Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 13-05-2020 01 Ejecutado por holon (18-05-2020 10:25:24) Ejecutado desde C:\Users\holon\Desktop Windows 10 Pro Versión 1909 18363.836 (X64) (2020-02-23 15:54:37) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-3480409418-1047541600-1769833894-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3480409418-1047541600-1769833894-503 - Limited - Disabled) holon (S-1-5-21-3480409418-1047541600-1769833894-1001 - Administrator - Enabled) => C:\Users\holon Invitado (S-1-5-21-3480409418-1047541600-1769833894-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3480409418-1047541600-1769833894-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Security Cloud (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: 360 Total Security (Enabled - Up to date) {91AD8F88-E316-BC3A-E0A3-9F4C5B36A8D0} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Security Cloud (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-3480409418-1047541600-1769833894-1001\...\uTorrent) (Version: 3.5.5.45660 - BitTorrent Inc.) Actualización de NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation) Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft) Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Betternet for Windows 5.3.0.433 (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF9CA03A4B}) (Version: 5.3.0.433 - Betternet Technologies Inc.) Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) Doom 3 BFG Edition (HKLM-x32\...\Doom 3 BFG Edition_is1) (Version: - ) Epic Games Launcher (HKLM-x32\...\{9E53E30C-33FB-4784-BB0F-186178764ED8}) (Version: 1.1.257.0 - Epic Games, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.3.0.9 - IObit) Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation) Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Kaspersky Security Cloud (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) LOGO!Soft Comfort V8.1.1 (HKLM\...\LOGO!Soft Comfort V8.1.1) (Version: 8.1.1.10 - Siemens AG) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3480409418-1047541600-1769833894-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 52.9.0 ESR (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.9.0 ESR (x86 en-US)) (Version: 52.9.0 - Mozilla) Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.9.0 - Mozilla) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA Controlador de audio HD 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation) NVIDIA Controlador de gráficos 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OpenProj (HKLM-x32\...\{13702021-43FB-480C-912F-D9B74A538288}) (Version: 1.4.0 - Serena Software Inc.) Origin (HKLM-x32\...\Origin) (Version: 10.5.69.40136 - Electronic Arts, Inc.) Panel de control de NVIDIA 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 445.87 - NVIDIA Corporation) Hidden Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation) PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0166FA7}) (Version: 4.0.2 - pdfforge GmbH) ProfiCAD 10.3.8 (HKLM-x32\...\ProfiCAD_is1) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7811 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype versión 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer) The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios) Unity Web Player (HKU\S-1-5-21-3480409418-1047541600-1769833894-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS) Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft) VALORANT (HKU\S-1-5-21-3480409418-1047541600-1769833894-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) Zelio Soft 2 v4.6.0 (HKLM-x32\...\{3FBAC4F3-6417-4225-9ED7-E196EBD46153}) (Version: 4.6.0 - Schneider Electric) Packages: ========= Accesorios de Xbox -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.1911.1001.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1760.2.0_x86__kgqvnymyfvs32 [2020-05-08] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.168.200.0_x86__kgqvnymyfvs32 [2020-05-15] (king.com) Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-06] (Microsoft Corporation) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-20] (Dolby Laboratories) Hidden City: Aventura de objetos ocultos -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.34.3402.0_x86__ytsefhwckbdv6 [2020-04-26] (G5 Entertainment AB) March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.8.0.8_x86__h6adky7gbf63m [2020-05-15] (Gameloft SE) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad] Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.38.21323.0_x64__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Studios) MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad] ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-01-31] (IObit Information Technology -> IObit) ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-05-14] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2019-11-19] (pdfforge GmbH -> pdfforge GmbH) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-05-14] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-01-31] (IObit Information Technology -> IObit) ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-05-14] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-04-03] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-01-31] (IObit Information Technology -> IObit) ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-05-14] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= 2020-02-09 17:52 - 2020-02-09 17:52 - 000116736 _____ (pdfforge GmbH) [Archivo no firmado] C:\WINDOWS\System32\pdfcmon.dll 2018-10-06 14:24 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\LIBEAY32.dll 2018-10-06 14:24 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\ssleay32.dll 2018-10-06 14:24 - 2020-01-29 22:18 - 001611264 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2020-04-30 23:32 - 2020-01-29 22:18 - 005487104 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Core.dll 2020-04-30 23:32 - 2020-01-29 22:18 - 005841920 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Gui.dll 2020-04-30 23:32 - 2020-01-29 22:18 - 001179136 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Network.dll 2020-04-30 23:32 - 2020-01-29 22:18 - 000146432 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2020-04-30 23:32 - 2020-01-29 22:18 - 005089792 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2020-04-30 23:32 - 2020-01-29 22:18 - 000184832 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Lista blanca) ======== (Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [492] ==================== Modo Seguro (Lista blanca) ================== ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2018-10-05 22:18 - 2018-10-05 22:17 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3480409418-1047541600-1769833894-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\holon\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\metaphysical-spiritual-surreal-dragon-lotus-flowers-sacred-geometry-1809429-wallhere.com.jpg DNS Servers: 212.231.6.7 - 46.6.113.34 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKU\S-1-5-21-3480409418-1047541600-1769833894-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3480409418-1047541600-1769833894-1001\...\StartupApproved\Run: => "Skype for Desktop" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [{4A2E3593-30D0-447E-A0C4-234AA0EE89A6}] => (Allow) D:\Destiny 2\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{71A8D90B-535C-4E78-8043-4A264F74C508}] => (Allow) D:\Destiny 2\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{E01B0C82-396C-48B9-9DB9-89F0BD46F78C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{301CD8E3-0364-4DFE-82BC-B5B171571988}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9E55B212-6AA8-4946-AF36-0784E7CED03B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D59A8A8A-773D-4590-A4B9-4E3DD8CD8119}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3C18E7B3-A9CE-4F47-9C15-F2ED26903EE7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{7226EB25-4181-4245-862A-50A33A4F3053}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{8A5E522A-9022-4A4F-80F8-9BF6CFFBCBB0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{EEF080CD-7D2A-4E6E-843F-A52F4AFC7550}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{6EA32A9C-2D53-4263-A314-23FB9F27C54E}] => (Allow) C:\Users\holon\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{D3771726-B3DF-4AE2-A1F6-3B742EABD953}] => (Allow) C:\Users\holon\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{27A27B2E-FF7D-4C2A-ADBA-BDB8F042B51D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{FFF0D73F-C886-4407-949A-D14BD7DD6A2A}D:\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [UDP Query User{FB12CA60-D9F6-4B61-A8BC-CD309908B563}D:\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [TCP Query User{470F8860-5F31-4842-9397-70859EBB38B5}D:\doom 3\doom 3 bfg edition\doom3bfg.exe] => (Allow) D:\doom 3\doom 3 bfg edition\doom3bfg.exe (id Software LLC, a ZeniMax Media company) [Archivo no firmado] FirewallRules: [UDP Query User{82150882-84C3-4977-9BCA-229E3BB6B7B2}D:\doom 3\doom 3 bfg edition\doom3bfg.exe] => (Allow) D:\doom 3\doom 3 bfg edition\doom3bfg.exe (id Software LLC, a ZeniMax Media company) [Archivo no firmado] FirewallRules: [{A8D41718-5A8C-4CE6-B8DE-AF9FF57EF512}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{79A6F6DB-1B6F-4D67-9516-E947CC99F13B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{741DACF7-49D5-4125-AB98-E4F5313B1813}D:\ww z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\ww z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Archivo no firmado] FirewallRules: [UDP Query User{834CD054-0092-4475-B182-CA2F1C8C8C48}D:\ww z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\ww z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Archivo no firmado] FirewallRules: [{6AB727C3-3D4E-4403-AA5A-AEAF47816D63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B203A92C-0B39-4EDE-9A0C-7A4D67659280}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0D8A43EE-4AD5-464B-B637-8F447761F477}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F19A26DA-7CDD-4D75-B8F2-E83B805DFDA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E4CD4F34-B8FC-43B7-9CC7-6EBEBE4AC889}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C1C67B0D-016D-438A-A974-4860078E9756}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{5C624CD8-9B37-46CD-9958-EFCD78E5CABC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F939C949-A8EB-48F0-BD4D-E210F4C33D16}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{191521EA-975E-499B-8004-464004E4ABEA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E300FA46-6178-4FE3-8A09-A1B65A1D6DB1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{300B2931-65FE-4457-ABCA-AB8157DF381D}D:\assassins unity\assassin's creed unity\acu.exe] => (Allow) D:\assassins unity\assassin's creed unity\acu.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [UDP Query User{EE10EB59-C4F3-4CBB-9EFE-986868088333}D:\assassins unity\assassin's creed unity\acu.exe] => (Allow) D:\assassins unity\assassin's creed unity\acu.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{5A0776E0-E8C1-4DFB-AEF9-693CA83F4768}] => (Allow) D:\Syndicate\AssassinsCreedSyndicate\ACS.exe (UBISOFT ENTERTAINMENT INC. -> ) ==================== Puntos de Restauración ========================= 15-05-2020 14:01:42 Windows Update 15-05-2020 23:59:38 IObit Software Updater restore point 17-05-2020 10:16:20 JRT Pre-Junkware Removal ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (05/18/2020 12:06:46 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5144,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/17/2020 11:50:41 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (23120,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/17/2020 11:36:50 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY) Description: El tamaño del búfer necesario es mayor que el tamaño del búfer que se llevó a la función Collect del archivo DLL del contador extensible "C:\Windows\System32\perfts.dll" del servicio "LSM". El tamaño del búfer indicado era 26696 y el tamaño necesario es 29360. Error: (05/17/2020 11:31:08 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (23720,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/17/2020 11:26:32 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center no pudo validar al autor de la llamada con el error %1. Error: (05/17/2020 10:50:35 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3976,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/17/2020 10:31:35 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (13808,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/17/2020 10:16:28 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (15508,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Errores del sistema: ============= Error: (05/18/2020 12:16:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RA5FROR) Description: El servidor {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/17/2020 10:16:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio. Error: (05/17/2020 10:16:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio. Error: (05/17/2020 12:02:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RA5FROR) Description: El servidor {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/17/2020 12:02:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RA5FROR) Description: El servidor {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/17/2020 12:02:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RA5FROR) Description: El servidor {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/17/2020 12:02:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RA5FROR) Description: El servidor {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/16/2020 10:20:27 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY) Description: Se deshabilitaron las características de administración de energía en estado de rendimiento en el procesador lógico Hyper-V 7 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado. Windows Defender: =================================== Date: 2020-04-26 00:16:11.254 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:Win32/Soltern&threatid=2147745887&enterprise=0 Nombre: Worm:Win32/Soltern Id.: 2147745887 Gravedad: Grave Categoría: Gusano Ruta de acceso: file:_C:\Windows\Temp\AV-3648-6-0 Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Program Files (x86)\TotalAV\SecurityService.exe Versión de inteligencia de seguridad: AV: 1.313.2337.0, AS: 1.313.2337.0, NIS: 1.313.2337.0 Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4 CodeIntegrity: =================================== Date: 2020-05-18 10:24:14.503 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-05-18 10:23:10.815 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-05-18 10:23:08.799 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-05-18 10:23:06.778 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-05-18 10:23:04.764 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-05-18 10:23:02.748 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-05-18 10:23:00.730 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2020-05-18 10:22:57.221 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. A.50 10/30/2015 Placa base: MSI Z170A PC MATE (MS-7971) Procesador: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Porcentaje de memoria en uso: 28% RAM física total: 16347.8 MB RAM física disponible: 11697.89 MB Virtual total: 17371.8 MB Virtual disponible: 12305.01 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:111.19 GB) (Free:57.12 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:495.12 GB) NTFS \\?\Volume{31bf6191-6bdf-4589-a41f-27a70cb3c6c4}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS \\?\Volume{0a8d1765-7702-4e1b-9de8-31745a2282bd}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: AC09EE1A) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: BBB496A8) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Final de Addition.txt =======================