Informe Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2019
Ran by Desk (23-12-2019 12:40:29)
Running from C:\Users\Desk\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-09-20 12:57:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-165515872-560560262-2892136512-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-165515872-560560262-2892136512-503 - Limited - Disabled)
Invitado (S-1-5-21-165515872-560560262-2892136512-501 - Limited - Disabled)
Desk (S-1-5-21-165515872-560560262-2892136512-1001 - Administrator - Enabled) => C:\Users\Desk
WDAGUtilityAccount (S-1-5-21-165515872-560560262-2892136512-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.05 - Ilya Morozov)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.6.0.25114 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Java 2 Runtime Environment, SE v1.4.2_06 (HKLM-x32\...\{7148F0A8-6813-11D6-A77B-00B0D0142060}) (Version: 1.4.2_06 - Sun Microsystems, Inc.)
Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo)
Loquendo TTS 7 Felipe Multimedia High Quality (HKLM-x32\...\{A1614B8B-E966-4512-BEA9-13A4779983FF}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Fernanda Multimedia High Quality (HKLM-x32\...\{975D7450-C0A7-4AD7-8903-3957B0F92B42}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Portuguese (HKLM-x32\...\{C278A74A-707D-49B5-B847-651B4B80EDED}) (Version: 7.4.0 - Loquendo)
Loquendo TTS Eusebio 6.5.0 (HKLM-x32\...\{8CA82F29-336D-4986-BBC1-2B03C3D4DB4A}) (Version: 6.5.0 - Loquendo)
Loquendo TTS SDK 6.5.4 (HKLM-x32\...\{2A203EFC-1B75-40A3-B5B5-F2C94C4DDFFA}) (Version: 6.5.4 - Loquendo)
Loquendo TTS: Amalia (Portuguese) (HKLM-x32\...\LoqTTS-Amalia_is1) (Version: - )
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-165515872-560560262-2892136512-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.4.0_x86__kgqvnymyfvs32 [2019-12-11] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.27.6.0_x86__kgqvnymyfvs32 [2019-12-13] (king.com)
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1725.0_x64__8j3eq9eme6ctt [2019-10-25] (INTEL CORP) [Startup Task]
Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-16] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-09-20] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-11-21] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0 [2019-12-20] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll [2012-04-06] (Ilya Morozov) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Desk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2012-04-06 15:36 - 2012-04-06 15:36 - 000360720 _____ (Ilya Morozov) [File not signed] C:\Program Files (x86)\Balabolka\BFileExt.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2019-10-18 11:32 - 2019-10-18 17:05 - 000000445 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-165515872-560560262-2892136512-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Desk\Pictures\wallpapaers\red_floweraa2.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{85899F1C-E2EB-4B42-B462-DB2C911F2ED6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{47AD2432-416C-4F7E-8296-02828B1926E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{004FD39B-97E7-4F22-819F-CB8F75A58F63}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{035201AE-6348-4CEB-A4CB-4C9BB1AF8853}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6538E66-5ABE-4A52-AA70-7385DA780296}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{D391A8B4-8109-4FB8-807C-6B59466D697F}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{094F470F-C74B-4CEB-9198-6FE52DECA9F9}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{71F3FE37-A5E5-41C3-9235-9A09A93E8B21}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{430224C9-D9BE-4E81-BBE3-C583CEA630AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DBB626B4-FB2E-4DB0-B544-69ECE48CCF8A}C:\users\Desk\desktop\age of empire ii\empires2.exe] => (Block) C:\users\Desk\desktop\age of empire ii\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{7FB4F058-62BC-4A00-8C07-C470B7E3848A}C:\users\Desk\desktop\age of empire ii\empires2.exe] => (Block) C:\users\Desk\desktop\age of empire ii\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{6DCB1F24-8043-4B49-85D2-9DDB7CFE4B3A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{50A681D3-6662-4690-9D44-78DE0960A299}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BFD395D-07DF-43FF-B32E-8EF0C432C711}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AD00EEF0-CCC4-4DB2-8938-9D7019BA6750}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B2B649FA-05C6-44A8-9B50-8DF09D461A57}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6DE54E6-94A7-4AE6-8F88-D62B627493C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FA609C10-2862-4670-B56D-AF71A9DE6D9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{08A3399A-1D03-4A34-AF35-91CDB8E8561A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{75690EF7-3BD5-46DD-A58A-D1DC83992E61}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
04-12-2019 16:52:26 Punto de control programado
11-12-2019 18:19:00 Punto de control programado
19-12-2019 12:44:11 Punto de control programado
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/13/2019 08:58:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x000d437b
Identificador del proceso con errores: 0x1a70
Hora de inicio de la aplicación con errores: 0x01d5b1fcfda3cb53
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: a5fc5747-35fb-4f7a-9b51-5567075bd379
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/13/2019 08:58:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000d437b
Identificador del proceso con errores: 0x1a70
Hora de inicio de la aplicación con errores: 0x01d5b1fcfda3cb53
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: 6e440cec-c895-4def-b7b0-5e92ec6e21c2
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/13/2019 06:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x000d437b
Identificador del proceso con errores: 0x1624
Hora de inicio de la aplicación con errores: 0x01d5b1fcd53e71f2
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: 4cfcc2cf-fed3-4ef6-9f8c-5e8bc238e612
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/13/2019 06:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000d437b
Identificador del proceso con errores: 0x1624
Hora de inicio de la aplicación con errores: 0x01d5b1fcd53e71f2
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: 582cfc2a-2be7-45ce-a40f-8ed5c6126be2
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/12/2019 12:07:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.
Error: (12/12/2019 12:07:41 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]
Error: (12/11/2019 04:22:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc000000d
Desplazamiento de errores: 0x003238db
Identificador del proceso con errores: 0x1f8
Hora de inicio de la aplicación con errores: 0x01d5b058285cf336
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: 20c8d02c-3ba4-4b34-a515-d721ea4e78f9
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/06/2019 03:53:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc000000d
Desplazamiento de errores: 0x003238db
Identificador del proceso con errores: 0x1fc8
Hora de inicio de la aplicación con errores: 0x01d5ac63b78a34d2
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: e3dee752-a086-410d-9674-166fe67bcdee
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
System errors:
=============
Error: (12/22/2019 04:57:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN no se pudo iniciar.
Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll
Código de error: 126
Error: (12/22/2019 04:57:00 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.
Error: (12/22/2019 03:13:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN no se pudo iniciar.
Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll
Código de error: 126
Error: (12/22/2019 03:13:18 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Error irrecuperable al procesar los datos de restauración.
Error: (12/22/2019 03:13:45 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 20:01:25 del 20/12/2019 resultó inesperado.
Error: (12/19/2019 11:44:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN no se pudo iniciar.
Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll
Código de error: 126
Error: (12/19/2019 11:43:35 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Error irrecuperable al procesar los datos de restauración.
Error: (12/19/2019 11:44:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 19:44:00 del 19/12/2019 resultó inesperado.
Windows Defender:
===================================
Date: 2019-12-22 16:03:09.390
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C377E073-A8B9-45C1-AC10-3FF3DCC15180}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Desk: NT AUTHORITY\SYSTEM
Date: 2019-12-22 15:51:18.802
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {0A7CB5F9-8D89-4F0B-8321-139E8F9AA673}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Desk: NT AUTHORITY\SYSTEM
Date: 2019-12-22 15:18:35.468
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.A!ml&threatid=2147735504&enterprise=0
Nombre: Trojan:Win32/Wacatac.A!ml
Id.: 2147735504
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\Age of Empires II HD\steam_api.dll
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Desk: DESKTOP-EI6KTDO\Desk
Nombre de proceso: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Versión de inteligencia de seguridad: AV: 1.307.955.0, AS: 1.307.955.0, NIS: 1.307.955.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7
Date: 2019-12-22 15:18:24.566
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.A!ml&threatid=2147735504&enterprise=0
Nombre: Trojan:Win32/Wacatac.A!ml
Id.: 2147735504
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\Age of Empires II HD\steam_api.dll
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Desk: DESKTOP-EI6KTDO\Desk
Nombre de proceso: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Versión de inteligencia de seguridad: AV: 1.307.955.0, AS: 1.307.955.0, NIS: 1.307.955.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7
Date: 2019-12-22 15:18:19.109
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.A!ml&threatid=2147735504&enterprise=0
Nombre: Trojan:Win32/Wacatac.A!ml
Id.: 2147735504
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\Age of Empires II HD\steam_api.dll
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Desk: DESKTOP-EI6KTDO\Desk
Nombre de proceso: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Versión de inteligencia de seguridad: AV: 1.307.955.0, AS: 1.307.955.0, NIS: 1.307.955.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7
Date: 2019-11-25 01:05:41.790
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.305.2700.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Desk: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16500.1
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
CodeIntegrity:
===================================
Date: 2019-12-23 12:26:04.545
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-23 12:25:47.328
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-23 12:24:40.166
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-23 12:24:39.313
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-23 12:24:36.793
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-23 12:23:34.154
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-23 12:23:33.554
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-23 12:23:32.195
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F20 11/16/2016
Motherboard: Gigabyte Technology Co., Ltd. H110M-H-CF
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 36%
Total physical RAM: 8104.43 MB
Available physical RAM: 5163.93 MB
Total Virtual: 9384.43 MB
Available Virtual: 6442.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.95 GB) (Free:870.28 GB) NTFS
Drive g: () (Fixed) (Total:298.09 GB) (Free:261.81 GB) NTFS
\\?\Volume{2bf1b162-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.57 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BF1B162)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================