Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 12-08-2020 Ejecutado por theou (13-08-2020 11:39:49) Ejecutado desde C:\Users\theou\Desktop Windows 10 Pro Versión 2004 19041.388 (X64) (2020-06-22 04:55:33) Modo de Inicio: Safe Mode (with Networking) ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-3288807659-332816388-867573109-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3288807659-332816388-867573109-503 - Limited - Disabled) Invitado (S-1-5-21-3288807659-332816388-867573109-501 - Limited - Disabled) theou (S-1-5-21-3288807659-332816388-867573109-1001 - Administrator - Enabled) => C:\Users\theou WDAGUtilityAccount (S-1-5-21-3288807659-332816388-867573109-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.04.28.626 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.7.2 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{6f87e20b-2c1c-4788-9380-541e79886292}) (Version: 2.04.28.626 - Advanced Micro Devices, Inc.) Hidden AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.8.4.0 - GIGABYTE Technology Co.,Inc.) ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.3.11.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM-x32\...\{96f500e7-aac6-40c8-aa25-d223f373d8dd}) (Version: 2.3.11.0 - ASUSTek COMPUTER INC.) Hidden ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.0.19 - ASUSTek COMPUTER INC.) Hidden ASUS AIOFan HAL (HKLM-x32\...\{1b15ca41-2671-4685-ab55-b8c814c4942a}) (Version: 1.0.19 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.25 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{94267bd0-fa8a-4aa4-925d-ec3e0d130fba}) (Version: 1.1.25 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM-x32\...\{e46f527f-1e64-4554-abc1-115f3429c25c}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.02.12 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM-x32\...\{b96dabae-c7ef-45f2-95ab-1a4d917262a3}) (Version: 1.02.12 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.58 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{d00daf18-4c78-4fc6-bb05-376a06c79c48}) (Version: 1.0.58 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Odd Component (HKLM-x32\...\{277875e0-972c-4705-b09c-ca5acf5b2f7c}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.3 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA VGA Component (HKLM-x32\...\{2977b6c2-6523-42f4-8f52-bf4f7fc7a840}) (Version: 0.0.2.3 - ASUSTek COMPUTER INC. ) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.50 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{52400cff-4628-4ca3-a922-3767b198c1fd}) (Version: 1.0.50 - ASUSTek COMPUTER INC.) Hidden ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.32 - ASUSTeK Computer Inc.) Hidden ASUS MB Peripheral Products (HKLM-x32\...\{243ceb39-3b77-43ab-9135-fddab4ac7caf}) (Version: 1.0.32 - ASUSTeK Computer Inc.) Hidden ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.53 - ASUSTek COMPUTER INC.) Hidden ASUS Mouse HAL (HKLM-x32\...\{3dcded5b-10da-4d98-9c1f-c33d25288ebd}) (Version: 1.0.53 - ASUSTek COMPUTER INC.) Hidden ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.1.2 - ASUSTek COMPUTER INC.) Hidden ASUS MousePad HAL (HKLM-x32\...\{0ebcd5fb-7bf9-45b4-a0b6-0932d728e289}) (Version: 1.0.1.2 - ASUSTek COMPUTER INC.) Hidden AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.37 - ASUS) Hidden AURA DRAM Component (HKLM-x32\...\{60d8d6b5-0ec5-420a-a407-a42e19346d46}) (Version: 1.0.37 - ASUS) Hidden AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.6.3135 - AVG Technologies) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blitz 1.10.41 (HKU\S-1-5-21-3288807659-332816388-867573109-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.10.41 - Blitz Inc.) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.215.0.1019 - BlueStack Systems, Inc.) Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) Citra (HKU\S-1-5-21-3288807659-332816388-867573109-1001\...\{44df0186-5999-4796-bf01-dfac12bff7af}) (Version: 1.0.0 - Citra Team) Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.13 - CORSAIR COMPONENTS INC.) Hidden Corsair AURA DRAM Component (HKLM-x32\...\{8fce5ea9-d56f-4f89-a363-830eceb72c72}) (Version: 1.0.13 - CORSAIR COMPONENTS INC.) Hidden CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.) CrystalDiskInfo 8.4.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.4.2 - Crystal Dew World) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.13.0.1312 - Disc Soft Ltd) Darkest Dungeon Ancestral Edition (HKLM-x32\...\Darkest Dungeon Ancestral Edition_is1) (Version: - ) Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) Discord (HKU\S-1-5-21-3288807659-332816388-867573109-1001\...\Discord) (Version: 0.0.306 - Discord Inc.) ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.0.0 - ENE TECHNOLOGY INC.) Hidden ENE RGB HAL (HKLM\...\{B380DBDE-BA95-481B-92E9-52F2E5E84F24}) (Version: 1.00.15 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{adbc3d98-57f2-4d68-b155-138f8fb0f73d}) (Version: 1.00.15 - Ene Tech.) Hidden ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden ENE_EHD_ASM_HAL (HKLM\...\{CB19FBA3-7A4F-4D2A-A231-F580B5DCD203}) (Version: 1.00.05 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_ASM_HAL (HKLM-x32\...\{3532d794-73d7-42bd-af02-9f00623dd567}) (Version: 1.00.05 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{26b207d1-1f37-4df9-8b3f-aeebbca6bb85}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{385D03C4-767B-4B5F-A627-61319D136EF4}) (Version: 1.1.236.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FiveM (HKU\S-1-5-21-3288807659-332816388-867573109-1001\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective) GameInput Redistributable (HKLM-x32\...\{93B91052-9882-92F9-45E4-2EA38BC07D9E}) (Version: 10.1.19041.3357 - Microsoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.105 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden HDD Guardian 0.7.1 (HKLM-x32\...\{F67EF53C-11BF-4EC8-B025-EC85CABA50B5}) (Version: - ) Iratus Lord of the Dead MULTi11 - ElAmigos versión 176.02 (HKLM-x32\...\{1557DA0F-01C8-4B84-9FA6-21BAC46D5CC7}_is1) (Version: 176.02 - Daedalic Entertainment) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.20 - KINGSTON COMPONENTS INC.) Hidden Kingston AURA DRAM Component (HKLM-x32\...\{c0c65c06-e79e-44b5-bd66-85099364afeb}) (Version: 1.0.20 - KINGSTON COMPONENTS INC.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes) Megaquarium MULTi8 - ElAmigos versión 2.0.6 (HKLM-x32\...\{734F1AFD-1C3C-429F-9ACF-B1DAE05930D6}_is1) (Version: 2.0.6 - Twice Circled) Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.12527.20880 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3288807659-332816388-867573109-1001\...\OneDriveSetup.exe) (Version: 20.114.0607.0002 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3288807659-332816388-867573109-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Mozilla Firefox 76.0.1 (x64 es-MX) (HKLM\...\Mozilla Firefox 76.0.1 (x64 es-MX)) (Version: 76.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0.1 - Mozilla) MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD) NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20720 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20720 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12527.20720 - Microsoft Corporation) Hidden Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.24.258 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.9267 - Microsoft Corporation) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.5.3 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp) Trident Z Lighting Control (HKLM-x32\...\{97CD7AFC-0ED3-41B8-9CCD-22717E8631D0}_is1) (Version: 1.00.08 - ENG) Uplay (HKLM-x32\...\Uplay) (Version: 110.0 - Ubisoft) VALORANT (HKU\S-1-5-21-3288807659-332816388-867573109-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Packages: ========= DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Corporation) DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2020-04-20] (Microsoft Corporation) Gears Tactics -> C:\Program Files\WindowsApps\Microsoft.GanderBaseGame_1.0.115.0_x64__8wekyb3d8bbwe [2020-07-16] (0) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-15] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-15] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.7162.0_x64__8wekyb3d8bbwe [2020-07-22] (Microsoft Studios) [MS Ad] MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad] Servicios de juegos -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.43.13001.0_x64__8wekyb3d8bbwe [2020-07-16] (Microsoft Corporation) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-3288807659-332816388-867573109-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0 CustomCLSID: HKU\S-1-5-21-3288807659-332816388-867573109-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\theou\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3288807659-332816388-867573109-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\theou\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-04] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-04] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-07-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-04] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-04] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Archivo no firmado] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Archivo no firmado] ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= ==================== Alternate Data Streams (Lista blanca) ======== (Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.) AlternateDataStreams: C:\Users\theou:.repos [616620] AlternateDataStreams: C:\Users\theou\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130] ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE trusted site: HKU\S-1-5-21-3288807659-332816388-867573109-1001\...\sharepoint.com -> hxxps://myunitecedu-files.sharepoint.com ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2019-03-18 23:49 - 2020-08-04 00:33 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKU\S-1-5-21-3288807659-332816388-867573109-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 200.77.146.137 - 200.52.196.196 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run32: => "Spectrum" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [UDP Query User{D6418BA5-2E6A-4D10-829D-8953E9CB3780}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe => Ningún archivo FirewallRules: [TCP Query User{EAFE1BB9-EF6D-45E8-8090-339C0620963F}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe => Ningún archivo FirewallRules: [{EFE7DF72-F1E1-477F-8A43-AF1CC62165DF}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{DD85087F-13D7-4366-87B8-20DD8FE8EF2D}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [UDP Query User{5FEA975A-AE88-45F3-B324-C86F4CADD7C3}C:\users\theou\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\theou\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [Archivo no firmado] FirewallRules: [TCP Query User{C9D6F248-A4E3-4EAB-9BD6-2C077E7D2D97}C:\users\theou\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\theou\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [Archivo no firmado] FirewallRules: [UDP Query User{5EFF9EC0-BE47-45E1-8858-6FDD6B231F6F}C:\users\theou\appdata\local\fivem\fivem.exe] => (Allow) C:\users\theou\appdata\local\fivem\fivem.exe (cfx-collective) [Archivo no firmado] FirewallRules: [TCP Query User{BEBC3AA5-C17A-4BF4-94F4-1A56568A743E}C:\users\theou\appdata\local\fivem\fivem.exe] => (Allow) C:\users\theou\appdata\local\fivem\fivem.exe (cfx-collective) [Archivo no firmado] FirewallRules: [{C21314D7-8EF3-470F-A112-F5409154FDDB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E3CD74BE-918C-4609-B2A1-DB8A76257A8B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D9D35E2A-39F0-471C-B6BC-725E447956D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) [Archivo no firmado] FirewallRules: [{7DE7E5D0-4481-4029-A788-354798FD3F57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) [Archivo no firmado] FirewallRules: [UDP Query User{083FDBD9-25AA-4EEA-B83A-28BD663221CE}E:\no es el ssd\juegos\fivem\fivem(2).exe] => (Allow) E:\no es el ssd\juegos\fivem\fivem(2).exe => Ningún archivo FirewallRules: [TCP Query User{E7F022A0-D63E-4845-9C4A-22831CEC0993}E:\no es el ssd\juegos\fivem\fivem(2).exe] => (Allow) E:\no es el ssd\juegos\fivem\fivem(2).exe => Ningún archivo FirewallRules: [{D2BBD9D5-FC7F-4B2D-93BF-7B20933DCB21}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{06A5762C-75C8-49E6-A621-903A436DE2F9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{479DF287-0DEB-4149-ACB7-0FDF1063F34D}E:\no es el ssd\juegos\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) E:\no es el ssd\juegos\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => Ningún archivo FirewallRules: [TCP Query User{C97CC535-033B-404A-9B03-16FB04FD87F4}E:\no es el ssd\juegos\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) E:\no es el ssd\juegos\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => Ningún archivo FirewallRules: [UDP Query User{6C07BFAC-C725-45BB-881B-0C66A480C124}E:\no es el ssd\juegos\fivem\fivem.exe] => (Allow) E:\no es el ssd\juegos\fivem\fivem.exe => Ningún archivo FirewallRules: [TCP Query User{4804948A-5BD0-4B2E-9A02-3354F96C3056}E:\no es el ssd\juegos\fivem\fivem.exe] => (Allow) E:\no es el ssd\juegos\fivem\fivem.exe => Ningún archivo FirewallRules: [{CCD3DB8D-58D0-45B1-95B0-B8512844961B}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => Ningún archivo FirewallRules: [{4F29C595-73E3-4C8A-A714-1F3E16CFA11C}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => Ningún archivo FirewallRules: [{4C03ADB5-D455-4452-AA09-8F43D9784B5B}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe => Ningún archivo FirewallRules: [{785432BF-FDAC-46E1-8EF7-DE4124F59F8E}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe => Ningún archivo FirewallRules: [{717F9A20-9580-4C27-B2E1-E1BD00BA2CA3}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => Ningún archivo FirewallRules: [{D3FCF61E-FF57-4C3F-9863-B63DCF0DC967}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => Ningún archivo FirewallRules: [UDP Query User{C4B12B39-656E-4FD0-AEC0-AF28C304CBEB}C:\users\theou\downloads\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\theou\downloads\fivem.app\cache\subprocess\fivem_gtaprocess.exe => Ningún archivo FirewallRules: [TCP Query User{1B675AD4-C46F-454B-B6CB-76D06AE48B3A}C:\users\theou\downloads\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\theou\downloads\fivem.app\cache\subprocess\fivem_gtaprocess.exe => Ningún archivo FirewallRules: [UDP Query User{27E6A4D2-92E9-4024-B7D0-50CC7D45919A}C:\users\theou\downloads\fivem.exe] => (Allow) C:\users\theou\downloads\fivem.exe => Ningún archivo FirewallRules: [TCP Query User{98024CFC-F040-4F7B-9046-1A2CC472B6FE}C:\users\theou\downloads\fivem.exe] => (Allow) C:\users\theou\downloads\fivem.exe => Ningún archivo FirewallRules: [{387E6112-DADF-428F-B7E1-8FF65323164E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{33BCFD68-C24C-4609-95C9-28E39A5426D8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A76384A1-B18F-4890-B7FF-30BE0F1D6A19}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{50DF42C5-A57E-4827-8A7A-41D64404FCE9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DD40715A-3385-4880-AB65-5CDFB795C329}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{4A4D2B68-AF68-4EF7-B894-93420887A77D}E:\games\epic games\gtav\gta5.exe] => (Allow) E:\games\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{975053B7-9BAF-4422-A14E-CE5303EA9CD4}E:\games\epic games\gtav\gta5.exe] => (Allow) E:\games\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{9E550738-5A59-4B19-90EE-FE2FCD30C75A}C:\users\theou\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\theou\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.) FirewallRules: [TCP Query User{EAE4ED86-E0DA-41BC-82D2-E9C0CF5AFC97}C:\users\theou\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\theou\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.) FirewallRules: [UDP Query User{1146747F-C4B5-45F9-A1C1-B4559ABE0001}E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe] => (Allow) E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe => Ningún archivo FirewallRules: [TCP Query User{562C1576-F976-4584-A403-60FF8DF5AB96}E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe] => (Allow) E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe => Ningún archivo FirewallRules: [{FB518DFF-7A45-41BD-AECA-7432A4ADF12B}] => (Allow) E:\Steam\steamapps\common\RE3\re3.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{16BACE4A-1D4F-4D83-8435-327521AF8F69}] => (Allow) E:\Steam\steamapps\common\RE3\re3.exe (CAPCOM CO., LTD. -> ) FirewallRules: [UDP Query User{A979C35A-4332-4728-BE15-E3FF4C5EA0A4}C:\users\theou\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\theou\appdata\local\blitz\current\blitz.exe => Ningún archivo FirewallRules: [TCP Query User{50007EBA-D238-4D61-B0E9-C17EF2F5DD5A}C:\users\theou\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\theou\appdata\local\blitz\current\blitz.exe => Ningún archivo FirewallRules: [{9821C0A5-11F1-4A31-B340-1C245CF2B0B4}] => (Allow) E:\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{FF246580-1E73-4362-9DF0-64E60B72B0E4}] => (Allow) E:\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{2D689EBB-74BF-4E72-8F34-E196DC8708BC}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{87D114A4-5730-48D2-8AF9-1D6C1FE43E9F}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{A36D0283-EA1E-4F0B-985D-911CF28EDB1E}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe => Ningún archivo FirewallRules: [TCP Query User{50EB87DC-6F9A-4FBB-83EC-AA2D4BFBFA74}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe => Ningún archivo FirewallRules: [UDP Query User{C0107854-1FD1-4FF7-A770-E09E57614DD3}E:\no es el ssd\blizzard\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\no es el ssd\blizzard\call of duty modern warfare\modernwarfare.exe => Ningún archivo FirewallRules: [TCP Query User{25175643-2AF3-42F0-BA36-0821FE22579D}E:\no es el ssd\blizzard\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\no es el ssd\blizzard\call of duty modern warfare\modernwarfare.exe => Ningún archivo FirewallRules: [UDP Query User{EF91A30F-FBDA-4728-89FE-231D0351B8A5}D:\games\epic games\batmanarkhamasylum\binaries\shippingpc-bmgame.exe] => (Allow) D:\games\epic games\batmanarkhamasylum\binaries\shippingpc-bmgame.exe => Ningún archivo FirewallRules: [TCP Query User{8103FC49-F0E1-4D2B-A112-D1E6131DE0EE}D:\games\epic games\batmanarkhamasylum\binaries\shippingpc-bmgame.exe] => (Allow) D:\games\epic games\batmanarkhamasylum\binaries\shippingpc-bmgame.exe => Ningún archivo FirewallRules: [UDP Query User{7691E98A-8142-4659-A3C3-773C443931EA}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo FirewallRules: [TCP Query User{F92772C3-A270-43CB-B450-B6C860402496}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo FirewallRules: [UDP Query User{4B23C511-F904-4F8B-9FF0-0EAA75CF30A2}D:\no es el ssd\juegos\need for speed heat\needforspeedheat.exe] => (Allow) D:\no es el ssd\juegos\need for speed heat\needforspeedheat.exe => Ningún archivo FirewallRules: [TCP Query User{EE9D374C-C851-490D-8B48-4265368C0D6B}D:\no es el ssd\juegos\need for speed heat\needforspeedheat.exe] => (Allow) D:\no es el ssd\juegos\need for speed heat\needforspeedheat.exe => Ningún archivo FirewallRules: [{3006C5CE-7354-4911-9C76-327B0C46106D}] => (Allow) D:\Steam\steamapps\common\Black Desert Online\Black Desert Online Steam Launcher.exe => Ningún archivo FirewallRules: [{0DE553C3-CEAC-45AC-BF47-A7C702708A2C}] => (Allow) D:\Steam\steamapps\common\Black Desert Online\Black Desert Online Steam Launcher.exe => Ningún archivo FirewallRules: [{6F6C79C5-A883-4D58-9790-7A4EA0878BF6}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe => Ningún archivo FirewallRules: [{A93343EC-03C5-4A80-99A8-2F871FC5FE32}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe => Ningún archivo FirewallRules: [{CB477DA3-4355-4453-8AED-EB4795DE5A05}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Ningún archivo FirewallRules: [{DE92ACC5-FA01-4232-A231-D85FC99DBF72}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Ningún archivo FirewallRules: [{AF342766-41BE-4B2D-B125-F6BCB05603D1}] => (Allow) D:\Steam\Steam.exe => Ningún archivo FirewallRules: [{AA82E17A-B819-4230-8B82-0C2BC8684315}] => (Allow) D:\Steam\Steam.exe => Ningún archivo FirewallRules: [UDP Query User{14153A10-0EA8-43EA-A1D7-592F1A709BE1}D:\no es el ssd\blizzard\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\no es el ssd\blizzard\call of duty modern warfare\modernwarfare.exe => Ningún archivo FirewallRules: [TCP Query User{72DF3E5F-00EE-44DC-91E1-4C346653A438}D:\no es el ssd\blizzard\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\no es el ssd\blizzard\call of duty modern warfare\modernwarfare.exe => Ningún archivo FirewallRules: [TCP Query User{A51A0D73-1426-4CF8-9585-86F4F636C67B}E:\games\epic games\killingfloor2\binaries\win64\kfgame.exe] => (Allow) E:\games\epic games\killingfloor2\binaries\win64\kfgame.exe (Tripwire Interactive, LLC.) [Archivo no firmado] FirewallRules: [UDP Query User{5D5B7D04-C5B1-4524-B480-CEE4D9DC3E8B}E:\games\epic games\killingfloor2\binaries\win64\kfgame.exe] => (Allow) E:\games\epic games\killingfloor2\binaries\win64\kfgame.exe (Tripwire Interactive, LLC.) [Archivo no firmado] FirewallRules: [{0E612803-9BD1-4FFF-B0B2-9908B247021D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{51FCF560-715D-49A5-9D18-BDB7CC45AE70}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{420F2F4D-3929-4397-8098-BF7EC345A3B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EE358615-EF86-48A5-BBAB-2A2E02E8D099}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E7EE4D09-59EB-4560-A4CB-3C6857AA01B5}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [TCP Query User{355B0F0D-6A1B-4DDF-82FE-702108204AFF}C:\users\theou\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\theou\appdata\local\citra\nightly-mingw\citra-qt.exe () [Archivo no firmado] FirewallRules: [UDP Query User{0BF31E23-2448-4E2A-9628-9688EA7F53D2}C:\users\theou\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\theou\appdata\local\citra\nightly-mingw\citra-qt.exe () [Archivo no firmado] FirewallRules: [TCP Query User{CE512F34-0C90-4A1F-926A-F913EFD90DCE}E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [Archivo no firmado] FirewallRules: [UDP Query User{2BDDAD37-62D7-479C-A34A-5C972E265E67}E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [Archivo no firmado] FirewallRules: [{A52C518E-44D7-496F-99AC-6A51FDB070D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D940B49A-D83D-456F-99C2-192F5B869623}] => (Allow) C:\Users\theou\AppData\Roaming\b339c7987478\b339c7987478\b339c7987478.exe => Ningún archivo FirewallRules: [{23628CA5-4B05-4032-8E6D-58D14FC8154E}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{8B8FBF99-64B7-42C4-9862-C7CD897BEFC3}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [UDP Query User{EB0790DA-4D71-4121-A7D1-C5ADC2BDAAE0}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{E8389037-4C4F-4351-961B-D56473E6B2CE}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{F9B223C5-C31B-4AE6-92A5-F668681181E8}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) ==================== Puntos de Restauración ========================= ATENCIÓN: Restaurar Sistema está deshabilitado (Total:111.22 GB) (Free:33.78 GB) (30%) ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ Name: Controlador de infraestructura de virtualización de Microsoft Hyper-V Description: Controlador de infraestructura de virtualización de Microsoft Hyper-V Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: Vid Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (08/12/2020 10:49:41 AM) (Source: ESENT) (EventID: 439) (User: ) Description: svchost (9236,R,98) Unistore: No se puede escribir una copia sombra del encabezado para el archivo C:\Users\theou\AppData\Local\Comms\UnistoreDB\USS.jcp. Error -1032. Error: (08/12/2020 10:49:41 AM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost (9236,R,98) Unistore: Al intentar abrir el archivo "C:\Users\theou\AppData\Local\Comms\UnistoreDB\USS.jcp" para acceso de lectura y escritura se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8). Error: (08/12/2020 10:49:31 AM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost (9236,R,98) Unistore: Al intentar abrir el archivo "C:\Users\theou\AppData\Local\Comms\UnistoreDB\USS.jcp" para acceso de lectura y escritura se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8). Error: (08/12/2020 10:49:31 AM) (Source: ESENT) (EventID: 439) (User: ) Description: taskhostw (6740,R,98) WebCacheLocal: No se puede escribir una copia sombra del encabezado para el archivo C:\Users\theou\AppData\Local\Microsoft\Windows\WebCache\V01.chk. Error -1032. Error: (08/12/2020 10:49:31 AM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhostw (6740,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\theou\AppData\Local\Microsoft\Windows\WebCache\V01.chk" para acceso de lectura y escritura se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8). Error: (08/12/2020 10:49:21 AM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost (9236,R,98) Unistore: Al intentar abrir el archivo "C:\Users\theou\AppData\Local\Comms\UnistoreDB\USS.jcp" para acceso de lectura y escritura se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8). Error: (08/12/2020 10:49:21 AM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhostw (6740,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\theou\AppData\Local\Microsoft\Windows\WebCache\V01.chk" para acceso de lectura y escritura se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8). Error: (08/12/2020 10:49:10 AM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhostw (6740,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\theou\AppData\Local\Microsoft\Windows\WebCache\V01.chk" para acceso de lectura y escritura se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8). Errores del sistema: ============= Error: (08/13/2020 11:39:49 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-I8D5CR2) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (08/13/2020 11:39:28 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-I8D5CR2) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (08/13/2020 11:39:18 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {9E175B68-F52A-11D8-B9A5-505054503030} Error: (08/13/2020 11:39:17 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-I8D5CR2) Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (08/13/2020 11:39:17 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-I8D5CR2) Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "No disponible" para ejecutar el servidor: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} Error: (08/13/2020 11:39:17 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-I8D5CR2) Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "No disponible" para ejecutar el servidor: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} Error: (08/13/2020 11:39:17 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-I8D5CR2) Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "No disponible" para ejecutar el servidor: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} Error: (08/13/2020 11:39:14 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-I8D5CR2) Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} Windows Defender: =================================== Date: 2020-08-04 00:05:26.0430000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {A1A3020F-D4D4-4D58-B4A4-798003FCAAFA} Tipo de examen: Antimalware Parámetros de examen: Examen completo Usuario: DESKTOP-I8D5CR2\theou Date: 2020-08-03 23:40:35.0190000Z Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.C!ml&threatid=2147749372&enterprise=0 Nombre: Trojan:Win32/Wacatac.C!ml Id.: 2147749372 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: file:_C:\Users\theou\AppData\Local\Temp\7884\C\Program Files (x86)\TÅÀÌ\seed.sfx.exe Origen de detección: Equipo local Tipo de detección: FastPath Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de inteligencia de seguridad: AV: 1.321.557.0, AS: 1.321.557.0, NIS: 1.321.557.0 Versión de motor: AM: 1.1.17300.4, NIS: 1.1.17300.4 Date: 2020-08-03 23:40:30.5810000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {1A4BE094-7B73-4FC4-B033-FC7AE2F97383} Tipo de examen: Antimalware Parámetros de examen: Examen completo Usuario: DESKTOP-I8D5CR2\theou Date: 2020-08-03 23:23:08.4420000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {5A53CF5B-4FAA-4083-BCBD-B2FCB06E8208} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: DESKTOP-I8D5CR2\theou Date: 2020-08-03 23:13:40.1890000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {EF68E3A7-F5E0-470A-99A7-B0F3AF03D6E1} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: DESKTOP-I8D5CR2\theou Date: 2020-08-13 11:36:27.5350000Z Description: La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2020-08-12 10:39:56.7530000Z Description: La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2020-08-09 19:59:30.5720000Z Description: Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.321.624.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17300.4 Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Date: 2020-08-09 19:49:28.5380000Z Description: La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2020-08-04 21:16:05.8080000Z Description: Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.321.624.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17300.4 Código de error: 0x80070057 Descripción del error: El parámetro no es correcto. CodeIntegrity: =================================== Date: 2020-08-13 11:34:53.2610000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\avgfmwlight.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-08-13 11:34:51.5920000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\avgfmwlight.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-08-13 11:34:47.5510000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\avgfmwlight.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-08-13 11:34:34.6650000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\avgfmwlight.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-08-13 11:34:34.6520000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\avgfmwlight.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-08-13 11:34:34.3820000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-08-13 11:34:34.3390000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-08-12 11:25:18.7140000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. 5222 10/15/2019 Placa base: ASUSTeK COMPUTER INC. PRIME X370-A Procesador: AMD Ryzen 7 2700 Eight-Core Processor Porcentaje de memoria en uso: 15% RAM física total: 16320.62 MB RAM física disponible: 13804.73 MB Virtual total: 18752.62 MB Virtual disponible: 16512.62 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:111.22 GB) (Free:33.78 GB) NTFS Drive e: (Nuevo vol) (Fixed) (Total:931.51 GB) (Free:332.83 GB) NTFS \\?\Volume{462f0d9a-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 38F6BDC5) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 462F0D9A) Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS) ==================== Final de Addition.txt =======================