Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 08-07-2020 01 Ejecutado por USUARIO (18-07-2020 10:09:58) Ejecutado desde C:\USUARIO\Desktop Windows 10 Pro Versión 2004 19041.388 (X64) (2020-06-25 17:20:57) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-1475189372-905897940-3643049737-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1475189372-905897940-3643049737-503 - Limited - Disabled) Invitado (S-1-5-21-1475189372-905897940-3643049737-501 - Limited - Disabled) USUARIO (S-1-5-21-1475189372-905897940-3643049737-1001 - Administrator - Enabled) => C:\Users\USUARIO WDAGUtilityAccount (S-1-5-21-1475189372-905897940-3643049737-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Security Cloud (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} FW: Kaspersky Security Cloud (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) Actualización de NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform) CyberLink YouCam 7 (HKLM-x32\...\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}) (Version: 7.0.0623.0 - CyberLink Corp.) Glary Utilities PRO 5.146 (HKLM-x32\...\Glary Utilities 5) (Version: 5.146.0.172 - Glarysoft Ltd) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1950.14.0.1443 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2020.7 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.58.48.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2391a86e-5ab5-40d2-a274-1867cd576686}) (Version: 1.58.48.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00002090-0210-1034-84C8-B8D95FA3C8C3}) (Version: 21.90.2.1 - Intel Corporation) Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation) Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Kaspersky Security Cloud (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.64 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - ) Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.13001.20266 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\Teams) (Version: 1.3.00.15561 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Nitro Pro (HKLM\...\{9EB12901-D9A4-41DF-9950-CABFFBF16F79}) (Version: 13.19.2.356 - Nitro) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden NVIDIA Controlador de gráficos 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20266 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden Revo Uninstaller Pro 4.3.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.3 - VS Revo Group, Ltd.) Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.7 - Stardock Software Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) WinRAR versión 5.80 (HKLM\...\{3BC2A666-6430-4DB6-9819-E225496E3B57}_is1) (Version: 5.80 - RARLAB) Packages: ========= Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt [2020-06-20] (INTEL CORP) [Startup Task] Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20500.501.0_x64__rz1tebttyb220 [2020-06-20] (Dolby Laboratories) Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-06-23] (INTEL CORP) Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_17.9.1008.0_x64__8j3eq9eme6ctt [2020-06-22] (INTEL CORP) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-01] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-01] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-06-01] (Microsoft Studios) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-06-01] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-22] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-07-04] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-01] (Spotify AB) [Startup Task] ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-1475189372-905897940-3643049737-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1475189372-905897940-3643049737-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-04-30] (Intel(R) Rapid Storage Technology -> ) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-06-13] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-07-13] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2020-05-22] (Nitro Software, Inc. -> Nitro Software, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-06-13] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-07-13] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-04-30] (Intel(R) Rapid Storage Technology -> ) ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-07-13] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_51fa00dd465d396b\nvshext.dll [2020-07-07] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-06-13] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-07-13] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= 2020-06-01 07:57 - 2020-06-01 07:58 - 001322496 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\x64\e_sqlite3.dll 2019-12-08 21:58 - 2019-04-19 07:29 - 000095744 _____ () [Archivo no firmado] C:\WINDOWS\Womtrust.dll 2020-06-20 09:14 - 2020-06-20 09:14 - 039780864 _____ (Intel) [Archivo no firmado] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt\IGCC.dll 2019-12-08 21:58 - 2019-04-19 07:29 - 000182448 _____ (Stardock Corporation -> Stardock Software, Inc) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Stardock\Start10\Start10Shell64.dll 2019-12-08 21:58 - 2019-04-19 07:29 - 001686552 _____ (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Stardock\Start10\Start10_64.dll ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2019-12-07 04:14 - 2020-07-12 20:43 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1475189372-905897940-3643049737-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 1.1.1.2 - 1.0.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) MSCONFIG\Services: brave => 2 MSCONFIG\Services: bravem => 3 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: MozillaMaintenance => 3 HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "GUDelayStartup" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [TCP Query User{CA16A9CE-8E78-43F9-B5BB-A6DFA5269C3C}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{F4C27F7E-D9DB-40C1-9238-B53C83815523}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DCF6F50F-1429-472E-82F6-6A0174C2C61E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{EB92179F-104F-4625-A780-391F5E66CF17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B10490FC-4FA7-47B8-AB04-89B49C086844}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4DE5390E-894A-4371-95DC-9B0173564D73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2BD08B8C-C1F6-44FD-822B-0CA0C5F758C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A9DA72D2-6BC8-4DE8-97A2-E09317F1B0DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{14371CB4-569F-465C-BDAB-D1FF8875A379}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9BB8A5D5-ACE4-442F-99D5-B2B2CEE2419A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{07AF629D-E7CD-46D9-9820-083A963D1C46}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ED880E9F-49CD-4320-968A-4435049FF4AA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{122E2333-26FB-44F6-B44B-25763124C954}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Puntos de Restauración ========================= 16-07-2020 12:04:47 Punto de control programado 16-07-2020 17:27:00 Instalador de Módulos de Windows 16-07-2020 17:30:26 Instalador de Módulos de Windows 16-07-2020 17:34:42 Instalador de Módulos de Windows ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (07/18/2020 10:02:33 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004F074 Argumentos de línea de comandos: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (07/18/2020 10:02:30 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004F074 Argumentos de línea de comandos: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent Error: (07/18/2020 10:02:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004F074 Argumentos de línea de comandos: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (07/18/2020 09:27:56 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004F074 Argumentos de línea de comandos: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (07/18/2020 09:27:52 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: hr=0xC004F074 Argumentos de línea de comandos: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Errores del sistema: ============= Error: (07/18/2020 09:59:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio LMS no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado. Error: (07/18/2020 09:26:33 AM) (Source: NetBT) (EventID: 4307) (User: ) Description: Error de inicialización debido a que el transporte rehusó abrir las direcciones iniciales. Windows Defender: =================================== Date: 2020-07-13 21:37:56.3160000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {952705A5-7378-406E-AE53-4C471064B894} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-07-13 21:25:24.3440000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {17E9D45A-E237-4359-BE67-C1C69F5E21DB} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-07-12 11:04:59.4580000Z Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nombre: HackTool:Win32/AutoKMS Id.: 2147685180 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\USUARIO\Downloads\-Activador- AndroidWare.rar; webfile:_C:\USUARIO\Downloads\-Activador- AndroidWare.rar|http://download2230.mediafire.com/cmvxy5lwwgpg/71gvrdk36g3zr8y/-Activador-+AndroidWare.rar|pid:3108,ProcessStart:132390434934283498 Origen de detección: Internet Tipo de detección: FastPath Origen de detección: Descargas y datos adjuntos Usuario: DESKTOP-PIO23F2\USUARIO Nombre de proceso: Unknown Versión de inteligencia de seguridad: AV: 1.319.1319.0, AS: 1.319.1319.0, NIS: 1.319.1319.0 Versión de motor: AM: 1.1.17200.2, NIS: 1.1.17200.2 Date: 2020-07-11 17:02:17.5740000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {67BF92B9-4E5C-4509-BCA5-7BDE1387D4D1} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-07-10 18:31:25.8830000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {532F3CB6-A3CD-4E83-A722-3053C0261248} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-07-12 20:42:07.7870000Z Description: La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2020-07-08 10:05:55.8210000Z Description: La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2020-07-03 18:29:55.7310000Z Description: Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.319.721.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17200.2 Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Date: 2020-07-03 18:19:36.2890000Z Description: La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. CodeIntegrity: =================================== Date: 2020-07-18 10:03:36.6840000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-18 10:03:36.0440000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-18 10:02:45.2310000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-18 10:02:45.1930000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-18 10:02:45.1470000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-18 10:02:45.1110000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-18 10:02:43.9990000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-07-18 10:02:43.7300000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Información de la memoria =========================== BIOS: LENOVO ASCN38WW 08/15/2019 Placa base: LENOVO LNVNB161216 Procesador: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz Porcentaje de memoria en uso: 70% RAM física total: 3975.24 MB RAM física disponible: 1189.88 MB Virtual total: 5959.24 MB Virtual disponible: 2683.08 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:121.18 GB) (Free:61.1 GB) NTFS Drive d: () (Fixed) (Total:809.44 GB) (Free:809.25 GB) NTFS \\?\Volume{a4b7e769-d565-440a-9612-4b7e1b490f63}\ () (Fixed) (Total:0.77 GB) (Free:0.08 GB) NTFS \\?\Volume{d3283a6c-63f3-40a4-b14d-3705c18f7b97}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Final de Addition.txt =======================