Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-06-2020 Ejecutado por tomas (15-06-2020 12:07:42) Ejecutado desde C:\Users\tomas\Downloads Windows 10 Home Versión 1909 18363.900 (X64) (2020-02-24 13:31:18) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-2121011719-3623789946-4113952497-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2121011719-3623789946-4113952497-503 - Limited - Disabled) Invitado (S-1-5-21-2121011719-3623789946-4113952497-501 - Limited - Disabled) tomas (S-1-5-21-2121011719-3623789946-4113952497-1001 - Administrator - Enabled) => C:\Users\tomas WDAGUtilityAccount (S-1-5-21-2121011719-3623789946-4113952497-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\...\uTorrent) (Version: 3.5.5.45672 - BitTorrent Inc.) Actualización de NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden Age of Empires II - The Age of Kings versión 1.0 (HKLM-x32\...\{BBAA1C37-A40B-4FD8-8C6B-C9B4106D3C63}_is1) (Version: 1.0 - MasterEGA, Inc.) Age of Mythology + The Titans (HKLM-x32\...\Age of Mythology + The Titans Expansion_is1) (Version: - ) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd) Discord (HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\...\Discord) (Version: 0.0.306 - Discord Inc.) Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.1.29511 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden inSSIDer (HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\...\inSSIDer) (Version: 5.2.18 - MetaGeek, LLC) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7870 - Intel Corporation) LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.) Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes) Mi PC Suite (HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\...\MiPhoneManager) (Version: - Xiaomi Inc.) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.5.2059.317 - Microsoft Corporation) MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) NetSpot (HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\...\8f902e8bea10afc7) (Version: 2.12.716.0 - Etwok Inc.) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA Controlador de gráficos 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) Spotify (HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\...\Spotify) (Version: 1.1.34.694.gac68a2b3 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Visual Studio Community 2019 (HKLM-x32\...\b859a31c) (Version: 16.5.29920.165 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN) Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly) VS Script Debugging Common (HKLM\...\{D8B26CBD-15D2-440B-BCBD-5616D74EFC7D}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden vs_communitymsi (HKLM-x32\...\{FDC38876-AD68-4616-942D-AC3194DAB0A3}) (Version: 16.5.29814 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{79DDA8FF-26D4-498A-B8D7-5DFA86EAD686}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{7DB17E2A-450D-4DBD-9C17-545A95804B0C}) (Version: 16.5.29814 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{C309FC3D-20C2-4F48-AF46-E59674774602}) (Version: 16.5.29814 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{4D33D909-B071-41D2-B305-96B8586F911E}) (Version: 16.5.29814 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{A0FCE4F1-71FB-4910-872E-FCBF5E323491}) (Version: 16.0.28329 - Microsoft Corporation) Hidden WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) Packages: ========= Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-18] (Microsoft Corporation) HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.7.197.0_x64__dt26b99r8h8gj [2020-02-24] (Realtek Semiconductor Corp) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-27] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Studios) [MS Ad] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.19.31501.0_x64__8wekyb3d8bbwe [2020-06-15] (Microsoft Corporation) MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2020-03-08] (NVIDIA Corp.) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-2121011719-3623789946-4113952497-1001_Classes\CLSID\{11025cdd-08dd-4e8e-9d12-c931c55cc98d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2121011719-3623789946-4113952497-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\tomas\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64\FileSyncShell64.dll => Ningún archivo CustomCLSID: HKU\S-1-5-21-2121011719-3623789946-4113952497-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\tomas\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64\FileSyncShell64.dll => Ningún archivo CustomCLSID: HKU\S-1-5-21-2121011719-3623789946-4113952497-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\tomas\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64\FileSyncShell64.dll => Ningún archivo CustomCLSID: HKU\S-1-5-21-2121011719-3623789946-4113952497-1001_Classes\CLSID\{94613b34-6ac1-42f4-9cd1-3cddf0898207}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-30] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll [2020-06-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_e115ca539654e4a0\nvshext.dll [2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-30] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== (Las entradas pueden ser listadas para ser restauradas o eliminadas.) ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\WhatsChrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=bgkodfmeijboinjdegggmkbkjfiagaan ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Tomas (Tomás) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ==================== Módulos cargados (Lista blanca) ============= ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 46.6.113.34 - 212.231.6.7 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: LMIGuardianSvc => 2 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2121011719-3623789946-4113952497-1001\...\StartupApproved\Run: => "Voobly" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [TCP Query User{A404149E-4E2E-4069-84CD-E99684CA5BED}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{A760ABA3-135F-4539-B879-4273164F92BB}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{064F1946-9776-4C2B-8DFE-7FC2580FA3E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{606B8B21-1ED6-4885-ADD2-56B42D5B995B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{FABB7C8C-D9B0-408D-B320-DDF25018E3CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo FirewallRules: [{523A056F-75ED-4CD7-9E4D-DA016D6939D4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo FirewallRules: [{658D8DEC-2226-4FA6-AE62-AA3A58E3A717}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{7969B5B5-9A26-4D99-9014-25F493A8FDA6}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [TCP Query User{B9DEC821-E3FA-4EE6-B7F9-EDC8C509F065}C:\program files (x86)\age of empires ii - the age of kings\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\age of empires ii - the age of kings\age2_x1\age2_x1.exe (Microsoft Corporation) [Archivo no firmado] FirewallRules: [UDP Query User{57B2AB7C-387D-443A-BC09-9076A93B1BB1}C:\program files (x86)\age of empires ii - the age of kings\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\age of empires ii - the age of kings\age2_x1\age2_x1.exe (Microsoft Corporation) [Archivo no firmado] FirewallRules: [{846904F2-B1B0-413F-800B-9C6B5CD3CAFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5832A040-FA76-4A48-BCA8-EA5378A8AC11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7BE71988-4DAA-411C-9143-990A6F6A9E0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D3C59849-8660-4509-9C60-B311AB77C2A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6A609C16-24A6-46AF-B94E-330777D430CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BA4BEF38-AE6B-4C42-8D34-49C04EB0A781}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{24630AF5-DAC3-4229-B515-379E7AAFADEB}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [UDP Query User{19D34DAB-9169-44A0-B1C1-03F2BD6232D2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{136EDECB-E110-4BEF-9450-47A669768A06}C:\program files (x86)\steam\steamapps\common\age of empires ii hd\age of empires ii hd\aok hd.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires ii hd\age of empires ii hd\aok hd.exe => Ningún archivo FirewallRules: [UDP Query User{794D8FCF-FAA0-4D17-9362-CC88278F10AF}C:\program files (x86)\steam\steamapps\common\age of empires ii hd\age of empires ii hd\aok hd.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires ii hd\age of empires ii hd\aok hd.exe => Ningún archivo FirewallRules: [TCP Query User{F235975B-8466-4658-B2F2-3CB89845936A}C:\program files (x86)\steam\steamapps\common\age of empires ii hd\aok hd.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires ii hd\aok hd.exe => Ningún archivo FirewallRules: [UDP Query User{F990E270-7713-4896-A0ED-29D8D693A5E8}C:\program files (x86)\steam\steamapps\common\age of empires ii hd\aok hd.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires ii hd\aok hd.exe => Ningún archivo FirewallRules: [{850CDEE3-B441-4D4E-AFC6-627C8ABCF130}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{550A393E-807E-468A-802C-758A2AB0BC38}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{8826C8A3-81C1-45F5-861A-503C6A334DE2}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{C654AC4F-3ED3-4164-8B10-F94CC62B3292}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{A3F5CFCB-ABC7-4478-AC44-91A6D18F3789}C:\games\age of empires ii definitive edition\aoe2de_s.exe] => (Allow) C:\games\age of empires ii definitive edition\aoe2de_s.exe => Ningún archivo FirewallRules: [UDP Query User{A08F4511-AFB7-4E14-B1C7-0469FF5FDCE8}C:\games\age of empires ii definitive edition\aoe2de_s.exe] => (Allow) C:\games\age of empires ii definitive edition\aoe2de_s.exe => Ningún archivo FirewallRules: [TCP Query User{CC79D3F1-A4A1-4039-82DE-CECE1C48CF09}C:\games\age of empires ii definitive edition\battleserver\battleserver.exe] => (Allow) C:\games\age of empires ii definitive edition\battleserver\battleserver.exe => Ningún archivo FirewallRules: [UDP Query User{706BD5CE-1552-44B9-8D5E-3A9535B42756}C:\games\age of empires ii definitive edition\battleserver\battleserver.exe] => (Allow) C:\games\age of empires ii definitive edition\battleserver\battleserver.exe => Ningún archivo FirewallRules: [TCP Query User{8C70E043-5422-4C57-80F3-30F90007904A}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{3DCFA5EE-5649-4B25-95B8-8FD603C0FD91}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{D3856594-05BB-4D69-945C-F708E616D755}C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe => Ningún archivo FirewallRules: [UDP Query User{D2CEFFCE-77A1-4458-BD9A-934DB649AE28}C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe => Ningún archivo FirewallRules: [{2AAA5874-D003-4221-94CB-8C794D51350D}] => (Block) C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe => Ningún archivo FirewallRules: [{14F72B70-CBCB-4B89-88EE-A0E68B84202B}] => (Block) C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe => Ningún archivo FirewallRules: [TCP Query User{88A1D591-9298-4224-BD02-9DFA0DDBFA35}C:\program files (x86)\steam\steamapps\common\age of mythology extended edition\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology extended edition\aomx.exe => Ningún archivo FirewallRules: [UDP Query User{4CD17D8E-FFAA-4C5E-8BD5-C76A3AEF4508}C:\program files (x86)\steam\steamapps\common\age of mythology extended edition\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology extended edition\aomx.exe => Ningún archivo FirewallRules: [{58D77383-2CBE-4490-A8C5-3B017E956845}] => (Block) C:\program files (x86)\steam\steamapps\common\age of mythology extended edition\aomx.exe => Ningún archivo FirewallRules: [{F6396D42-7A30-4E23-9879-282B4E87F91E}] => (Block) C:\program files (x86)\steam\steamapps\common\age of mythology extended edition\aomx.exe => Ningún archivo FirewallRules: [TCP Query User{643C3326-B77E-4A25-A071-B0CB09925FF0}C:\program files (x86)\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomx.exe (Ensemble Studios) [Archivo no firmado] FirewallRules: [UDP Query User{8F96D9B3-BBA9-43FE-AB41-3B11D418B33E}C:\program files (x86)\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomx.exe (Ensemble Studios) [Archivo no firmado] FirewallRules: [{39642E4A-7916-45F2-98AC-E141DDC235C9}] => (Block) C:\program files (x86)\microsoft games\age of mythology\aomx.exe (Ensemble Studios) [Archivo no firmado] FirewallRules: [{3C30CC28-8A6A-4FFF-AF51-15F39E3941EB}] => (Block) C:\program files (x86)\microsoft games\age of mythology\aomx.exe (Ensemble Studios) [Archivo no firmado] FirewallRules: [TCP Query User{5CC9E5E6-C118-4F62-B08D-890ED25C3947}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe (Voobly) [Archivo no firmado] FirewallRules: [UDP Query User{ADF16045-53C8-4B30-AEDE-5D24ADF4C0B1}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe (Voobly) [Archivo no firmado] FirewallRules: [TCP Query User{B6C4998A-6E5A-469F-973C-DCD2CE779018}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe (Voobly) [Archivo no firmado] FirewallRules: [UDP Query User{6B4DFA23-EAE3-4BFA-936D-846F107FB5C3}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe (Voobly) [Archivo no firmado] FirewallRules: [TCP Query User{DB576E57-A02E-4E53-BD8F-3DC62EB21FA8}C:\program files (x86)\microsoft games\age of mythology\aomxnocd.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomxnocd.exe (Ensemble Studios) [Archivo no firmado] FirewallRules: [UDP Query User{451C9248-9897-4676-837A-A38D1B82A107}C:\program files (x86)\microsoft games\age of mythology\aomxnocd.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomxnocd.exe (Ensemble Studios) [Archivo no firmado] FirewallRules: [TCP Query User{85B99F06-E587-446F-BF2C-ACADD396FD80}C:\users\tomas\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\tomas\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司) FirewallRules: [UDP Query User{DD84EBAD-8251-4A7C-827B-47E0E6D8A64A}C:\users\tomas\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\tomas\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司) FirewallRules: [{3BB05C11-2260-4CA3-B323-2A29CB8D4A94}] => (Block) C:\users\tomas\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司) FirewallRules: [{67A2C065-6A58-424A-BD71-07CE43F8BFDE}] => (Block) C:\users\tomas\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司) FirewallRules: [TCP Query User{EEDC5888-3688-4274-87CC-5DA7A59DA6A2}C:\xiaomi\xiaomitool2\bin\javaw.exe] => (Allow) C:\xiaomi\xiaomitool2\bin\javaw.exe FirewallRules: [UDP Query User{6C9C5FD9-EBF4-423E-8CC3-B2254307A83C}C:\xiaomi\xiaomitool2\bin\javaw.exe] => (Allow) C:\xiaomi\xiaomitool2\bin\javaw.exe FirewallRules: [{9E82C05E-892C-43AC-B40D-DD885D5F4795}] => (Allow) C:\Users\tomas\AppData\Local\MiPhoneManager\main\MiPCSuite.exe (Xiaomi Technology Inc -> Xiaomi.Inc) FirewallRules: [TCP Query User{B31E02BC-8619-4958-938A-B183D5992C10}C:\program files (x86)\age of empires ii - the age of kings\age2_x1\age2_x1.exe] => (Block) C:\program files (x86)\age of empires ii - the age of kings\age2_x1\age2_x1.exe (Microsoft Corporation) [Archivo no firmado] FirewallRules: [UDP Query User{838700A6-D7D0-49B4-8CC6-066AE6BD190E}C:\program files (x86)\age of empires ii - the age of kings\age2_x1\age2_x1.exe] => (Block) C:\program files (x86)\age of empires ii - the age of kings\age2_x1\age2_x1.exe (Microsoft Corporation) [Archivo no firmado] FirewallRules: [TCP Query User{CE36B5EC-4061-416C-8755-612EB23FD3A2}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [UDP Query User{407E5209-F5AA-482E-9688-762ED1614A84}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{1080ABB6-CF77-4FD3-9453-373DA20E999F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{CF75089A-EE96-4F16-B7EF-44D29EA1996C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{C3D2C11A-8327-43FC-8FB1-4149AE58EE00}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Puntos de Restauración ========================= 24-05-2020 14:50:37 Punto de control programado 07-06-2020 11:40:56 Punto de control programado 12-06-2020 00:12:34 Windows Update ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (06/15/2020 11:08:50 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004C003 Argumentos de línea de comandos: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (06/15/2020 11:08:50 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004E028 Argumentos de línea de comandos: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (06/15/2020 11:08:50 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Error de adquisición de la licencia para el usuario final. hr=0xC004C003 Id. de Sku=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8 Error: (06/15/2020 11:08:50 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Detalles del error de adquisición de licencias. hr=0xC004C003 Error: (06/15/2020 11:08:48 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Error de adquisición de la licencia para el usuario final. hr=0xC004C003 Id. de Sku=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8 Error: (06/15/2020 11:08:48 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Detalles del error de adquisición de licencias. hr=0xC004C003 Error: (06/15/2020 11:08:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004E028 Argumentos de línea de comandos: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (06/15/2020 10:28:37 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004C003 Argumentos de línea de comandos: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable Errores del sistema: ============= Error: (06/15/2020 11:08:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio SecDrv no pudo iniciarse debido al siguiente error: Se ha bloqueado la descarga de este controlador Error: (06/15/2020 11:08:40 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Windows\SysWow64\drivers\SECDRV.SYS Error: (06/15/2020 07:09:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T3D893E) Description: El servidor Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy!App no se registró con DCOM dentro del tiempo de espera requerido. Error: (06/15/2020 12:27:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (06/14/2020 12:26:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio SecDrv no pudo iniciarse debido al siguiente error: Se ha bloqueado la descarga de este controlador Error: (06/14/2020 12:26:47 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Windows\SysWow64\drivers\SECDRV.SYS Error: (06/14/2020 12:26:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T3D893E) Description: El servidor {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} no se registró con DCOM dentro del tiempo de espera requerido. Error: (06/14/2020 12:26:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T3D893E) Description: El servidor {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} no se registró con DCOM dentro del tiempo de espera requerido. Windows Defender: =================================== Date: 2020-05-24 11:24:18.012 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {BB2B8AA4-9467-4A71-A81D-67D891BBF755} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-05-15 15:54:34.227 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {A33BB296-106C-433D-8868-8C13FD6CC269} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-05-14 23:55:14.000 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0 Nombre: Trojan:Win32/Occamy.C Id.: 2147726780 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\adb.exe; file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Device Information.exe; file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Device Product Name Check (Fastboot ).exe; file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Fastboot Devices Check.exe; file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Fastboot Reboot.exe; file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Pattern Password Remove.exe; file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Qloader Mode (Faboot 2 ).exe; file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Qloader Mode ( ADB ).exe; file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Qloader Mode (Faboot 1 ).exe; file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Recovery Devices Check.exe; file:_C:\Users\tomas\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Recove Origen de detección: Equipo local Tipo de detección: FastPath Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de inteligencia de seguridad: AV: 1.315.630.0, AS: 1.315.630.0, NIS: 1.315.630.0 Versión de motor: AM: 1.1.17000.7, NIS: 1.1.17000.7 Date: 2020-05-09 00:52:39.711 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Lekinik.B&threatid=2147753101&enterprise=0 Nombre: Behavior:Win32/Lekinik.B Id.: 2147753101 Gravedad: Grave Categoría: Comportamiento sospechoso Ruta de acceso: behavior:_pid:648:138211793601246; process:_pid:648,ProcessStart:132334519426833732 Origen de detección: Desconocido Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Windows\System32\cmd.exe Versión de inteligencia de seguridad: AV: 1.315.285.0, AS: 1.315.285.0, NIS: 1.315.285.0 Versión de motor: AM: 1.1.17000.7, NIS: 1.1.17000.7 Date: 2020-05-03 14:48:07.014 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {1D1DD0DF-EFE6-4BC8-8614-E1CCC98A5C11} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-05-30 20:28:49.994 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.317.160.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17100.2 Código de error: 0x8024402c Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. Date: 2020-05-21 14:28:14.055 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.315.1036.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17000.7 Código de error: 0x8024402c Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. Date: 2020-05-14 03:16:49.324 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.315.501.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17000.7 Código de error: 0x80240438 Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. Date: 2020-05-12 13:45:34.614 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.315.410.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17000.7 Código de error: 0x8024402c Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. ==================== Información de la memoria =========================== BIOS: AMI F.06 09/03/2019 Placa base: HP 8641 Procesador: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Porcentaje de memoria en uso: 64% RAM física total: 7998.71 MB RAM física disponible: 2876.86 MB Virtual total: 14910.71 MB Virtual disponible: 7504.45 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:469.12 GB) (Free:274.34 GB) NTFS Drive d: (HPDOCS) (Fixed) (Total:3.9 GB) (Free:3.71 GB) FAT32 \\?\Volume{e38491b0-0000-0000-0000-10fa00000000}\ () (Fixed) (Total:3.9 GB) (Free:3.61 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: E38491B0) Partition 1: (Not Active) - (Size=3.9 GB) - (Type=0C) Partition 2: (Active) - (Size=3.9 GB) - (Type=0C) Partition 3: (Not Active) - (Size=469.1 GB) - (Type=07 NTFS) ==================== Final de Addition.txt =======================