Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-02-2020 Ejecutado por user (02-03-2020 19:46:13) Ejecutado desde C:\Users\user\Desktop Windows 10 Pro Versión 1903 18362.657 (X64) (2019-10-02 22:36:46) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-3093484479-1385412084-2519797603-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3093484479-1385412084-2519797603-503 - Limited - Disabled) defaultuser0 (S-1-5-21-3093484479-1385412084-2519797603-1000 - Limited - Disabled) => C:\Users\defaultuser0 Invitado (S-1-5-21-3093484479-1385412084-2519797603-501 - Limited - Disabled) user (S-1-5-21-3093484479-1385412084-2519797603-1001 - Administrator - Enabled) => C:\Users\user WDAGUtilityAccount (S-1-5-21-3093484479-1385412084-2519797603-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: 360 Total Security (Enabled - Up to date) {2ACC6E6C-C52C-B3B4-DA13-A43E20B1E26D} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 360 Total Security (Enabled - Up to date) {91AD8F88-E316-BC3A-E0A3-9F4C5B36A8D0} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) 4K Video Downloader 4.10 (HKLM\...\{A730612F-DC69-4EEC-AB92-0366346D9CCD}) (Version: 4.10.1.3240 - Open Media LLC) Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Apple Application Support (64 bits) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.) Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brother MFL-Pro Suite DCP-T500W (HKLM-x32\...\{BA07A125-6AC7-4293-89D6-391676FFD041}) (Version: 1.0.2.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7042 - CDBurnerXP) Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Eye4 1.3.1.6 (HKLM-x32\...\{DE24BB52-3A46-4ED1-8E57-41E724F6BC74}_is1) (Version: - Shenzhen VStarcam Technology Co., Ltd) Glary Utilities 5.131 (HKLM-x32\...\Glary Utilities 5) (Version: 5.131.0.157 - Glarysoft Ltd) GoldWave v5.68 (HKLM-x32\...\GoldWave v5.68) (Version: 5.68 - GoldWave Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.87 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 6.0.1.2 - Hi-Rez Studios) Hi-Rez Studios Games (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Icecream Screen Recorder versión 2.67 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 2.67 - Icecream Apps) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4474 - Intel Corporation) iTunes (HKLM\...\{02F0C3CD-24E7-4381-8EC7-564A9BFCFAB1}) (Version: 12.7.3.46 - Apple Inc.) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Lenovo Service Bridge (HKU\S-1-5-21-3093484479-1385412084-2519797603-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo) Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0093 - Lenovo) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3093484479-1385412084-2519797603-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 73.0.1 (x64 es-AR) (HKLM\...\Mozilla Firefox 73.0.1 (x64 es-AR)) (Version: 73.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla) PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.29093 - Realtek Semiconductor Corp.) Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.) Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.7.5.235 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Telegram Desktop version 1.9.14 (HKU\S-1-5-21-3093484479-1385412084-2519797603-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.14 - Telegram FZ-LLC) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden USB Vibration Joystick (BM) (HKLM-x32\...\{61A994FF-DF9B-4937-9DB9-87EC4FF1B31F}) (Version: 1.00.0000 - ShanWan) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.31 - VSO Software) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Wondershare MirrorGo(Version 1.9.0) (HKLM-x32\...\{EE843B49-D9BC-4A9E-A8A7-B9F14C0381C7}_is1) (Version: 1.9.0 - Wondershare) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) Packages: ========= Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation) [MS Ad] Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-28] (Microsoft Studios) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad] ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-08-24] (QIHU 360 SOFTWARE CO. LIMITED -> ) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-08-24] (QIHU 360 SOFTWARE CO. LIMITED -> ) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-08-24] (QIHU 360 SOFTWARE CO. LIMITED -> ) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== (Las entradas pueden ser listadas para ser restauradas o eliminadas.) ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Módulos cargados (Lista blanca) ============= 2017-07-02 00:57 - 2015-04-21 07:29 - 000143360 _____ () [Archivo no firmado] C:\WINDOWS\system32\BrSNMP64.dll 2017-07-02 00:57 - 2015-04-21 07:29 - 000087040 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\WINDOWS\system32\BrNetSti.dll ==================== Alternate Data Streams (Lista blanca) ======== (Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.) AlternateDataStreams: C:\Users\Public\AppData:CSM [476] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [484] ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.) HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice => HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice => HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice => HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice => HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice => HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice => ==================== Internet Explorer sitios de confianza/restringidos ========== (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE trusted site: HKU\S-1-5-21-3093484479-1385412084-2519797603-1001\...\localhost -> localhost ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2016-07-16 08:47 - 2019-01-12 16:46 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-11-10 17:44 - 2019-11-10 17:44 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3093484479-1385412084-2519797603-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-3093484479-1385412084-2519797603-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\Desktop\wallpaper_ori_and_the_blind_forest_definitive_edition_1920x1080_2.jpg DNS Servers: 200.42.4.210 - 200.49.130.52 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKU\S-1-5-21-3093484479-1385412084-2519797603-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3093484479-1385412084-2519797603-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3093484479-1385412084-2519797603-1001\...\StartupApproved\Run: => "UTDUVP4A64DALJX" HKU\S-1-5-21-3093484479-1385412084-2519797603-1001\...\StartupApproved\Run: => "WWLH6QY1WMGCPFC" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [TCP Query User{F0B25BB8-AB64-4648-93C1-7C20E886E8F3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{9F6C655E-92FC-4AC7-A7DC-FEF2A5F9C899}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{3117A5A2-7312-489D-91DD-DB6E221CC98D}C:\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\hirezgames\smite\binaries\win32\smite.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.) FirewallRules: [UDP Query User{BAE22AB2-08B7-46F1-8980-DB72CC81EAA1}C:\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\hirezgames\smite\binaries\win32\smite.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.) FirewallRules: [TCP Query User{CAE36E40-A3C6-4534-9BED-AFEA1E7D196A}C:\program files (x86)\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files (x86)\wondershare\mirrorgo\mirrorgo.exe (Wondershare Technology Co.,Ltd -> Wondershare) FirewallRules: [UDP Query User{6124EB03-6B96-4DA8-A7A1-CA958934E57E}C:\program files (x86)\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files (x86)\wondershare\mirrorgo\mirrorgo.exe (Wondershare Technology Co.,Ltd -> Wondershare) FirewallRules: [{BE001962-0BE0-4DB6-AB4E-54B2DE4A7A2D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D3EC037E-25A2-4069-9EBA-59DD8A0B010B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{62D41052-AF05-49D6-B772-2873D9FD401F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{26778CC8-6EF7-4D08-83BD-A3F0EC285BD5}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{5129E34A-A2D0-4729-B0B7-A578752DFDE6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{80C0D549-5E53-4152-950F-318966B52601}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{BD630988-42A8-4495-BD1E-1144A070269B}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe (Hirez Studios, Inc.) [Archivo no firmado] FirewallRules: [UDP Query User{EB6E5134-1A92-4D91-83E7-EDC071868F7F}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe (Hirez Studios, Inc.) [Archivo no firmado] FirewallRules: [{B0977D21-039A-4859-93B7-7C32D1F58D83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{D13DD646-E026-4E27-A996-ED38AD20EC36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{CBD1CB53-11DC-4945-80A9-0A7F9B9D2DDC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{AB1CE4E6-6882-401D-8F2D-707523CB8D82}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{830DB5D2-5B95-4251-9D61-C14998A6C022}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [Archivo no firmado] FirewallRules: [UDP Query User{16B58DC2-0806-49E5-89F6-3748CED40D39}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [Archivo no firmado] FirewallRules: [{5F21FFC7-04EC-4E95-9C02-7916B3F1BF8E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{17DABAE7-32EF-44E5-9302-ACF5E6E8C1FD}C:\program files (x86)\eye4\superipcam.exe] => (Allow) C:\program files (x86)\eye4\superipcam.exe () [Archivo no firmado] FirewallRules: [UDP Query User{FE004635-11E7-4BF7-9621-FBFDB860DFB3}C:\program files (x86)\eye4\superipcam.exe] => (Allow) C:\program files (x86)\eye4\superipcam.exe () [Archivo no firmado] FirewallRules: [{FE273CE2-70C4-4EF0-B234-4084B9DBF47A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [{18051248-0F12-426E-BDBB-A5CC998D32B5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) ==================== Puntos de Restauración ========================= 22-02-2020 15:00:36 Punto de control programado 29-02-2020 20:52:08 Punto de control programado 02-03-2020 17:13:12 ZHPcleaner ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ Name: Synaptics FP Sensors (WBF) (PID=0011) Description: Synaptics FP Sensors (WBF) (PID=0011) Class Guid: {53d29ef7-377c-4d14-864b-eb3a85769359} Manufacturer: Synaptics FP Sensors Service: WUDFRd Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (03/02/2020 07:42:42 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4848,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (03/02/2020 07:38:02 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center no pudo validar al autor de la llamada con el error %1. Error: (03/02/2020 07:33:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: QHSafeTray.exe, versión: 10.0.0.1380, marca de tiempo: 0x5dceacff Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000 Código de excepción: 0xc000041d Desplazamiento de errores: 0x00610070 Identificador del proceso con errores: 0x14d8 Hora de inicio de la aplicación con errores: 0x01d5f0d66ea33b3b Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe Ruta de acceso del módulo con errores: unknown Identificador del informe: b62e653f-0cc5-484a-a0db-66e80afd71d2 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (03/02/2020 07:23:45 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (11124,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (03/02/2020 07:21:42 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido. . Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Error: (03/02/2020 07:20:22 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado. . A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud. Operación: Recopilando datos del escritor Contexto: Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220} Nombre del escritor: System Writer Id. de instancia del escritor: {c47cc96b-c000-4e3a-8876-2ee2b251b5e1} Error: (03/02/2020 07:09:52 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (11348,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (03/02/2020 06:26:49 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4792,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Errores del sistema: ============= Error: (03/02/2020 06:09:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: El servicio Optimización de distribución no respondió después de iniciar. Error: (03/02/2020 06:02:41 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-FA46B0H) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/02/2020 06:01:55 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-FA46B0H) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/02/2020 06:01:49 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-FA46B0H) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/02/2020 06:00:53 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-FA46B0H) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (03/02/2020 06:00:53 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-FA46B0H) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (03/02/2020 06:00:53 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-FA46B0H) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (03/02/2020 06:00:53 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-FA46B0H) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} CodeIntegrity: =================================== Date: 2020-01-25 13:06:35.881 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2020-01-25 13:06:30.119 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2020-01-25 13:06:12.428 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2019-11-23 18:38:40.431 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2019-11-23 18:38:38.028 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2019-11-23 18:38:23.133 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2019-11-09 21:30:48.445 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2019-11-09 21:30:43.494 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. ==================== Información de la memoria =========================== BIOS: LENOVO 9DCN34WW(V3.04) 07/21/2015 Placa base: LENOVO Lenovo B50-70 Procesador: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz Porcentaje de memoria en uso: 21% RAM física total: 16304.96 MB RAM física disponible: 12802.86 MB Virtual total: 18736.96 MB Virtual disponible: 15351.98 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:930.19 GB) (Free:619.89 GB) NTFS \\?\Volume{075948bb-6a59-4871-9809-c24a1d67f071}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{cc033b99-c7d6-4f2f-8fd1-327b31f39ea3}\ () (Fixed) (Total:0.76 GB) (Free:0.25 GB) NTFS \\?\Volume{cb797cdd-a400-4484-9d7d-64a657c8e4cb}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: D9FA2484) Partition: GPT. ==================== Final de Addition.txt =======================