Addition.txt
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-04-2020
Ejecutado por Gaston (29-04-2020 06:54:11)
Ejecutado desde C:\
Windows 10 Pro Versión 1909 18363.778 (X64) (2019-09-13 11:47:39)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-2553759803-4258861891-2583773945-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2553759803-4258861891-2583773945-503 - Limited - Disabled)
Gaston (S-1-5-21-2553759803-4258861891-2583773945-1001 - Administrator - Enabled) => C:\Users\Gaston
Invitado (S-1-5-21-2553759803-4258861891-2583773945-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2553759803-4258861891-2583773945-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Actualización de NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
AnalogX PortMapper (HKLM-x32\...\AnalogX PortMapper) (Version: - AnalogX)
Apple Application Support (32 bits) (HKLM-x32\...\{FD52A2FF-4D16-49C4-A2CD-DAC752C18BA2}) (Version: 8.0 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{9B061D60-4E2C-4987-BFFD-423E3D477660}) (Version: 8.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ArroyoMU 0.97 (HKLM-x32\...\ArroyoMU 0.97) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Discord (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{5D2C53C5-AA9C-493F-99B6-A8F458A62EAB}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Privacy Browser (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Epic Privacy Browser) (Version: 71.0.3578.98 - Epic)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Gamers Club Anti-Cheat 3.1.16 (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\5336d6e5-cfd5-580d-976b-0c07db708c28) (Version: 3.1.16 - Gamers Club Engeneering)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gyazo 4.1.0.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Injected Anti-cheat (HKLM-x32\...\Injected Anti-cheat) (Version: 17.2.0.0 - Alejandro Cortés)
iTunes (HKLM\...\{00CF31D7-C80E-4C64-ABE4-5D96B314BB3E}) (Version: 12.10.1.4 - Apple Inc.)
KeyTweak - Keyboard Remapper (remove only) (HKLM-x32\...\KeyTweak) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.61 - Logitech Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Master PDF Editor 5.4.38 (HKLM\...\Master PDF Editor 5.4.38_is1) (Version: 5.4.38 - Code Industry Ltd.)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monster Hunter World (HKLM-x32\...\Monster Hunter World_is1) (Version: - )
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 442.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.59 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Paquete de controladores de Windows - HS Incorporated (massfilter_hs) USB (10/20/2010 2.0.0.8) (HKLM\...\80E97631DA49E8B2E4C5B606C9597BC75EE612F5) (Version: 10/20/2010 2.0.0.8 - HS Incorporated)
Paquete de controladores de Windows - PANTECH Co., Ltd. (PSKTBUS) USB (06/20/2012 4.0.21.0) (HKLM\...\31F11A15A3058696191A3708600383CAA429752E) (Version: 06/20/2012 4.0.21.0 - PANTECH Co., Ltd. )
Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (06/10/2014 2.11.10.0) (HKLM\...\7C7D77F30DA293C8D56A9D5FB8C3E70F4E17DA7F) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd. (ssadbus) USB (11/30/2012 5.30.14.0) (HKLM\...\C9AEC81E4D365534AF50161EDA7C9CC56B205507) (Version: 11/30/2012 5.30.14.0 - SAMSUNG Electronics Co., Ltd. )
Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd. (ssaebus) USB (02/05/2010 5.14.0.0) (HKLM\...\8CDE6EEFC346A059EC210060FC7B7DAA8279D584) (Version: 02/05/2010 5.14.0.0 - SAMSUNG Electronics Co., Ltd. )
Paquete de controladores de Windows - SHARP (shu0bus) USB (08/11/2011 5.28.4.0) (HKLM\...\8A1FC0FFE8E99DF8171E25D8C5AFF587290A67EF) (Version: 08/11/2011 5.28.4.0 - SHARP)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Sidebar Diagnostics (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\SidebarDiagnostics) (Version: 3.5.3 - ArcadeRenegade)
Sound Lock (HKLM-x32\...\{F84098A4-28E4-482F-A5A0-1BB29F2808DD}) (Version: 1.3.2 - 3 APPES) Hidden
Sound Lock (HKLM-x32\...\Sound Lock 1.3.2) (Version: 1.3.2 - 3 APPES)
Speedtest by Ookla (HKLM\...\{DF82FDC9-5957-448E-8AB0-22F3F2E9DA02}) (Version: 1.4.53.001 - Ookla)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.3.8497 - TeamViewer)
Tierras del Sur (HKLM-x32\...\Tierras del Sur_is1) (Version: - Tierras del Sur)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
uTorrent Web (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\utweb) (Version: 1.0.8 - BitTorrent, Inc.)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2020-03-15] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0 [2020-04-22] (Spotify AB) [Startup Task]
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Malwarebytes Anti Malware\mbshlext.dll [2020-04-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_87086da927dcdf63\nvshext.dll [2020-03-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Malwarebytes Anti Malware\mbshlext.dll [2020-04-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
2019-09-09 16:27 - 2018-05-14 22:34 - 000026112 _____ (Copyright (c) Code Industry Ltd ) [Archivo no firmado] C:\WINDOWS\System32\mpelocalmon.dll
2018-04-06 15:29 - 2018-04-06 15:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 15:29 - 2018-04-06 15:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\ssleay32.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\localhost -> localhost
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2018-04-11 20:38 - 2020-04-11 19:31 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\Control Panel\Desktop\\Wallpaper -> E:\Interno Windows\Descargas\1920x1080-2929113-mountains-forest-animals-firewatch-minimalism___animal-wallpapers.jpg
DNS Servers: 200.42.4.207 - 200.49.130.47
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall de Windows está deshabilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: NvContainerLocalSystem => 3
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: ssh-agent => 3
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "Epic Privacy Browser Installer"
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "utweb"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [TCP Query User{A027DA0E-BBD0-4D9C-BCAE-5F3712F794E2}E:\counter-strike 1.6\hl.exe] => (Block) E:\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [UDP Query User{BC031533-01A7-4763-A833-2B5E7C804010}E:\counter-strike 1.6\hl.exe] => (Block) E:\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [TCP Query User{7817DC39-79A3-4596-A1F5-7E58A0E3CD64}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{3A80217E-642E-439C-AE53-A27BE098A71D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{4EE9BAE3-1C32-4855-9D65-FCC4BF8E06A6}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{50559B38-4354-4D87-9EBA-D2B2DC78415F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:**texto en negrita**\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8BDE24AC-A182-4DCA-832D-768C30249FC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E490324-4691-4B02-82B4-9E8511D9AB9B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D65FCB0-A2E5-4786-9F87-CF45A6D36FFE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A5516FF0-1AC0-49D6-B10E-00351B9B99BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BE1B378E-602B-48B3-BE54-5DE4331509EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{40D62F2D-46A6-4682-899E-9EB918EFED7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5B01827-C086-4173-B1CF-C9678D4290D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{792A8088-3250-4C88-A121-AA6170CE19FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D8D4A2DF-FCB7-4874-8821-FAD8FC818923}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{E19704A6-A3C4-45C3-AC49-2E5FD9D7ACC7}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{2DF35F7A-2C48-4AAD-A721-423A6F1A5A35}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C6A1E480-CE73-43B9-9869-666D107157C1}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5CFD2F92-8EE5-4B56-8992-66BC8B4B42FA}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{02C06CF2-C70A-49FE-9C0D-BB6AB26406C3}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A2544D54-A0C1-4D0D-98B7-D8A1CB58D71D}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{E8AE83AC-7200-42E5-9528-F0954DF38BAD}] => (Allow) C:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation )
FirewallRules: [{A6D44A72-B72C-4C47-955B-3491D80BAE85}] => (Allow) C:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation )
FirewallRules: [{BC0A2823-11EA-45D8-AB64-53451120AFB6}] => (Allow) E:\Steam\steamapps\common\Session\SessionGame.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{0CFC06E6-B5E3-4832-B9A5-9A059D45B84A}] => (Allow) E:\Steam\steamapps\common\Session\SessionGame.exe (Epic Games, Inc.) [Archivo no firmado]
==================== Puntos de Restauración =========================
24-04-2020 13:24:00 Punto de control programado
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (04/29/2020 06:54:31 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10660,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/28/2020 11:31:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8916,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/28/2020 11:19:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10380,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/28/2020 10:54:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1828,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/28/2020 10:47:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7172,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/28/2020 10:29:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1844,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/28/2020 04:28:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5969
Error: (04/28/2020 04:28:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5969
Errores del sistema:
=============
Error: (04/28/2020 10:53:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (04/28/2020 10:53:13 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Gaston\AppData\Local\Temp\ehdrv.sys
Error: (04/28/2020 10:53:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (04/28/2020 10:53:12 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Gaston\AppData\Local\Temp\ehdrv.sys
Error: (04/28/2020 10:53:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (04/28/2020 10:53:12 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Gaston\AppData\Local\Temp\ehdrv.sys
Error: (04/28/2020 10:53:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (04/28/2020 10:53:12 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Gaston\AppData\Local\Temp\ehdrv.sys
Windows Defender:
===================================
Date: 2020-04-28 11:46:00.656
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\Interno Windows\Descargas\Vermillon2020.rar
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: PC-GASTON\Gaston
Nombre de proceso: E:\Interno Windows\Descargas\esetonlinescanner.exe
Versión de inteligencia de seguridad: AV: 1.313.2499.0, AS: 1.313.2499.0, NIS: 1.313.2499.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-28 11:44:44.621
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Casdet!rfn&threatid=2147727512&enterprise=0
Nombre: Trojan:Win32/Casdet!rfn
Id.: 2147727512
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\Interno Windows\Descargas\InstaladorTDS2020.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: PC-GASTON\Gaston
Nombre de proceso: E:\Interno Windows\Descargas\esetonlinescanner.exe
Versión de inteligencia de seguridad: AV: 1.313.2499.0, AS: 1.313.2499.0, NIS: 1.313.2499.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-28 11:42:41.574
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\Interno Windows\Descargas\Savage Pr0 v1 - By Nima Najafi (Iranian Crackers)\svhost.dll
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: PC-GASTON\Gaston
Nombre de proceso: E:\Interno Windows\Descargas\esetonlinescanner.exe
Versión de inteligencia de seguridad: AV: 1.313.2499.0, AS: 1.313.2499.0, NIS: 1.313.2499.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-28 10:53:35.988
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files\Code Industry\Master PDF Editor 5\ProjectMasterPDF5.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.313.2499.0, AS: 1.313.2499.0, NIS: 1.313.2499.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-23 10:41:20.572
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {2042F801-3E4E-40BC-B0BC-74D39F28D095}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2020-04-14 22:18:11.691
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.313.1456.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16900.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico.
CodeIntegrity:
===================================
Date: 2020-04-29 06:49:23.557
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-29 06:49:23.551
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-29 06:49:22.323
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-29 06:49:22.322
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-29 06:46:24.693
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-29 06:46:24.690
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-29 00:01:38.642
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-29 00:01:38.641
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. F23f 03/09/2018
Placa base: Gigabyte Technology Co., Ltd. Z170-Gaming K3-CF
Procesador: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Porcentaje de memoria en uso: 25%
RAM física total: 16339.64 MB
RAM física disponible: 12230.53 MB
Virtual total: 18771.64 MB
Virtual disponible: 12793.79 MB
==================== Unidades ================================
Drive c: (WINDOWS) (Fixed) (Total:111.19 GB) (Free:38.63 GB) NTFS
Drive e: (DATOS) (Fixed) (Total:931.51 GB) (Free:605.94 GB) NTFS
Drive f: (DATOS 2) (Fixed) (Total:74.51 GB) (Free:74.32 GB) NTFS
\\?\Volume{c445142c-940d-46ed-b815-c2085c0ed6ba}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{5e5db68d-75de-479d-81e0-bf5691d71822}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 17DE58A3)
Partition: GPT.
==========================================================
Disk: 2 (Size: 74.5 GB) (Disk ID: 2E222E21)
Partition: GPT.
==================== Final de Addition.txt =======================