Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 08-07-2020 01 Ejecutado por xabig (12-07-2020 17:25:29) Ejecutado desde D:\ESCRITORIO Windows 10 Pro Versión 1909 18363.900 (X64) (2020-02-08 16:56:20) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-2123503126-2224654030-2906569905-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2123503126-2224654030-2906569905-503 - Limited - Disabled) Invitado (S-1-5-21-2123503126-2224654030-2906569905-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2123503126-2224654030-2906569905-504 - Limited - Disabled) xabig (S-1-5-21-2123503126-2224654030-2906569905-1001 - Administrator - Enabled) => C:\Users\xabig ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Kaspersky Total Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} FW: Kaspersky Total Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.) Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_2) (Version: 21.2.0.225 - Adobe Systems Incorporated) Backup and Sync from Google (HKLM\...\{01D33BEA-673C-439C-A7C7-DE5B236DB842}) (Version: 3.50.3166.0017 - Google, Inc.) Capture One 20.0.2 (HKLM\...\CaptureOne13_is1) (Version: 13.0.2.13 - Phase One A/S) CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform) Cinema 4D 20.059 (HKLM\...\MAXONE3565005) (Version: 20.059 - MAXON Computer GmbH) CleanMem (HKLM-x32\...\CleanMem) (Version: v2.5.0 - PcWinTech.com) CLIP STUDIO 1.9.9 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.9.9 - CELSYS) CLIP STUDIO PAINT 1.9.9 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.9.9 - CELSYS) Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.3.0 - IObit) GameSave Manager v3 (HKLM-x32\...\GameSaveManager_v3) (Version: 3.1.467.0 - InsaneMatt) Glary Utilities 5.136 (HKLM-x32\...\Glary Utilities 5) (Version: 5.136.0.162 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Helicon Focus (HKLM\...\Helicon Focus 7_is1) (Version: - Helicon Soft Ltd.) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation) ISL Light 4.4.2011.30 (HKLM-x32\...\ISL Light_is1) (Version: 4.4.2011.30 - ISL Online) Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation) Kaspersky Anti-Virus (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Kaspersky Total Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (es-MX) (HKLM-x32\...\{E8F3B154-03CE-4120-8B9D-9E83ED5F3AD7}) (Version: 11.0.7400.336 - Microsoft Corporation) Kingston SSD Manager version 1.1.2.6 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.2.6 - Kingston Digital, Inc) Knoll Light Factory Photo (HKLM-x32\...\Knoll Light Factory Photo) (Version: - ) Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes) Mario Kart 8 MULTi8 - ElAmigos versión 4.1 (HKLM-x32\...\{0904BD9C-9992-4619-A26A-EE56ADC78D6F}_is1) (Version: 4.1 - Nintendo) Marlin3DprinterTool (HKLM-x32\...\{53E3F397-3AC3-4E5A-A8A5-4DB30F818AE1}) (Version: 0.28.0.0 - Cabbagecreek) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.13001.20266 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Mozilla Firefox 78.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 78.0.2 (x64 es-ES)) (Version: 78.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 3.0.7 - DxO) NordVPN (HKLM-x32\...\{11709A5F-F32B-4D68-855A-BDD011BFE57E}) (Version: 6.30.8 - NordVPN) Hidden NordVPN (HKLM-x32\...\NordVPN 6.30.8) (Version: 6.30.8 - NordVPN) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20266 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden Panel de control de NVIDIA 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 445.75 - NVIDIA Corporation) Hidden Paquete de controladores de Windows - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet) Paquete de controladores de Windows - Phase One A/S (WinUSB) USBDevice (12/14/2018 1.15.0.0) (HKLM\...\9398055CF8BEEF1D6FCF147047450F15A1C7AF2A) (Version: 12/14/2018 1.15.0.0 - Phase One A/S) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Samsung DeX (HKLM-x32\...\{0924F03B-F48D-445B-9302-43E86707EC8B}) (Version: 1.0.1.40 - Samsung Electronics Co., Ltd.) Hidden Samsung DeX (HKLM-x32\...\{e539e534-854a-46d2-b8f8-f6a3405f782a}) (Version: 1.0.1.40 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1052 - SUPERAntiSpyware.com) Tablet Driver V8.01 (HKLM-x32\...\TabletDriver) (Version: - ) The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com) TK7 Panel version 1.0.0 (HKLM-x32\...\{457BD88E-C360-45EF-BC4A-3C03833BA894}_is1) (Version: 1.0.0 - Tony Kuyper) UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 12.4.2 - ) USBHelperLauncher (HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\USBHelperLauncher) (Version: 0.17d - FailedShack) VEGAS Pro 15.0 (HKLM\...\{E1FCD40F-7FC4-11E7-88AD-95BE57594EAC}) (Version: 15.0.177 - VEGAS) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) Packages: ========= Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2020-03-23] (Adobe Systems Incorporated) Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-04-06] (Amazon.com) Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-29] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.10615.5289.0_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad] Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c [2020-07-10] (Skype) [Startup Task] ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-2123503126-2224654030-2906569905-1001_Classes\CLSID\{43BC53F4-D667-452C-8FFB-99A01340B0C3} -> [MEGA] => D:\MEGA [2020-03-24 18:55] ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\xabig\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-02] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\xabig\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-02] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\xabig\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-02] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\xabig\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-02] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\xabig\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-02] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\xabig\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-02] (Mega Limited -> ) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-01-03] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2020-03-03] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\xabig\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-02] (Mega Limited -> ) ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-16] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-01-03] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2020-03-03] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\xabig\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-02] (Mega Limited -> ) ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-16] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-07-12] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\xabig\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-02] (Mega Limited -> ) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google) ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2020-03-03] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\xabig\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-02] (Mega Limited -> ) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-01-03] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2020-03-03] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-07-12] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== (Las entradas pueden ser listadas para ser restauradas o eliminadas.) Shortcut: C:\Users\Public\Desktop\Mario Kart 8.lnk -> C:\Games\Mario Kart 8\cemu\StartGame.bat () ==================== Módulos cargados (Lista blanca) ============= 2019-12-26 08:39 - 2019-12-26 08:39 - 001289216 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 000230529 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\libpng14-14.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 000100352 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll 2020-05-15 13:15 - 2020-05-15 13:15 - 003223040 _____ () [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DotNetCommon\807bac5a84873f3c25700e67a2cd25ce\DotNetCommon.ni.dll 2018-11-16 17:45 - 2018-11-19 04:32 - 006127472 _____ (AVB Disc Soft, SIA -> Disc Soft Ltd) [Archivo no firmado] C:\Program Files\DAEMON Tools Ultra\engine.dll 2020-05-15 13:14 - 2020-05-15 13:14 - 004855808 _____ (Disc Soft Ltd) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\2fe5263f6d3d6d4f5454681976408277\DiscSoft.NET.Common.ni.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 012968974 _____ (FFmpeg Project) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 002427918 _____ (FFmpeg Project) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\avfilter-7.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 002538510 _____ (FFmpeg Project) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 000557582 _____ (FFmpeg Project) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 000126478 _____ (FFmpeg Project) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 000557582 _____ (FFmpeg Project) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 000055808 _____ (Open Source Software community LGPL) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll 2011-03-08 21:35 - 2011-03-08 20:54 - 000229376 _____ (PcWinTech.com) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\CleanMem\pcwintech_tabs.ocx 2019-12-26 08:39 - 2019-12-26 08:39 - 001420800 _____ (Pizzolato Davide - www.xdp.it) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\cximageu.dll 2020-03-04 16:35 - 2020-03-04 16:35 - 004451328 _____ (Samsung Electronics Co., Ltd.) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll 2020-03-04 16:35 - 2020-03-04 16:35 - 002630144 _____ (Samsung Electronics Co., Ltd.) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll 2020-03-04 16:34 - 2020-03-04 16:34 - 006057472 _____ (Samsung Electronics Co., Ltd.) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll 2017-09-14 08:37 - 2017-09-14 08:37 - 000026112 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Users\xabig\AppData\Local\MEGAsync\imageformats\qgif.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000033280 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Users\xabig\AppData\Local\MEGAsync\imageformats\qicns.dll 2017-09-14 08:37 - 2017-09-14 08:37 - 000027648 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Users\xabig\AppData\Local\MEGAsync\imageformats\qico.dll 2017-09-14 08:37 - 2017-09-14 08:37 - 000245760 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Users\xabig\AppData\Local\MEGAsync\imageformats\qjpeg.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000021504 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Users\xabig\AppData\Local\MEGAsync\imageformats\qsvg.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000020992 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Users\xabig\AppData\Local\MEGAsync\imageformats\qtga.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000316416 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Users\xabig\AppData\Local\MEGAsync\imageformats\qtiff.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000019968 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Users\xabig\AppData\Local\MEGAsync\imageformats\qwbmp.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000322560 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Users\xabig\AppData\Local\MEGAsync\imageformats\qwebp.dll 2017-09-14 08:37 - 2017-09-14 08:37 - 001010688 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Users\xabig\AppData\Local\MEGAsync\platforms\qwindows.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 000110207 _____ (Un4seen Developments) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 000019008 _____ (Un4seen Developments) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll 2019-12-26 08:39 - 2019-12-26 08:39 - 000017472 _____ (Un4seen Developments) [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll ==================== Alternate Data Streams (Lista blanca) ======== (Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.) AlternateDataStreams: C:\Windows:nlsPreferences [0] AlternateDataStreams: C:\Users\xabig:.repos [2466326] ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\localhost -> localhost ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2020-02-08 18:48 - 2020-02-09 21:49 - 000000858 _____ C:\Windows\system32\drivers\etc\hosts 0.0.0.0 activation.phaseone.com ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Users\xabig\AppData\Local\Microsoft\WindowsApps;C:\adb HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\Control Panel\Desktop\\Wallpaper -> d:\fotografia\2020\fotos para imprimir\1.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\StartupApproved\Run: => "Steam" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [{93194FD9-3E97-483F-B4D9-4218A30723DC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{18A67D24-B1C9-4418-BFEF-3DD8150DB2FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{BCB1057D-9621-48B5-A93A-F38E0FAF9CA9}] => (Allow) C:\Users\xabig\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{EB7F21E8-A741-484F-98E8-10F3E673EFF8}] => (Allow) C:\Users\xabig\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{2F6D8C3D-BA29-4434-9E6B-AEF2811B5830}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{613B687F-5655-4181-A9BF-7566E3E22F8A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F8315DDD-2459-46E0-8ABA-32C72B8A80B0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8303D745-71DA-4A84-946F-39C6FE0BF923}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EFE48E70-4FBA-4661-8E52-360C31D0E910}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [TCP Query User{4B33E3BF-B017-4EC3-BC90-5BB12E568F97}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r20\cinema 4d.exe (MAXON Computer GmbH -> MAXON Computer GmbH) FirewallRules: [UDP Query User{C9A97500-6012-4085-AECF-DA8A70468B6B}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r20\cinema 4d.exe (MAXON Computer GmbH -> MAXON Computer GmbH) FirewallRules: [{9C5E3B26-1315-46B3-86F6-2A1D3692180E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{357DC043-25CA-4315-AA1A-5DE6563F644B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{3632A90C-8715-40F4-A440-F47EC61727C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2016\F1_2016.exe (Codemasters Software Company Limited) [Archivo no firmado] FirewallRules: [{A5D9A74D-2CDD-47A3-8076-A35922D24CE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2016\F1_2016.exe (Codemasters Software Company Limited) [Archivo no firmado] FirewallRules: [{427196FB-CB09-405B-B8C3-16409216B16A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{D647BE7C-785C-40AC-8254-7DD97A0AEA72}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{7921D342-98FE-4E7B-AC9A-8FBD9EACA394}] => (Allow) C:\Users\xabig\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{A2DAB081-0D80-4E3E-9FF5-044B732496AE}] => (Allow) C:\Users\xabig\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{55B215FE-E6D1-4396-8930-F4724A46B898}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{45A75AE3-D909-403B-B73C-7E95331F2260}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{51CFB073-3417-4A69-B48D-71130770B0C9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C8B552BC-E210-4461-AFF4-8A22DB691223}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EC0143FA-8D65-4207-BC97-9B099ACA028D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{B9C34CCA-CFD2-48D1-8AB1-1DC4B0ED0B81}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [UDP Query User{7665AF82-4E8A-4A22-909B-8BC021E6A8A9}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{042AEE40-BA69-4BBC-9180-CB65840FD943}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Puntos de Restauración ========================= 21-06-2020 00:42:59 Punto de control programado 02-07-2020 13:06:37 Punto de control programado 10-07-2020 20:48:49 Windows Update 10-07-2020 21:46:50 Malwarebytes Anti-Rootkit Restore Point ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (07/12/2020 05:15:30 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema. . Error: (07/12/2020 05:15:30 PM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema. ] Error: (07/12/2020 05:15:30 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema. . Error: (07/12/2020 05:15:30 PM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema. ] Error: (07/12/2020 05:15:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicación: DTAgent.exe Versión de Framework: v4.0.30319 Descripción: el proceso terminó debido a una excepción no controlada. Información de la excepción: System.Runtime.InteropServices.COMException en DiscSoftBusServiceLib.IDSBusService.get_BackupManager() en DTAgent.App.TrayBaseApp.Application_SessionEnding(System.Object, System.Windows.SessionEndingCancelEventArgs) en System.Windows.Application.OnSessionEnding(System.Windows.SessionEndingCancelEventArgs) en System.Windows.Application.WmQueryEndSession(IntPtr, IntPtr ByRef) en System.Windows.Application.AppFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) Error: (07/10/2020 11:20:29 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema. . Error: (07/10/2020 11:20:29 PM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema. ] Error: (07/10/2020 10:55:48 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema. . Errores del sistema: ============= Error: (07/12/2020 05:17:43 PM) (Source: DCOM) (EventID: 10010) (User: FORMULA1) Description: El servidor Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (07/12/2020 05:16:02 PM) (Source: DCOM) (EventID: 10010) (User: FORMULA1) Description: El servidor Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (07/12/2020 05:15:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio PTSimBus no pudo iniciarse debido al siguiente error: El nombre de archivo, el nombre de directorio o la sintaxis de la etiqueta del volumen no son correctos. Error: (07/12/2020 05:15:12 PM) (Source: DCOM) (EventID: 10010) (User: FORMULA1) Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido. Error: (07/12/2020 05:15:12 PM) (Source: DCOM) (EventID: 10010) (User: FORMULA1) Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido. Error: (07/12/2020 05:15:12 PM) (Source: DCOM) (EventID: 10010) (User: FORMULA1) Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido. Error: (07/12/2020 05:15:12 PM) (Source: DCOM) (EventID: 10010) (User: FORMULA1) Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido. Error: (07/12/2020 05:15:12 PM) (Source: DCOM) (EventID: 10010) (User: FORMULA1) Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido. Windows Defender: =================================== Date: 2020-07-10 21:27:26.259 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.C!ml&threatid=2147749372&enterprise=0 Nombre: Trojan:Win32/Wacatac.C!ml Id.: 2147749372 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: file:_C:\Users\xabig\AppData\Local\Microsoft\Windows\INetCache\IE\6B4XSYYH\m[1].exe Origen de detección: Internet Tipo de detección: FastPath Origen de detección: Protección en tiempo real Usuario: FORMULA1\xabig Nombre de proceso: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe Versión de inteligencia de seguridad: AV: 1.319.641.0, AS: 1.319.641.0, NIS: 1.319.641.0 Versión de motor: AM: 1.1.17200.2, NIS: 1.1.17200.2 Date: 2020-07-10 21:27:34.316 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.319.641.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\Servicio de red Versión actual del motor: Versión anterior del motor: 1.1.17200.2 Código de error: 0x80070645 Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. Date: 2020-07-10 21:27:34.315 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.319.641.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de inteligencia de seguridad: AntiSpyware Tipo de actualización: Completa Usuario: NT AUTHORITY\Servicio de red Versión actual del motor: Versión anterior del motor: 1.1.17200.2 Código de error: 0x80070645 Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. Date: 2020-07-10 21:27:34.315 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.319.641.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\Servicio de red Versión actual del motor: Versión anterior del motor: 1.1.17200.2 Código de error: 0x80070645 Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. Date: 2020-07-10 21:27:31.677 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.319.641.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17200.2 Código de error: 0x80070643 Descripción del error: Error irrecuperable durante la instalación. Date: 2020-07-10 20:44:57.920 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.319.641.0 Origen de actualización: Centro de protección contra malware de Microsoft Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\Servicio de red Versión actual del motor: Versión anterior del motor: 1.1.17200.2 Código de error: 0x80070645 Descripción del error: Esta acción solo es válida para productos que están instalados actualmente. CodeIntegrity: =================================== Date: 2020-07-12 17:23:16.234 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-12 17:23:16.195 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-12 17:23:07.900 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-12 17:17:56.724 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-12 17:17:56.708 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-12 17:17:56.685 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-12 17:17:26.073 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-12 17:17:26.044 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. F4 03/16/2016 Placa base: Gigabyte Technology Co., Ltd. H110M-S2H-CF Procesador: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz Porcentaje de memoria en uso: 21% RAM física total: 16335.95 MB RAM física disponible: 12903.82 MB Virtual total: 22991.95 MB Virtual disponible: 17922.25 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:222.54 GB) (Free:77.97 GB) NTFS Drive d: (DISCO DURO) (Fixed) (Total:931.51 GB) (Free:490.02 GB) NTFS \\?\Volume{1cb8241b-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS \\?\Volume{1cb8241b-0000-0000-0000-10c237000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 1CB8241B) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=222.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=549 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0D4D8FA9) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Final de Addition.txt =======================