Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 13-04-2020 Ejecutado por Gaston (13-04-2020 08:27:07) Ejecutado desde C:\ Windows 10 Pro Versión 1909 18363.752 (X64) (2019-09-13 11:47:39) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-2553759803-4258861891-2583773945-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2553759803-4258861891-2583773945-503 - Limited - Disabled) Gaston (S-1-5-21-2553759803-4258861891-2583773945-1001 - Administrator - Enabled) => C:\Users\Gaston Invitado (S-1-5-21-2553759803-4258861891-2583773945-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2553759803-4258861891-2583773945-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) Actualización de NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden AnalogX PortMapper (HKLM-x32\...\AnalogX PortMapper) (Version: - AnalogX) Apple Application Support (32 bits) (HKLM-x32\...\{FD52A2FF-4D16-49C4-A2CD-DAC752C18BA2}) (Version: 8.0 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{9B061D60-4E2C-4987-BFFD-423E3D477660}) (Version: 8.0 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) ArroyoMU 0.97 (HKLM-x32\...\ArroyoMU 0.97) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform) Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD) CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.) CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.) Discord (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Discord) (Version: 0.0.306 - Discord Inc.) Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{5D2C53C5-AA9C-493F-99B6-A8F458A62EAB}) (Version: 1.1.229.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Privacy Browser (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Epic Privacy Browser) (Version: 71.0.3578.98 - Epic) Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Gyazo 4.1.0.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Injected Anti-cheat (HKLM-x32\...\Injected Anti-cheat) (Version: 17.2.0.0 - Alejandro Cortés) iTunes (HKLM\...\{00CF31D7-C80E-4C64-ABE4-5D96B314BB3E}) (Version: 12.10.1.4 - Apple Inc.) KeyTweak - Keyboard Remapper (remove only) (HKLM-x32\...\KeyTweak) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.61 - Logitech Inc.) Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes) Master PDF Editor 5.4.38 (HKLM\...\Master PDF Editor 5.4.38_is1) (Version: 5.4.38 - Code Industry Ltd.) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Monster Hunter World (HKLM-x32\...\Monster Hunter World_is1) (Version: - ) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA Controlador de audio HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA Controlador de gráficos 442.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.59 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Paquete de controladores de Windows - HS Incorporated (massfilter_hs) USB (10/20/2010 2.0.0.8) (HKLM\...\80E97631DA49E8B2E4C5B606C9597BC75EE612F5) (Version: 10/20/2010 2.0.0.8 - HS Incorporated) Paquete de controladores de Windows - PANTECH Co., Ltd. (PSKTBUS) USB (06/20/2012 4.0.21.0) (HKLM\...\31F11A15A3058696191A3708600383CAA429752E) (Version: 06/20/2012 4.0.21.0 - PANTECH Co., Ltd. ) Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (06/10/2014 2.11.10.0) (HKLM\...\7C7D77F30DA293C8D56A9D5FB8C3E70F4E17DA7F) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. ) Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd. (ssadbus) USB (11/30/2012 5.30.14.0) (HKLM\...\C9AEC81E4D365534AF50161EDA7C9CC56B205507) (Version: 11/30/2012 5.30.14.0 - SAMSUNG Electronics Co., Ltd. ) Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd. (ssaebus) USB (02/05/2010 5.14.0.0) (HKLM\...\8CDE6EEFC346A059EC210060FC7B7DAA8279D584) (Version: 02/05/2010 5.14.0.0 - SAMSUNG Electronics Co., Ltd. ) Paquete de controladores de Windows - SHARP (shu0bus) USB (08/11/2011 5.28.4.0) (HKLM\...\8A1FC0FFE8E99DF8171E25D8C5AFF587290A67EF) (Version: 08/11/2011 5.28.4.0 - SHARP) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.) Sidebar Diagnostics (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\SidebarDiagnostics) (Version: 3.5.3 - ArcadeRenegade) Sound Lock (HKLM-x32\...\{F84098A4-28E4-482F-A5A0-1BB29F2808DD}) (Version: 1.3.2 - 3 APPES) Hidden Sound Lock (HKLM-x32\...\Sound Lock 1.3.2) (Version: 1.3.2 - 3 APPES) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.3.8497 - TeamViewer) Tierras del Sur (HKLM-x32\...\Tierras del Sur_is1) (Version: - Tierras del Sur) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation) uTorrent Web (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\utweb) (Version: 1.0.8 - BitTorrent, Inc.) WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) Packages: ========= Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2020-03-15] (NVIDIA Corp.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.130.658.0_x86__zpdnekdrzrea0 [2020-04-08] (Spotify AB) [Startup Task] ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Malwarebytes Anti Malware\mbshlext.dll [2020-04-09] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_87086da927dcdf63\nvshext.dll [2020-03-05] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Malwarebytes Anti Malware\mbshlext.dll [2020-04-09] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= 2019-09-09 16:27 - 2018-05-14 22:34 - 000026112 _____ (Copyright (c) Code Industry Ltd ) [Archivo no firmado] C:\WINDOWS\System32\mpelocalmon.dll 2018-04-06 15:29 - 2018-04-06 15:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll 2018-04-06 15:29 - 2018-04-06 15:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\ssleay32.dll ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE trusted site: HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\localhost -> localhost ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2018-04-11 20:38 - 2020-04-11 19:31 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\Control Panel\Desktop\\Wallpaper -> E:\Interno Windows\Descargas\1920x1080-2929113-mountains-forest-animals-firewatch-minimalism___animal-wallpapers.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: ) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Firewall de Windows está deshabilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: NvContainerLocalSystem => 3 MSCONFIG\Services: NvContainerNetworkService => 3 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: NvTelemetryContainer => 2 MSCONFIG\Services: ssh-agent => 3 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "Epic Privacy Browser Installer" HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "utweb" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [TCP Query User{EED067F8-214E-4073-90D0-A45BEA690940}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{118B6FBA-9AF2-4BBD-9497-5A805ABC271C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [TCP Query User{C7CC1F35-7A46-49BF-B077-A8CB2D40C1C9}E:\counter-strike 1.6\hlds.exe] => (Allow) E:\counter-strike 1.6\hlds.exe (Valve) [Archivo no firmado] FirewallRules: [UDP Query User{DA3B5946-9A43-4B12-B556-29606D51194C}E:\counter-strike 1.6\hlds.exe] => (Allow) E:\counter-strike 1.6\hlds.exe (Valve) [Archivo no firmado] FirewallRules: [{38EB33AC-E72A-40ED-914A-05BE2B8A0C52}] => (Allow) E:\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{3DAF856A-BB32-482D-8E91-7120A2424322}] => (Allow) E:\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{0E6A6E85-28CD-413E-B114-FCC64CE693CA}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{AF4960C1-30D0-45E6-8C64-3D73C27F426C}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A123C9F1-5F85-4D44-8358-1F70B1BE4348}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> ) FirewallRules: [{682F80F9-1513-4C37-A113-FBC3F52E30BD}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> ) ==================== Puntos de Restauración ========================= ATENCIÓN: Restaurar Sistema está deshabilitado (Total:111.19 GB) (Free:37.28 GB) (34%) ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (04/13/2020 12:59:03 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4644,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/13/2020 12:39:49 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (13344,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/13/2020 12:25:28 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (13784,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/12/2020 11:59:27 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4388,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/12/2020 11:51:25 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (12676,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/12/2020 11:44:55 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (13000,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/12/2020 11:22:02 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (8712,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/12/2020 11:02:42 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (14260,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Errores del sistema: ============= Error: (04/13/2020 01:04:04 AM) (Source: DCOM) (EventID: 10010) (User: PC-GASTON) Description: El servidor Microsoft.Windows.ContentDeliveryManager_10.0.18362.449_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (04/11/2020 07:32:07 PM) (Source: DCOM) (EventID: 10005) (User: PC-GASTON) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (04/11/2020 07:32:07 PM) (Source: DCOM) (EventID: 10005) (User: PC-GASTON) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/11/2020 07:31:29 PM) (Source: DCOM) (EventID: 10005) (User: PC-GASTON) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (04/11/2020 07:31:29 PM) (Source: DCOM) (EventID: 10005) (User: PC-GASTON) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (04/11/2020 07:31:29 PM) (Source: DCOM) (EventID: 10005) (User: PC-GASTON) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (04/11/2020 07:31:29 PM) (Source: DCOM) (EventID: 10005) (User: PC-GASTON) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (04/11/2020 07:31:29 PM) (Source: DCOM) (EventID: 10005) (User: PC-GASTON) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {9E175B6D-F52A-11D8-B9A5-505054503030} Windows Defender: =================================== Date: 2020-04-13 08:26:57.663 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nombre: HackTool:Win64/AutoKMS Id.: 2147723334 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: PC-GASTON\Gaston Nombre de proceso: C:\FRST64.exe Versión de inteligencia de seguridad: AV: 1.313.1307.0, AS: 1.313.1307.0, NIS: 1.313.1307.0 Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4 Date: 2020-04-13 08:26:57.651 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nombre: HackTool:Win64/AutoKMS Id.: 2147723334 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: PC-GASTON\Gaston Nombre de proceso: C:\FRST64.exe Versión de inteligencia de seguridad: AV: 1.313.1307.0, AS: 1.313.1307.0, NIS: 1.313.1307.0 Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4 Date: 2020-04-12 21:35:00.566 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {1E41170C-B5CB-4951-B6E3-69C94D960DB5} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-04-11 19:45:40.826 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Casdet!rfn&threatid=2147727512&enterprise=0 Nombre: Trojan:Win32/Casdet!rfn Id.: 2147727512 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: file:_E:\Tierras del Sur\Tierras del Sur Facil.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: PC-GASTON\Gaston Nombre de proceso: C:\Windows\explorer.exe Versión de inteligencia de seguridad: AV: 1.313.1307.0, AS: 1.313.1307.0, NIS: 1.313.1307.0 Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4 CodeIntegrity: =================================== Date: 2020-04-13 08:27:20.773 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-13 08:27:20.772 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-13 08:27:19.015 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-13 08:27:19.015 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-13 08:24:22.062 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. Date: 2020-04-13 08:24:22.061 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. Date: 2020-04-13 08:24:21.309 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. Date: 2020-04-13 08:24:21.308 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. F23f 03/09/2018 Placa base: Gigabyte Technology Co., Ltd. Z170-Gaming K3-CF Procesador: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz Porcentaje de memoria en uso: 25% RAM física total: 16339.64 MB RAM física disponible: 12205.91 MB Virtual total: 18771.64 MB Virtual disponible: 12937.89 MB ==================== Unidades ================================ Drive c: (WINDOWS) (Fixed) (Total:111.19 GB) (Free:37.28 GB) NTFS Drive e: (DATOS) (Fixed) (Total:931.51 GB) (Free:614.83 GB) NTFS Drive f: (DATOS 2) (Fixed) (Total:74.51 GB) (Free:74.33 GB) NTFS \\?\Volume{c445142c-940d-46ed-b815-c2085c0ed6ba}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS \\?\Volume{5e5db68d-75de-479d-81e0-bf5691d71822}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 17DE58A3) Partition: GPT. ========================================================== Disk: 2 (Size: 74.5 GB) (Disk ID: 2E222E21) Partition: GPT. ==================== Final de Addition.txt =======================