Standard Library (64-bit) (HKLM\...\{CB7E1801-9FB8-4763-A369-1D7F290AB24D}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Tcl/Tk Support (64-bit) (HKLM\...\{6FBFD1F4-0412-4DBB-AA00-F71278CAB664}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Test Suite (64-bit) (HKLM\...\{D4A2E83A-3BD5-4E0D-9577-7F8CA74B876B}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Utility Scripts (64-bit) (HKLM\...\{BD29D023-6B95-47FE-B480-598840EB9A28}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{0E6EEAC9-4913-4C2F-B7D2-761B27C35D7C}) (Version: 3.11.7966.0 - Python Software Foundation)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.5 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9629.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.68.815.2023 - Realtek)
Recorder Devices for ShareX 0.12.10 (HKLM\...\Recorder Devices for ShareX_is1) (Version: 0.12.10 - )
REDlauncher (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.3.6 (HKLM-x32\...\RTSS) (Version: 7.3.6 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 8.1.0.800 - Samsung Electronics)
SERIKE MECHANICAL RGB KEYBOARD version 1.09n (HKLM-x32\...\{68044F11-F83A-4045-AEF7-5B80823F8B9A}_is1) (Version: 1.09n - NEWSKILL)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 15.0.0 - ShareX Team)
SideQuest 0.10.33 (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\4924ec51-3e48-5cb7-b145-2119467094c7) (Version: 0.10.33 - Shane Harris)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steam Link (HKLM-x32\...\{059108A9-0ADB-48D3-A470-9CCD4A56CC28}) (Version: 1.3.8 - Valve Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.40.8 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version:  - TechPowerUp)
Telegram Desktop (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.15.2 - Telegram FZ-LLC)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
Upscayl 2.8.6 (HKLM\...\2239ca62-47a7-52bf-bffa-6c900931774b) (Version: 2.8.6 - )
Upscayl 2.9.1 (HKLM\...\2e801529-9c6a-5917-960e-278558728760) (Version: 2.9.1 - )
ViGEm Bus Driver (HKLM\...\{966606F3-2745-49E9-BF15-5C3EAA4E9077}) (Version: 1.22.0 - Nefarius Software Solutions e.U.)
Virtual Camera Filter version 0.0.6 (HKLM-x32\...\{E6092B45-89ED-4FB1-BD36-50936DB8C08E}}_is1) (Version: 0.0.6 - Exeldro)
VRChat Creator Companion version 2.1.0 (HKLM-x32\...\{A20FE4C3-FE52-495B-B0DA-92992240BFC0}_is1) (Version: 2.1.0 - VRChat Inc)
vs_communitymsires (HKLM-x32\...\{CAF2AA35-4C6E-428B-894A-927CADF0CFFA}) (Version: 16.10.31213 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{102E83BD-B6A0-4C74-AD22-7D594A3435D3}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{6CBDE7BE-E956-4E0E-81FB-2CB79190C924}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{BA855DFD-8D85-4011-997D-56F1DAC778E0}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.92 - Microsoft Corporation)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinDirStat 1.1.2 (HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\WinDirStat) (Version:  - )
Winpinator (x64) (HKLM-x32\...\Winpinator_x64) (Version: 0.1.2 - Łukasz Świszcz)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)

Packages:
=========

Accesorios de Xbox -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2406.2405.7001.0_x64__8wekyb3d8bbwe [2024-05-17] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-12-04] (Microsoft Corporation)
Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11050.29009.0_x64__8wekyb3d8bbwe [2024-06-04] (Microsoft Corporation) [Startup Task]
Ink.Handwriting.es-ES.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.es-ES.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2023-12-04] (Microsoft Corporation)
Ink.Handwriting.es-ES.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.es-ES.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2023-12-04] (Microsoft Corporation)
Ink.Handwriting.ja-JP.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.ja-JP.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2023-12-04] (Microsoft Corporation)
Ink.Handwriting.ja-JP.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.ja-JP.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2023-12-04] (Microsoft Corporation)
Ink.Handwriting.Main.es-ES.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.es-ES.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2023-12-04] (Microsoft Corporation)
Ink.Handwriting.Main.ja-JP.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.ja-JP.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2023-12-04] (Microsoft Corporation)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-03-08] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-12-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-12-04] (Microsoft Corporation) [MS Ad]
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-14] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24051.39.0_x64__cw5n1h2txyewy [2024-05-30] (Microsoft Windows) [Startup Task]
MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.14.0_x64__kzh8wxbdkxb8p [2023-12-04] (MICRO-STAR INTERNATIONAL CO., LTD)
Notepad++ -> C:\Program Files (x86)\Notepad++\contextMenu [2023-06-28] (Notepad++)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-06-04] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.324.0_x64__dt26b99r8h8gj [2024-04-11] (Realtek Semiconductor Corp)
Speech Pack - Japanese (Japan) -> C:\Program Files\WindowsApps\MicrosoftWindows.Speech.ja-JP.1_1.0.12.0_x64__cw5n1h2txyewy [2023-12-04] (Microsoft Windows)
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_5.0.1.0_x64__t4vj0pshhgkwm [2024-05-07] (Telegram Messenger LLP) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2422.7.0_x64__cv1g1gvanyjgm [2024-06-07] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.119.156.0_x64__8wekyb3d8bbwe [2024-06-08] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.119.156.0_x64__8wekyb3d8bbwe [2024-06-08] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-30] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2023-06-25] (win.rar GmbH)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1896488798-3670652003-289040072-1001_Classes\CLSID\{04d5c66b-d515-61ec-258f-a409f9443e98}\localserver32 -> "C:\Program Files\Proton\VPN\v3.0.7\ProtonVPN.exe" -ToastActivated => Ningún archivo
CustomCLSID: HKU\S-1-5-21-1896488798-3670652003-289040072-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-1896488798-3670652003-289040072-1001_Classes\CLSID\{318cc681-4136-d2bd-6204-14d67a05b724}\localserver32 -> "C:\Program Files\Proton\VPN\v3.2.1\ProtonVPN.exe" -ToastActivated => Ningún archivo
CustomCLSID: HKU\S-1-5-21-1896488798-3670652003-289040072-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.exe (Proton AG -> )
CustomCLSID: HKU\S-1-5-21-1896488798-3670652003-289040072-1001_Classes\CLSID\{a04f95c0-6183-7419-2316-954e331d0cbc}\localserver32 -> "C:\Program Files\Proton\VPN\v3.2.2\ProtonVPN.exe" -ToastActivated => Ningún archivo
CustomCLSID: HKU\S-1-5-21-1896488798-3670652003-289040072-1001_Classes\CLSID\{C52B9871-E5E9-41FD-B84D-C5ACADBEC7AE}\InprocServer32 -> D:\Programas descargados\Locale.Emulator.2.5.0.1\LEContextMenuHandler.DLL (Paddy Xu) [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-1896488798-3670652003-289040072-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-25] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-25] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-25] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => 
C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-04-30] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-25] (Adobe Inc. -> )
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Archivo no firmado]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-24] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-04-30] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_23954e33c8a39da4\nvshext.dll [2024-06-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-25] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-24] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [1102848 2023-04-10] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [891904 2023-04-10] () [Archivo no firmado]

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2023-04-03 00:48 - 2023-04-03 00:48 - 000232960 _____ () [Archivo no firmado] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2023-04-03 00:48 - 2023-04-03 00:48 - 000059392 _____ () [Archivo no firmado] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2023-04-03 00:49 - 2023-04-03 00:49 - 000699904 _____ () [Archivo no firmado] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2023-04-03 00:48 - 2023-04-03 00:48 - 000074240 _____ () [Archivo no firmado] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2023-04-03 00:48 - 2023-04-03 00:48 - 000371712 _____ () [Archivo no firmado] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2024-03-23 11:00 - 2024-03-23 11:00 - 000074240 _____ () [Archivo no firmado] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2024-03-23 11:01 - 2024-03-23 11:01 - 000112128 _____ () [Archivo no firmado] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2024-03-23 11:00 - 2024-03-23 11:00 - 000413696 _____ () [Archivo no firmado] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2024-03-25 10:17 - 2024-03-14 03:23 - 002574336 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll
2024-03-25 10:17 - 2024-03-14 03:23 - 000379392 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll
2024-03-25 10:17 - 2024-03-14 03:23 - 006585344 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll
2024-03-25 10:17 - 2024-03-14 03:21 - 000143360 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node
2024-03-25 10:17 - 2024-03-14 03:21 - 000087040 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node
2024-03-25 10:17 - 2024-03-14 03:21 - 000636928 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node
2023-09-25 08:06 - 2024-03-14 03:23 - 004512256 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung Magician\vk_swiftshader.dll
2023-09-25 08:06 - 2024-03-14 03:23 - 000815104 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung Magician\vulkan-1.dll
2023-09-03 19:30 - 2023-06-20 10:00 - 000101376 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2017-02-12 02:28 - 2015-09-28 20:08 - 000255488 _____ (Sysprogs OU) [Archivo no firmado] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-1896488798-3670652003-289040072-1001\Software\Classes\regfile:  <==== ATENCIÓN
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\Software\Classes\.reg:  =>  <==== ATENCIÓN
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\Software\Classes\.bat:  =>  <==== ATENCIÓN
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\Software\Classes\.cmd:  =>  <==== ATENCIÓN

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-12-07 11:14 - 2023-04-02 12:08 - 000002480 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70      fitgirlrepacks.in               # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.in           # Fake FitGirl site
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site
109.94.209.70      fitgirlrepack.games             # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz         # Fake FitGirl site
109.94.209.70      www.fitgirlrepack.games         # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz             # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site
109.94.209.70      fitgirlpack.site                # Fake FitGirl site
109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site
109.94.209.70      fitgirl-repack.org              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.org          # Fake FitGirl site

2023-07-26 13:34 - 2024-06-09 17:38 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.26.96.1 DESKTOP-H975GEV.mshome.net # 2029 6 5 8 15 38 56 765

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> D:\Oculus\Support\oculus-runtime;d:\oculus\support\oculus-runtime;c:\python310\scripts\;c:\python310\;c:\program files\common files\oracle\java\javapath;c:\program files (x86)\common files\oracle\java\javapath;c:\program files\nvidia gpu computing toolkit\cuda\v9.0\bin;c:\program files\nvidia gpu computing toolkit\cuda\v9.0\libnvvp;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files (x86)\common files\autodesk shared\;c:\program files (x86)\autodesk\backburner\;c:\program files\common files\autodesk shared\;c:\programdata\chocolatey\bin;c:\program files\dotnet\;c:\program files\nvidia corporation\nvidia nvdlisr;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\users\jorge\documents\sharex\tools\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1896488798-3670652003-289040072-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run: => "MsmqIntCert"
HKLM\...\StartupApproved\Run: => "HuionTablet"
HKLM\...\StartupApproved\Run32: => "SERIKE MECHANICAL RGB KEYBOARD"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "HuionTablet"
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\StartupApproved\StartupFolder: => "ShareX.lnk"
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\StartupApproved\StartupFolder: => "OpenRGB.exe.lnk"
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\StartupApproved\Run: => "WallpaperEngine"
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\StartupApproved\Run: => "LGHUB"
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_80D287FEB234B8893328BFC5AFC360F1"
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-1896488798-3670652003-289040072-1001\...\StartupApproved\Run: => "electron.app.BlueStacks Services"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{8D622B11-3B48-4667-9DB9-E985F531E1E8}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EE5346B9-3D84-48DC-8B5E-95AA9E22B695}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{048944AF-BE49-4C32-9F1F-B769555C4A35}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AA4A590A-EA9A-4383-B15C-14319D2B24CF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{4B88222E-0A72-4299-92FF-9C8299434613}D:\programas descargados\openrgb windows 64-bit\openrgb.exe] => (Allow) D:\programas descargados\openrgb windows 64-bit\openrgb.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{A35758A7-C006-43C1-9354-28E2EA875B51}D:\programas descargados\openrgb windows 64-bit\openrgb.exe] => (Allow) D:\programas descargados\openrgb windows 64-bit\openrgb.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{A557B003-0681-41EA-A909-5A1A9C190B1C}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{9614EFA6-1C13-4EB5-821E-D35065FBD05B}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{10BAEDBF-3A68-4394-BEDE-32284EFFEE23}] => (Allow) E:\Steam\steamapps\common\Total War SHOGUN 2\launcher\launcher.exe => Ningún archivo
FirewallRules: [{61A20071-D07F-4940-93E5-23BD22574D48}] => (Allow) E:\Steam\steamapps\common\Total War SHOGUN 2\launcher\launcher.exe => Ningún archivo
FirewallRules: [TCP Query User{8AC51E7B-0531-4C27-9880-DAFEBB7841CE}E:\steam\steamapps\common\total war shogun 2\shogun2.exe] => (Allow) E:\steam\steamapps\common\total war shogun 2\shogun2.exe => Ningún archivo
FirewallRules: [UDP Query User{99D7D3C7-6189-475A-A36D-002DF5D162FE}E:\steam\steamapps\common\total war shogun 2\shogun2.exe] => (Allow) E:\steam\steamapps\common\total war shogun 2\shogun2.exe => Ningún archivo
FirewallRules: [TCP Query User{237CFF68-549D-419E-96F0-03243A7F3A6B}E:\steam\steamapps\common\tekken 8 demo\polaris\binaries\win64\polaris-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\tekken 8 demo\polaris\binaries\win64\polaris-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{6A40900D-2081-42F1-8B4A-074BBF1AC41F}E:\steam\steamapps\common\tekken 8 demo\polaris\binaries\win64\polaris-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\tekken 8 demo\polaris\binaries\win64\polaris-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{47A2CBE5-744A-41C4-B821-79EEB0FC2B97}C:\users\jorge\appdata\local\programs\motrix\resources\engine\aria2c.exe] => (Allow) C:\users\jorge\appdata\local\programs\motrix\resources\engine\aria2c.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{2A90862B-2BAD-4327-ACFD-67F72E87DF73}C:\users\jorge\appdata\local\programs\motrix\resources\engine\aria2c.exe] => (Allow) C:\users\jorge\appdata\local\programs\motrix\resources\engine\aria2c.exe () [Archivo no firmado]
FirewallRules: [{61154E61-C071-4A45-84B0-FAB03C76C9BC}] => (Allow) LPort=48010
FirewallRules: [{29534CC9-2EE5-4A53-85C6-6D75B0343110}] => (Allow) LPort=48010
FirewallRules: [TCP Query User{3C49AAD0-9D91-4B82-8402-F44090C3D063}E:\steam\steamapps\common\aoe2de\aoe2de_s.exe] => (Allow) E:\steam\steamapps\common\aoe2de\aoe2de_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A1FBD788-042D-4246-AA74-B62727613FE2}E:\steam\steamapps\common\aoe2de\aoe2de_s.exe] => (Allow) E:\steam\steamapps\common\aoe2de\aoe2de_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EB306E26-AA41-46AD-B0BC-A46ACD9A3E24}E:\steam\steamapps\common\aoe2de\battleserver\battleserver.exe] => (Allow) E:\steam\steamapps\common\aoe2de\battleserver\battleserver.exe (Microsoft Corporation -> )
FirewallRules: [UDP Query User{CD7DBA48-6927-4417-8A6B-AE89685E124C}E:\steam\steamapps\common\aoe2de\battleserver\battleserver.exe] => (Allow) E:\steam\steamapps\common\aoe2de\battleserver\battleserver.exe (Microsoft Corporation -> )
FirewallRules: [TCP Query User{D5241505-4462-46BC-8405-656D6B15750C}D:\juegos\eroge\[screwthisnoise] koikatsu sunshine ex betterrepack r9\[utility] kkmanager\standaloneupdater.exe] => (Allow) D:\juegos\eroge\[screwthisnoise] koikatsu sunshine ex betterrepack r9\[utility] kkmanager\standaloneupdater.exe (hxxps://github.com/IllusionMods/KKManager) [Archivo no firmado]
FirewallRules: [UDP Query User{F38AFC01-3840-4338-A573-53EE96A51FFC}D:\juegos\eroge\[screwthisnoise] koikatsu sunshine ex betterrepack r9\[utility] kkmanager\standaloneupdater.exe] => (Allow) D:\juegos\eroge\[screwthisnoise] koikatsu sunshine ex betterrepack r9\[utility] kkmanager\standaloneupdater.exe (hxxps://github.com/IllusionMods/KKManager) [Archivo no firmado]
FirewallRules: [TCP Query User{833D55EC-DBC0-441D-B77D-901E7EBA1CF1}D:\oculus\support\oculus-runtime\ovrserver_x64.exe] => (Allow) D:\oculus\support\oculus-runtime\ovrserver_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [UDP Query User{56C65C83-7041-43C6-827D-0EFD8A82D939}D:\oculus\support\oculus-runtime\ovrserver_x64.exe] => (Allow) D:\oculus\support\oculus-runtime\ovrserver_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [TCP Query User{F22F039E-B455-4B93-B2C5-6E65C62FFFB2}E:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{544F8174-20B9-4D35-A316-0C6E0CE1515B}E:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe => Ningún archivo
FirewallRules: [{B1465D51-28F1-44FA-BFF5-6843C93F3F4B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{66A1501D-6DF5-4E2F-96E2-BB0C68652C97}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3B9096CB-E16B-45FB-A5DD-A36FB02411BC}E:\steam\steamapps\common\vrchat\vrchat.exe] => (Allow) E:\steam\steamapps\common\vrchat\vrchat.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{F35688F0-871E-4079-A531-90CC25031859}E:\steam\steamapps\common\vrchat\vrchat.exe] => (Allow) E:\steam\steamapps\common\vrchat\vrchat.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{D1C264F8-80D5-424B-A13E-2064FE4E2CD6}C:\program files (x86)\steam\steamapps\common\steamvr\bin\win64\vrserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamvr\bin\win64\vrserver.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{970C3951-5E72-4087-90C4-81AD15AF9C2D}C:\program files (x86)\steam\steamapps\common\steamvr\bin\win64\vrserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamvr\bin\win64\vrserver.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2420679E-B8F8-4CCD-9B12-FB271D9D3D4E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23335.242.2641.4129_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8028220-EA92-4E90-A5F4-EA20B33EF079}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23335.242.2641.4129_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{06764B08-A01E-400C-885F-A502649FC4B9}] => (Allow) E:\Steam\steamapps\common\GarrysMod\hl2.exe (Facepunch Studios Ltd) [Archivo no firmado]
FirewallRules: [{11476FF7-29F3-47C2-BDD3-138A3BA6EFDC}] => (Allow) E:\Steam\steamapps\common\GarrysMod\hl2.exe (Facepunch Studios Ltd) [Archivo no firmado]
FirewallRules: [TCP Query User{4FC13D3E-B654-4F6B-BB79-F4491DCFD9DD}E:\steam\steamapps\common\tmodloader\dotnet\6.0.14\dotnet.exe] => (Allow) E:\steam\steamapps\common\tmodloader\dotnet\6.0.14\dotnet.exe => Ningún archivo
FirewallRules: [UDP Query User{F67FCF4F-8F89-4303-AB4A-504DDD528833}E:\steam\steamapps\common\tmodloader\dotnet\6.0.14\dotnet.exe] => (Allow) E:\steam\steamapps\common\tmodloader\dotnet\6.0.14\dotnet.exe => Ningún archivo
FirewallRules: [TCP Query User{EE676F9E-4190-468C-8CEB-AFE69BD80B79}C:\users\jorge\appdata\local\discord\app-1.0.9034\discord.exe] => (Allow) C:\users\jorge\appdata\local\discord\app-1.0.9034\discord.exe => Ningún archivo
FirewallRules: [UDP Query User{05AC67C4-3A84-443D-9A0F-3C3727B1762B}C:\users\jorge\appdata\local\discord\app-1.0.9034\discord.exe] => (Allow) C:\users\jorge\appdata\local\discord\app-1.0.9034\discord.exe => Ningún archivo
FirewallRules: [TCP Query User{5C4912F8-A380-4C97-A8D0-75692294AA19}E:\steam\steamapps\common\natural locomotion\naturallocomotion_host.exe] => (Block) E:\steam\steamapps\common\natural locomotion\naturallocomotion_host.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{6D0669E8-8029-49C9-AD9A-46649952A479}E:\steam\steamapps\common\natural locomotion\naturallocomotion_host.exe] => (Block) E:\steam\steamapps\common\natural locomotion\naturallocomotion_host.exe () [Archivo no firmado]
FirewallRules: [{1FCC1561-5375-4540-B069-067B5192C925}] => (Allow) C:\Program Files (x86)\Moonlight Internet Hosting Tool\miss.exe (Cameron Gutman -> Moonlight Game Streaming Project)
FirewallRules: [{6E9EF3E9-0D74-439A-8034-EDE1E2B1E9F5}] => (Allow) C:\Program Files (x86)\Moonlight Internet Hosting Tool\mist.exe (Cameron Gutman -> Moonlight Game Streaming Project)
FirewallRules: [{E3FED367-3BDF-468B-A437-E5276D8DA000}] => (Allow) LPort=47984
FirewallRules: [{CA475D03-23CC-4311-9164-8854F23507D1}] => (Allow) LPort=47989
FirewallRules: [{4B8F4F48-7062-4677-AD33-EEA8C404EB9D}] => (Allow) LPort=48010
FirewallRules: [{9A6C37CA-39EF-439B-A424-F922FE88E03E}] => (Allow) LPort=47998
FirewallRules: [{899589DD-14B2-4958-B838-52DFC4A33172}] => (Allow) LPort=47999
FirewallRules: [{C9F2D1D9-3D52-44FD-9F68-2531F7FBEBA9}] => (Allow) LPort=48000
FirewallRules: [{CE9F23C4-A0EC-497C-8362-170B5A60E3A7}] => (Allow) LPort=48010
FirewallRules: [{876CB5DE-558A-49EB-B575-BF50BBFC43E3}] => (Allow) LPort=5353
FirewallRules: [{D2596AD9-2BE9-450B-9FD8-96B52431B2EA}] => (Allow) C:\Program Files (x86)\Moonlight Internet Hosting Tool\GSv6Fwd.exe (Cameron Gutman -> Moonlight Game Streaming Project)
FirewallRules: [TCP Query User{0F2D5807-2E2B-41A5-880F-C5B828ADD905}C:\program files\winpinator\winpinator.exe] => (Allow) C:\program files\winpinator\winpinator.exe (Łukasz Świszcz) [Archivo no firmado]
FirewallRules: [UDP Query User{2BAB0155-6687-41B8-87C8-93997222C476}C:\program files\winpinator\winpinator.exe] => (Allow) C:\program files\winpinator\winpinator.exe (Łukasz Świszcz) [Archivo no firmado]
FirewallRules: [{B9B3FEBC-1D5E-4F9F-BCFD-1A0A7DCC48F2}] => (Allow) E:\Steam\steamapps\common\Living With SIster Monochrome Fantasy\Game.exe () [Archivo no firmado]
FirewallRules: [{67D0952C-CFC8-4E8B-984F-E90BB219EC6B}] => (Allow) E:\Steam\steamapps\common\Living With SIster Monochrome Fantasy\Game.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{EFEB7DB1-31DE-492D-BC11-9EF0375E16F2}C:\users\jorge\downloads\bakart_pclocal\bakart_pclocal\bakart.exe] => (Allow) C:\users\jorge\downloads\bakart_pclocal\bakart_pclocal\bakart.exe => Ningún archivo
FirewallRules: [UDP Query User{E7640A7C-D9D7-4E50-B6AA-60E4807AA817}C:\users\jorge\downloads\bakart_pclocal\bakart_pclocal\bakart.exe] => (Allow) C:\users\jorge\downloads\bakart_pclocal\bakart_pclocal\bakart.exe => Ningún archivo
FirewallRules: [TCP Query User{72A2338F-7EB1-4FF2-8712-198E164EB6E9}E:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) E:\steam\steamapps\common\europa universalis iv\eu4.exe => Ningún archivo
FirewallRules: [UDP Query User{414AB5CE-1D0C-47EE-ACA6-D5813436C98B}E:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) E:\steam\steamapps\common\europa universalis iv\eu4.exe => Ningún archivo
FirewallRules: [{E89A5268-3A14-475C-81A1-6A8E4046E23B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CAC18CF0-7F69-47D3-BEF9-AB6D77531973}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C0BE64D8-FE4B-4489-B441-1E8C3CC0A8C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3294597B-BAAE-4BA4-A02D-3276A160E9B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{33B00EFF-C0C2-4419-8F55-FA6A1DC576EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{12A2B053-0C8E-4E97-BE3D-DA5DEA18B794}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{848EE35B-8814-4130-BCEA-64EBC8742D97}] => (Allow) E:\Steam\steamapps\common\ContractorsVR\Contractors.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{1D1EBE1F-A6F4-440C-B141-509515377783}] => (Allow) E:\Steam\steamapps\common\ContractorsVR\Contractors.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{E9C655E6-BEDD-4C79-9BD0-1C7F0F5237E3}E:\steam\steamapps\common\contractorsvr\contractors_ue4_22\binaries\win64\contractors_ue4_22_steam-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\contractorsvr\contractors_ue4_22\binaries\win64\contractors_ue4_22_steam-win64-shipping.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{8F227353-E587-4602-900E-B20CC5111204}E:\steam\steamapps\common\contractorsvr\contractors_ue4_22\binaries\win64\contractors_ue4_22_steam-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\contractorsvr\contractors_ue4_22\binaries\win64\contractors_ue4_22_steam-win64-shipping.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{3A1D80F6-5040-4A57-9B4F-5E0C0C2ACBA9}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{3C2559BC-4B82-4937-806B-A044E90301D8}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{1178C02F-EB75-4192-BA24-F1A5CFB37711}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{7EFFF5E9-A235-4D0B-992E-43A2D0A47DA4}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{81C8FAC6-3D89-4F48-B602-67BEC4EA748A}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{1C0F5751-EA14-463B-848F-5B8CA935CDDC}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{AA24B5F6-9CF4-437F-B5CB-98DF595875D0}] => (Allow) D:\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{9A05C709-8942-4478-B0FA-6FDBBAA9E4DC}] => (Allow) D:\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{31CFE52D-BB42-4AE9-9CEA-F922929E5EE9}] => (Allow) D:\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Archivo no firmado]
FirewallRules: [{D4780C9C-FC47-4213-BBEA-FF187537354F}] => (Allow) D:\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Archivo no firmado]
FirewallRules: [{88444481-F37C-466A-A94C-6B8E9C0006E0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B16CF511-A9E4-4271-BC77-EE4315FCA9A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B513B2F6-D5EC-4CFD-B73A-E655F75355DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{488368B0-6CB1-4FFE-AC3F-C5CDC21E02F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A00B4262-92A4-4BE9-BFBF-5D828B14A321}] => (Allow) E:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [{4990057A-3AE8-4229-A2A8-33F9AFE9B1FE}] => (Allow) E:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [{C4218A32-F729-4644-BAA9-D698BF5774DA}] => (Allow) D:\Juegos\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{385FD991-8754-4AA0-9C11-4E0C9B67D309}] => (Allow) D:\Juegos\BlueStacks X\Cloud Game.exe => Ningún archivo
FirewallRules: [{E35A8602-EE62-4FEE-9A7D-0F79FFE293E4}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{EE767D49-A349-436B-9348-306B3BBBC654}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [{FB35880E-C876-4A76-B271-B49F3B4957BD}] => (Allow) E:\Steam\steamapps\common\Project Railgun\Project Railgun.exe () [Archivo no firmado]
FirewallRules: [{F9DA4D40-E303-4937-A45D-73BF1D4691F4}] => (Allow) E:\Steam\steamapps\common\Project Railgun\Project Railgun.exe () [Archivo no firmado]
FirewallRules: [{D48B0061-77A0-4029-9867-671E2F1D3590}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{93D5729B-410A-448B-8990-1599D5A81D74}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [TCP Query User{905E7373-BE13-4773-8A5D-EF2B75EDFD14}E:\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) E:\steam\steamapps\common\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [UDP Query User{E67DBB28-3E0F-411F-BFA4-1060CB4D45E1}E:\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) E:\steam\steamapps\common\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{D433D6BF-55D0-4E30-A187-D34AB6941DD7}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{AE263AEE-45DF-4A75-A8D6-0369EF674735}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [TCP Query User{26FC82FE-97E6-4962-A625-F35F52EE0261}D:\juegos\eroge\take me to the dungeon v1.0.12\take me to the dungeon!!.exe] => (Allow) D:\juegos\eroge\take me to the dungeon v1.0.12\take me to the dungeon!!.exe => Ningún archivo
FirewallRules: [UDP Query User{A32C8AE2-8813-4EFF-96A6-B8FA1D4A4D53}D:\juegos\eroge\take me to the dungeon v1.0.12\take me to the dungeon!!.exe] => (Allow) D:\juegos\eroge\take me to the dungeon v1.0.12\take me to the dungeon!!.exe => Ningún archivo
FirewallRules: [TCP Query User{1C6E4F9A-87D6-4D61-B6C1-C13E12037306}C:\program files (x86)\steam link\steamlink.exe] => (Allow) C:\program files (x86)\steam link\steamlink.exe (Valve Corporation) [Archivo no firmado]
FirewallRules: [UDP Query User{8460BF8B-7C54-4612-8D68-E2144ED64FA2}C:\program files (x86)\steam link\steamlink.exe] => (Allow) C:\program files (x86)\steam link\steamlink.exe (Valve Corporation) [Archivo no firmado]
FirewallRules: [TCP Query User{652670FF-7AFF-4FA8-B10B-0093B039DDF5}E:\steam\steamapps\common\tmodloader\dotnet\dotnet.exe] => (Allow) E:\steam\steamapps\common\tmodloader\dotnet\dotnet.exe (.NET -> Microsoft Corporation)
FirewallRules: [UDP Query User{CB935EB8-C4DD-4B89-B473-879806D87C15}E:\steam\steamapps\common\tmodloader\dotnet\dotnet.exe] => (Allow) E:\steam\steamapps\common\tmodloader\dotnet\dotnet.exe (.NET -> Microsoft Corporation)
FirewallRules: [TCP Query User{FBA957AD-FEE0-4C91-90DC-7772549D635B}C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta Software GmbH -> )
FirewallRules: [UDP Query User{9543011D-4BC1-4757-8A93-EF4AADE58659}C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta Software GmbH -> )
FirewallRules: [{A0ABF652-7DF4-4E37-965B-03F1EFD5084B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5EB6978E-B88E-415B-A5CA-1F8621B22FCE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4B9AD3A8-9633-4479-AAAD-B383D96675D4}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{822E5861-AEFD-4C87-829C-03DC5DD3FCDB}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{B0F22601-3C21-4DA5-A0C0-891F26C2D58F}C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe] => (Block) C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta Software GmbH -> )
FirewallRules: [UDP Query User{F3B2B3FE-8E8A-42CE-9350-FAD98DEF0F3B}C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe] => (Block) C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta Software GmbH -> )
FirewallRules: [{D4C93CA4-66D6-453E-AD12-FCACC48418B2}] => (Allow) E:\Steam\steamapps\common\SKYBOX VR Video Player\SteamVR_SourceVRPlayer.exe => Ningún archivo
FirewallRules: [{FE030264-508B-4C0F-9AC9-756F9862824D}] => (Allow) E:\Steam\steamapps\common\SKYBOX VR Video Player\SteamVR_SourceVRPlayer.exe => Ningún archivo

==================== Puntos de Restauración =========================

09-06-2024 14:26:47 ZHPcleaner

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/09/2024 05:39:46 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: El programa FRST64.exe versión 9.6.2024.0 dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre este problema, comprueba el historial de problemas en el panel de control de Seguridad y mantenimiento.

Error: (06/09/2024 05:38:51 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/09/2024 05:37:21 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-H975GEV)
Description: Nombre de la aplicación con errores: ESETOnlineScanner.exe, versión: 10.34.8.0, marca de tiempo: 0x65f09154
Nombre del módulo con errores: ntdll.dll, versión: 10.0.22621.3672, marca de tiempo: 0x9fb8f6f2
Código de excepción: 0xc0000008
Desplazamiento de errores: 0x000aabd2
Identificador del proceso con errores: 0x0x39c8
Hora de inicio de la aplicación con errores: 0x0x1daba82a116ccc6
Ruta de acceso de la aplicación con errores: C:\Users\jorge\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 54cedfc0-80ab-4b33-a975-548f2737363e
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/09/2024 05:01:01 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-H975GEV)
Description: Nombre de la aplicación con errores: ESETOnlineScanner.exe, versión: 10.34.8.0, marca de tiempo: 0x65f09154
Nombre del módulo con errores: esdkW.dll, versión: 10.33.8.0, marca de tiempo: 0x637f77ec
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000dc41c
Identificador del proceso con errores: 0x0x390c
Hora de inicio de la aplicación con errores: 0x0x1daba7d8a41bd37
Ruta de acceso de la aplicación con errores: C:\Users\jorge\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Ruta de acceso del módulo con errores: C:\Users\jorge\AppData\Local\ESET\ESETOnlineScanner\esdkW.dll
Identificador del informe: c5653c00-c8b8-4a55-a344-85f722afe7c3
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/09/2024 04:54:44 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-H975GEV)
Description: Nombre de la aplicación con errores: ESETOnlineScanner.exe, versión: 10.34.8.0, marca de tiempo: 0x65f09154
Nombre del módulo con errores: esdkW.dll, versión: 10.33.8.0, marca de tiempo: 0x637f77ec
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000bf59b
Identificador del proceso con errores: 0x0xb90
Hora de inicio de la aplicación con errores: 0x0x1daba7ca93f909b
Ruta de acceso de la aplicación con errores: C:\Users\jorge\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Ruta de acceso del módulo con errores: C:\Users\jorge\AppData\Local\ESET\ESETOnlineScanner\esdkW.dll
Identificador del informe: 42a1afea-6972-4be2-a746-0a0345491ebb
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/09/2024 04:51:33 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-H975GEV)
Description: Nombre de la aplicación con errores: ESETOnlineScanner.exe, versión: 10.34.8.0, marca de tiempo: 0x65f09154
Nombre del módulo con errores: ntdll.dll, versión: 10.0.22621.3672, marca de tiempo: 0x9fb8f6f2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000654e5
Identificador del proceso con errores: 0x0x4f38
Hora de inicio de la aplicación con errores: 0x0x1daba7bf6a5ca6a
Ruta de acceso de la aplicación con errores: C:\Users\jorge\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 65455352-e690-429c-8aa9-939a38302959
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/09/2024 03:10:01 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/09/2024 03:08:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema..


Errores del sistema:
=============
Error: (06/09/2024 05:40:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Google Update サービス (gupdate) no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (06/09/2024 05:40:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Google Update サービス (gupdate).

Error: (06/09/2024 03:12:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Google Update サービス (gupdate) no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (06/09/2024 03:12:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Google Update サービス (gupdate).

Error: (06/09/2024 02:55:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Steam Client Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (06/09/2024 02:55:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Steam Client Service.

Error: (06/09/2024 02:50:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Everything se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/09/2024 02:33:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Google Update サービス (gupdate) no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


Windows Defender:
================
Date: 2024-06-09 12:50:25
Description: 
El acceso controlado a carpetas bloqueó C:\Program Files\Internet Explorer\iexplore.exe para que no pueda modificar %userprofile%\Favorites.
Hora de detección: 2024-06-09T10:50:25.964Z
Usuario: DESKTOP-H975GEV\jorge
Ruta de acceso: %userprofile%\Favorites
Nombre del proceso: C:\Program Files\Internet Explorer\iexplore.exe
Versión de inteligencia de seguridad: 1.413.187.0
Versión del motor: 1.1.24050.5
Versión del producto: 4.18.24050.7
 

Date: 2024-06-08 15:29:58
Description: 
El acceso controlado a carpetas bloqueó C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe para que no pueda modificar %userprofile%\Videos\.gallery.
Hora de detección: 2024-06-08T13:29:58.772Z
Usuario: DESKTOP-H975GEV\jorge
Ruta de acceso: %userprofile%\Videos\.gallery
Nombre del proceso: C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
Versión de inteligencia de seguridad: 1.413.169.0
Versión del motor: 1.1.24050.5
Versión del producto: 4.18.24050.7
 

Date: 2024-06-08 00:35:31
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {EA654C14-1424-4D2E-97DC-006EB4C8AF58}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM 

Date: 2024-06-03 20:10:28
Description: 
El acceso controlado a carpetas bloqueó C:\Windows\explorer.exe para que no pueda modificar %userprofile%\Pictures.
Hora de detección: 2024-06-03T18:10:28.906Z
Usuario: DESKTOP-H975GEV\jorge
Ruta de acceso: %userprofile%\Pictures
Nombre del proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: 1.413.74.0
Versión del motor: 1.1.24050.5
Versión del producto: 4.18.24040.4
 

Date: 2024-06-02 18:50:32
Description: 
El acceso controlado a carpetas bloqueó E:\Steam\steamapps\common\tModLoader\dotnet\dotnet.exe para que no pueda modificar %userprofile%\Documents\My Games\Terraria\tModLoader\.
Hora de detección: 2024-06-02T16:50:32.457Z
Usuario: DESKTOP-H975GEV\jorge
Ruta de acceso: %userprofile%\Documents\My Games\Terraria\tModLoader\
Nombre del proceso: E:\Steam\steamapps\common\tModLoader\dotnet\dotnet.exe
Versión de inteligencia de seguridad: 1.413.53.0
Versión del motor: 1.1.24050.5
Versión del producto: 4.18.24040.4
 

CodeIntegrity:
===============
Date: 2024-06-09 15:10:42
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\jorge\AppData\Local\Discord\app-1.0.9148\Discord.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements. 

Date: 2024-06-09 15:10:42
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\jorge\AppData\Local\Discord\app-1.0.9148\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\RivaTuner Statistics Server\Vulkan\RTSSVkLayer64.dll that did not meet the Microsoft signing level requirements. 

Date: 2024-06-09 13:04:34
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\SUPERAntiSpyware\sasdifsv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. 

Date: 2024-06-09 13:04:33
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\SUPERAntiSpyware\saskutil64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. 


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 1.C0 06/11/2022
Placa base: Micro-Star International Co., Ltd. MAG Z490 TOMAHAWK (MS-7C80)
Procesador: Intel(R) Core(TM) i7-10700K CPU @ 3.80GHz
Porcentaje de memoria en uso: 18%
RAM física total: 32687.9 MB
RAM física disponible: 26755.8 MB
Virtual total: 43439.9 MB
Virtual disponible: 35835.36 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:274.65 GB) (Free:112.1 GB) (Model: Samsung SSD 980 1TB) NTFS
Drive d: (Disco local) (Fixed) (Total:931.5 GB) (Free:407.23 GB) (Model: Samsung SSD 980 1TB) NTFS
Drive e: () (Fixed) (Total:656.1 GB) (Free:382.41 GB) (Model: Samsung SSD 980 1TB) NTFS

\\?\Volume{921ce3c0-bbfa-4076-9be6-f7e4e9a9e015}\ () (Fixed) (Total:0.65 GB) (Free:0.06 GB) NTFS
\\?\Volume{02627f1b-14de-4981-9e7a-7bf31a18d57a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

Una publicación ha sido separada a un nuevo tema: Virus doble acento

No os preocupéis por este problema. Abrí a la vez un hilo en https://www.bleepingcomputer.com y tengo el asunto solucionado, solo falta revisar alguna cosa. Possible malware doubling tildes on my keyboard - Page 2 - Virus, Trojan, Spyware, and Malware Removal Help

Gracias de todos modos, porque estoy seguro que aquí me lo hubieran arreglado igualmente, pero me urgía tenerlo cuanto antes.

Saludos y muchas gracias de nuevo :smile:

Hola buenas @Who_ci bienvenido al foro. Al ser nuevo te recomiendo que te leas las políticas de este. No porque hayas hecho nada mal, sino para saber más acerca del funcionamiento de este.

Primero de todo te recuerdo especialmente este punto de las políticas:

5.2 Recuerden que: NO somos una empresa que le cobra por los servicios, NO somos un servicio técnico, NO atendemos las 24hrs, somos humanos, tenemos también nuestros trabajos, responsabilidades, problemas y familias que atender; somos voluntarios. En conclusión, sólo somos una COMUNIDAD (FORO) DE AYUDANTES VOLUNTARIOS que intentarán ayudarle sin fines de lucro, sin pedirle nada a cambio más que se respeten estas normas y políticas. Sobre todo respeto y camaradería a quienes voluntariamente dedican su tiempo en intentar ayudar a otros.

Respecto a:

Bueno, he estado comprobando todo el tema que comentas en 5 min y sí, parece ser que las infecciones que tenías en tu máquina han estado erradicadas, incluso el malware de la doble tilde.

Los de Bleeping son buenos y más si te está atendiendo un Malware Response Team, pero debo decirte que seas prudente y cauto, aún se tienen que hacer algunas cosas más a tu máquina, no muchas más, pero no lo des aún por zanjado del todo hasta que te lo indiquen. También es bueno dejar pasar un tiempo, a ver como reacciona o se comporta la máquina.

De nada. Ok. De nada. Muchas gracias a ti por tus buenas palabras y por tu agradecimiento. Comentarios como el tuyo son los que me siguen dando ganas y lo que realmente más me motiva para seguir atendiendo nuevos casos.

Por cierto, la infección se ejecutaba/cargaba desde:

Task: {727322A8-F7F3-4175-8208-F284861E470B} - System32\Tasks\Chrome-Reporting Task-dhtdxtiz => c:\windows\system32\cmd.exe [323584 2024-05-30] (Microsoft Windows -> Microsoft Corporation) -> /c start /min powershell.exe -NoProfile -WindowStyle Hidden -Command "Start-Process -FilePath 'C:\Windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe' -ArgumentList 'C:\Users\jorge\zdhtdxtiz\dhtdxtiz.csproj', '/t:dhtdxtiz' -WindowStyle Hidden" <==== ATENCIÓN

Creo que ha sido erradicada de todas las partes en las que se encontraba, por lo que he visto.

Ojo con este malware, es difícil llegar a determinar su punto de alcance. Pero vamos… puede hacer muchas cosas nada deseables en máquinas ajenas.

Te lo dejaré abierto durante un tiempo por si quieres darme réplica a mi mensaje o simplemente comentar o aportar alguna cosa. Pasado un tiempo se cerrará automáticamente.

Salu2.

2 publicaciones han sido fusionadas a un tema existente: Virus doble tilde

Muchas gracias Mixu.

¿Pero entonces el malware se cargaba desde Chrome por lo que veo o Chrome-Reporting no tiene nada que ver con el navegador Chrome? Echando un ojo a esa línea puedo entender el porque me aparecía una ventana de Powershell al iniciar el equipo y luego desaparecía.

Pregunté esto mismo en bleepingcomputer. ¿Debería cambiar las contraseñas verdad? Creo que había leído por aquí que se trataba de keylogger entonces no me fío.

1 me gusta

Hola buenas @Who_ci

De nada.

Básicamente, la tarea se encuentra ubicada en: System32\Tasks\Chrome-Reporting Task-dhtdxtiz y mediante el programador de tareas se utiliza el CMD de windows para básicamente ejecutar una sesión de PowerShell con unos ciertos parámetros para que no sea detectada y privilegios.

Una vez ha arrancado la sesión de PowerShell, digamos que se construye en tiempo real un proyecto llamado dhtdxtiz.csproj para acabar ejecutando /t:dhtdxtiz que no deja de ser una tarea maliciosa definida en el archivo del proyecto .csproj y entonces el malware ya hace de las suyas.

No es la forma más típica o común de ejecutar este malware, pero bueno, se pueden hacer muchas cosas…

¿El que preguntaste? Dime…

¿Qué te han dicho ellos?

Salu2.

Hola buenas.

Al final ejecutamos un programa para borrar las herramientas que hemos instalado a lo largo del proceso de eliminación de los virus. Me dijeron que sí, que recomendaban que cambiase las contraseñas, cosa que estoy haciendo, por lo menos con lo más importante y activando MFA en los lugares que me queda.

Con lo mismo me refería a que les comente el tema de las contraseñas.

Pues vaya que me hayan creado un malware con un proyecto de C#… Lo que me di cuenta es que el Kaspersky Virus Remover borró de temporales unas cargas maliciosas o algo porque también salían en el análisis, pero me parece raro que lo carganse en la carpeta de temp si esto con el tiempo se va borrando según tengo entendido…

Hola buenas @Who_ci

Ok. Sí, ya lo vi es el KPRM lo conozco perfectamente.

Ok.

Ok.

¿Quieres que te dé una serie de recomendaciones y buenas prácticas de seguridad informática básica para usuarios normales de PC?

Sí, pero precisamente por esto típico comportamiento de malware crear cosas en carpetas temporales o que pasan desapercibidas tipo temp, programdata y un largo, etc.

Quiero que me traigas algunas cosas más que anda para darles un vistazo :eyes: :

  1. Captura de pantalla 2024-06-09 191731.png
  2. Captura de pantalla 2024-06-10 105631.png
  3. Captura de pantalla 2024-06-10 105648.png
  4. ESETScan.txt
  5. Reporte del Kaspersky cuando elimino el malware.

¿Actualmente que antivirus tienes instalado en la máquina?

Salu2.

Buenas. Ayer formateé la unidad C porque yo fuí de las personas que migraron de Windows 10 a 11. Por lo que reseteé el pc y se instaló windows 11 desde la nube.

He notado que a nivel de rendimiento el pc va mucho mejor que estos años que he usado Windows 10. Puede ser que mi antigua instalación de Windows 10 estuviese corrupta o algo. Esta vez no he instalado drivers de internet, ni de sonido, ni del procesador, solo el de la GPU de Nvidia, he dejado que Windows actualice el resto.

Por ahora, 0 cuelgues, 0 pantallazos azules y no tengo problemas con los juegos o al cargar páginas en internet.

Por lo que no te puedo pasar ningún log ni captura. Ahora he vuelto a instalar Kaspersky Total Security 2024, hacía tiempo que me cambié de antivirus, al final acabé usando el Windows Defender, pero he vuelto a Kaspersky ya que nunca me dio problemas y ahora parece que es incluso mejor que antes.

Hola @Who_ci

¿ENTONCES POR QUÉ HACER PERDER EL VALIOSO TIEMPO de esta forma tan … A GENTE DE LA COMUNIDAD DE https://www.bleepingcomputer.com/ o de https://forospyware.com?

Nuestro tiempo es valioso, no cobramos nada y ofrecemos ayuda a cambio de nada. Para eso directamente haber formateado la máquina y ya está, no nos haces perder el tiempo y así podremos atender a otros usuarios o dedicarlo a otras cosas que queramos.

No lo estaba, ya que en los scripts de FRST de bleepingcomputer con un par de comandos se revisó esto y todo salió correctamente.

Ojo que el hecho de formatear la máquina no implica que todos los malwares que tenía la otra se hayan erradicado. Todo y que es poco probable, pero se pueden alojar perfectamente en otros sitios.

¿Quieres que te dé una serie de recomendaciones y buenas prácticas de seguridad informática básica para usuarios normales de PC?

Salu2.

Porque fue después de arreglar todo. Recordé, que como he dicho antes, migré de Windows 10 a 11 sin hacer una instalación de 0. Pero lo dicho, desde que formateé el pc va mejor que antes, y cuando digo antes es hace un año. Posiblemente como bien dices, mi pc no estaba corrupto, pero yo no descarto que instalará algún driver que recomienda el fabricante de mi placa (En la web de MSI hay drivers para todos los componentes) y alguno estuviera mermando el rendimiento del pc.

¿ENTONCES POR QUÉ HACER PERDER EL VALIOSO TIEMPO de esta forma tan … A GENTE DE LA COMUNIDAD DE https://www.bleepingcomputer.com/ o de [https://forospyware.com?](https://forospyware.com/?

Como dije fue una decisión que tomé posteriormente al arreglo, además no me arrepiento de haber eliminado los malware, porque como has dicho, hay una posibilidad de que estos se queden almacenados en alguna partición que no le afecte un formateo.

¿Quieres que te dé una serie de recomendaciones y buenas prácticas de seguridad informática básica para usuarios normales de PC?

No vendría mal, gracias Mixu.