# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # # DoesNotBelong v8.0.0 # Furtivex Computer Solutions - https://furtivex.net # OS: Microsoft Windows 11 Pro x64 24H2 Español (Spanish) - 080a - 1252 - 850 # Nombre de usuario: Rafitecus (S-1-5-21-1522398979-3316185483-1891492673-1001) # Fecha: 2025_06_08__06_49_04 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # # Procesos: # Controladores: # Servicios: # Archivos: C:\ProgramData\mntemp C:\Users\Rafitecus\AppData\Local\Resmon.ResmonCfg C:\Users\Public\Documents\Steam\CODEX\246620\remote\scores.dat C:\Users\Public\Documents\Steam\RUNE\427520\remote\achievements.dat C:\Users\Rafitecus\AppData\Local\BitTorrentHelper\ledger.bt.co.btdb C:\Users\Rafitecus\AppData\Local\BitTorrentHelper\ledger.bt.co.btdb.key C:\Users\Rafitecus\AppData\Local\BitTorrentHelper\ledger.bt.co.btdb.passwd C:\Users\Rafitecus\AppData\Local\BitTorrentHelper\ledger.bt.co.lock C:\Users\Rafitecus\AppData\Local\BitTorrentHelper\port C:\Users\Rafitecus\AppData\Local\BitTorrentHelper\wallet.log C:\Users\Rafitecus\AppData\Local\Microsoft\BGAHelperLib\BGAUpsell\BrowserSettings.dll C:\Users\Rafitecus\AppData\Local\Microsoft\BGAHelperLib\BingChatInstaller\BrowserSettings.dll C:\WINDOWS\System32\config\systemprofile\AppData\Local\CM28FB2.tmp C:\WINDOWS\System32\config\systemprofile\AppData\Local\CM2AED6.tmp C:\WINDOWS\System32\config\systemprofile\AppData\Local\CM2DE51.tmp C:\WINDOWS\System32\perfc009.dat C:\WINDOWS\System32\perfc00A.dat C:\WINDOWS\System32\perfh009.dat C:\WINDOWS\System32\perfh00A.dat # Carpetas: C:\Users\Rafitecus\AppData\Local\BitTorrentHelper C:\Users\Rafitecus\AppData\Local\Microsoft\BGAHelperLib C:\WINDOWS\Installer\MSI43D1.tmp- C:\WINDOWS\Installer\MSI6BAB.tmp- C:\WINDOWS\Installer\MSI7438.tmp- C:\WINDOWS\Installer\MSI7533.tmp- C:\WINDOWS\Installer\MSID46B.tmp- C:\WINDOWS\Installer\MSID5E6.tmp- C:\WINDOWS\Installer\MSIFA83.tmp- C:\WINDOWS\Installer\MSIFC27.tmp- C:\WINDOWS\Installer\MSIFD12.tmp- # Tareas: # Registro: HKLM\Software\Policies\Microsoft\MRT HKLM\Software\Policies\Microsoft\Windows Defender Security Center HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate HKLM\Software\Policies\Mozilla HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SubscribedContent-338388Enabled HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SubscribedContent-338389Enabled HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SubscribedContent-88000326Enabled HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SystemPaneSuggestionsEnabled [1] => [0] HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\EpicGamesLauncher HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftEdgeAutoLaunch_BFC903BE59A16B11421D77683B854FC3 HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Steam HKLM\System\CurrentControlSet\Control\CrashControl\\AutoReboot [1] => [0] HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14C7AAB0-987C-4112-A8B3-C56A8116B229} HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5CA5B412-483D-476B-BDBA-93128AE301AA} HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EBA0412-4460-4DB0-B4A7-49901978FD05} HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73D66601-4228-477E-A8EE-AF807306FBFF} HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{815823DE-8568-4394-BDC7-09B1F4DEE0A0} HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3804D3F-98EC-4FFF-9A15-417577BA8793} HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E39BEF3B-0FE3-469B-BC31-C39719CC1386} # Cachés: C:\ProgramData\Blizzard Entertainment\Battle.net\Cache (256) C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex (470) C:\Users\Rafitecus\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache\Cache_Data (512) C:\Users\Rafitecus\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Code Cache\js (6640) C:\Users\Rafitecus\AppData\Local\D3DSCache (28) C:\Users\Rafitecus\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data (1339) C:\Users\Rafitecus\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js (2274) C:\Users\Rafitecus\AppData\Local\Microsoft\TokenBroker\Cache (42) C:\Users\Rafitecus\AppData\Local\Microsoft\Windows\INetCache\IE (4) C:\Users\Rafitecus\AppData\Local\Steam\htmlcache\Cache\Cache_Data (1155) C:\Users\Rafitecus\AppData\Local\Steam\htmlcache\Code Cache\js (2728) C:\Users\Rafitecus\AppData\LocalLow\uTorrent.WebView2\EBWebView\Default\Cache\Cache_Data (283) C:\Users\Rafitecus\AppData\LocalLow\uTorrent.WebView2\EBWebView\Default\Code Cache\js (828) C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts (1) C:\WINDOWS\System32\config\systemprofile\AppData\Local (154) C:\WINDOWS\System32\config\systemprofile\AppData\Local\D3DSCache (4) # Misceláneo: AntiVirus Software: Malwarebytes AntiVirus Software: Windows Defender Punto de restauración: Does Not Belong PRESCAN - Creado HKLM\Software\Microsoft\Windows Defender\Exclusions\Extensions HKLM\Software\Microsoft\Windows Defender\Exclusions\IpAddresses HKLM\Software\Microsoft\Windows Defender\Exclusions\Paths C:\ProgramData REG_DWORD 0x0 C:\Users REG_DWORD 0x0 C:\Program Files (x86)\Common Files REG_DWORD 0x0 C:\WINDOWS\TEMP\ REG_DWORD 0x0 HKLM\Software\Microsoft\Windows Defender\Exclusions\Processes msiexec.exe REG_DWORD 0x0 dllhost.exe REG_DWORD 0x0 regasm.exe REG_DWORD 0x0 regsvr32.exe REG_DWORD 0x0 rundll32.exe REG_DWORD 0x0 HKLM\Software\Microsoft\Windows Defender\Exclusions\TemporaryPaths C:\Users\Rafitecus\AppData\Local\CrashDumps\ArmourySocketServer.exe.14468.dmp <1014327> <2025-05-27 05:15:56> C:\Users\Rafitecus\AppData\Local\CrashDumps\ArmourySocketServer.exe.17560.dmp <1012863> <2025-05-28 04:55:05> C:\Users\Rafitecus\AppData\Local\CrashDumps\ArmourySocketServer.exe.18468.dmp <1030078> <2025-06-06 14:42:18> C:\Users\Rafitecus\AppData\Local\CrashDumps\ArmourySocketServer.exe.19120.dmp <1015791> <2025-05-26 04:16:11> C:\Users\Rafitecus\AppData\Local\CrashDumps\ArmourySocketServer.exe.19704.dmp <1024158> <2025-06-03 00:28:09> C:\Users\Rafitecus\AppData\Local\CrashDumps\ArmourySocketServer.exe.20160.dmp <1032861> <2025-06-01 08:45:45> C:\Users\Rafitecus\AppData\Local\CrashDumps\ArmourySocketServer.exe.3880.dmp <1007061> <2025-05-22 02:21:32> C:\Users\Rafitecus\AppData\Local\CrashDumps\ArmourySocketServer.exe.6300.dmp <1041325> <2025-06-04 03:27:59> C:\Users\Rafitecus\AppData\Local\CrashDumps\ArmourySocketServer.exe.8080.dmp <1023446> <2025-05-20 03:27:58> C:\Users\Rafitecus\AppData\Local\CrashDumps\ArmourySocketServer.exe.8844.dmp <1039525> <2025-06-02 23:54:00> C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\AsusDownloadAgent.exe.14072.dmp <2359876> <2025-06-03 13:40:37> C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\AsusDownloadAgent.exe.17256.dmp <2310686> <2025-06-03 00:08:17> C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\AsusDownloadAgent.exe.19420.dmp <2449210> <2025-06-08 12:42:43> C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\AsusDownloadAgent.exe.21732.dmp <2312035> <2025-06-05 16:33:13> C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\AsusDownloadAgent.exe.22180.dmp <2433938> <2025-06-07 17:26:45> C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\AsusDownloadAgent.exe.26132.dmp <2336025> <2025-06-06 14:07:38> C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\AsusDownloadAgent.exe.26552.dmp <2367012> <2025-06-07 23:27:12> C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\AsusDownloadAgent.exe.3540.dmp <2346260> <2025-06-07 17:36:41> C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\AsusDownloadAgent.exe.3600.dmp <2305551> <2025-06-02 15:24:10> C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\AsusDownloadAgent.exe.7652.dmp <2333019> <2025-06-04 17:55:29> # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #