Buenas tardes a todos y muchas gracias de antemano.
He estado leyendo numerosos casos como el mío, el notepad.exe me consume toda la memoria RAM. Me había pasado hace unas semanas e intenté eliminarlo por mi cuenta con la información extraída del foro pero ha vuelto a aparecer, por lo que entiendo que es necesario como ya se comentó personalizar la desinfección en cada caso.
El caso, he descargado FRST en escritorio y escaneado, os pego los reportes obtenidos para que me podáis ayudar con el proceso cuando os sea posible.
Muchas gracias.
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-12-2019
Ejecutado por Jaco (02-01-2020 19:48:30)
Ejecutado desde C:\Users\Jaco\Desktop
Windows 10 Pro Versión 1909 18363.535 (X64) (2019-08-29 20:26:19)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-3212725279-3875735351-1938983290-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3212725279-3875735351-1938983290-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3212725279-3875735351-1938983290-1003 - Limited - Enabled)
Invitado (S-1-5-21-3212725279-3875735351-1938983290-501 - Limited - Disabled)
Jaco (S-1-5-21-3212725279-3875735351-1938983290-1001 - Administrator - Enabled) => C:\Users\Jaco
WDAGUtilityAccount (S-1-5-21-3212725279-3875735351-1938983290-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3212725279-3875735351-1938983290-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.00 - Canon Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 87.4.138 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
FactuCont 5 (HKLM-x32\...\FactuCont 5) (Version: - )
FonePaw Recuperación de Datos 1.7.0 (HKLM-x32\...\{23A4B7F6-D64E-4BDB-888E-EBE1B8972A4C}_is1) (Version: 1.7.0 - FonePaw)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Hofmann 12.0.0.11 (HKLM-x32\...\{FAF6DF16-51F8-4A8A-B3B2-D349A5FD491F}) (Version: 12.0.0 - Hofmann)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7263 - Intel Corporation)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Kodi (HKU\S-1-5-21-3212725279-3875735351-1938983290-1001\...\Kodi) (Version: - XBMC Foundation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3212725279-3875735351-1938983290-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.2 - Notepad++ Team)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PhotoME (HKLM-x32\...\PhotoME_is1) (Version: 0.79R17 - Jens Duttke)
Programa Saal Design (HKLM-x32\...\{CB151870-B711-E4E0-EDC2-19D7A047E986}) (Version: 4.1 - Saal Digital Fotoservice GmbH) Hidden
Programa Saal Design (HKLM-x32\...\ProgramaSaalDesign) (Version: 4.1 - Saal Digital Fotoservice GmbH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SketchUp 2019 (HKLM\...\{7EDDA955-6D4D-DB6C-C2C3-B757702C0FFE}) (Version: 19.3.253.135 - Trimble, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2019-05-23] (Canon Inc.)
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-14] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-17] (Dolby Laboratories)
Dropbox para modo S -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.3.0_x64__xbfy0k16fey96 [2019-09-27] (Dropbox Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_1.8.15.0_x64__t4vj0pshhgkwm [2019-10-08] (Telegram Messenger LLP)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-3212725279-3875735351-1938983290-1001_Classes\CLSID\{04271989-C4D2-27E8-55A3-DCFE36CB3916} -> [OneDrive - Certa Servicios Periciales, S.L] => C:\Users\Jaco\OneDrive - Certa Servicios Periciales, S.L [2018-03-09 22:15]
CustomCLSID: HKU\S-1-5-21-3212725279-3875735351-1938983290-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Jaco\Dropbox [2018-03-05 00:12]
CustomCLSID: HKU\S-1-5-21-3212725279-3875735351-1938983290-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-12-04] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d03105a152ac7ed4\igfxDTCM.dll [2019-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2019-12-02 23:29 - 2019-12-02 23:29 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\Users\Jaco\.DS_Store:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Jaco\Desktop\MARTINA-13.jpg:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Jaco\Documents\.DS_Store:AFP_AfpInfo [122]
==================== Modo Seguro (Lista blanca) ==================
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\S-1-5-21-3212725279-3875735351-1938983290-1001\...\meteogalicia.gal -> hxxp://www.meteogalicia.gal
IE trusted site: HKU\S-1-5-21-3212725279-3875735351-1938983290-1001\...\sinexia.es -> hxxp://diversos.sinexia.es
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2015-07-10 12:04 - 2019-12-18 15:36 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-3212725279-3875735351-1938983290-1001\Control Panel\Desktop\\Wallpaper -> c:\users\jaco\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\_mg_1680.jpg
DNS Servers: 80.58.61.254 - 80.58.61.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [UDP Query User{45904025-91F2-4139-B1DD-1E053A50C3B8}C:\users\jaco\appdata\roaming\utorrent\updates\3.5.5_45311.exe] => (Block) C:\users\jaco\appdata\roaming\utorrent\updates\3.5.5_45311.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{E2247CB8-1BE8-46E1-BBC9-4322E31C0266}C:\users\jaco\appdata\roaming\utorrent\updates\3.5.5_45311.exe] => (Block) C:\users\jaco\appdata\roaming\utorrent\updates\3.5.5_45311.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{56EFDFA8-EA6E-4B7C-BCE1-160D38DF4F6B}C:\users\jaco\appdata\roaming\utorrent\updates\3.5.5_45231.exe] => (Allow) C:\users\jaco\appdata\roaming\utorrent\updates\3.5.5_45231.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{C0317462-2C4B-444F-BF97-06E379BDB0F1}C:\users\jaco\appdata\roaming\utorrent\updates\3.5.5_45231.exe] => (Allow) C:\users\jaco\appdata\roaming\utorrent\updates\3.5.5_45231.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{3B708554-C822-48F5-9F9F-E69E2C4DB9CD}C:\users\jaco\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jaco\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{25D4D59F-319E-42EB-8439-3C5CDAE5E8F6}C:\users\jaco\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jaco\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{6DBD946C-5934-4E83-ABBA-25542CA70B81}C:\users\jaco\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\jaco\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{AEC06911-4C88-4C78-BC6A-91ADFFE2B0B0}C:\users\jaco\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\jaco\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{4ACDA701-3E17-4986-9BBE-49B6F2005E82}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{7C2A0E3A-AF61-4540-A7FD-B69B1DA145B5}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{6BDC0377-334F-4E53-AFB9-920764C56381}C:\users\jaco\appdata\roaming\utorrent\updates\3.5.4_44632.exe] => (Allow) C:\users\jaco\appdata\roaming\utorrent\updates\3.5.4_44632.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{08F330C6-F2DD-4950-A916-B1412FDEE9DF}C:\users\jaco\appdata\roaming\utorrent\updates\3.5.4_44632.exe] => (Allow) C:\users\jaco\appdata\roaming\utorrent\updates\3.5.4_44632.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{2194E9CE-B95A-4FF0-9059-CD5A1CF9C239}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9045028A-D3D0-4961-BD7B-E718775FC989}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{CB0D43AC-1122-4EC7-BE59-67833E732F9F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22432CA4-E449-4D96-9450-E71F6AD7E25C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0F4A0E7A-883B-46E2-99D8-729BF55C84B6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3AFA3B81-0B2D-4DC7-8A6B-8631E6E747AB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{026D7444-92C2-43A2-AD9F-85C3E43E8774}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1931932A-E86C-4661-943D-DA14CFE8A0E1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{141DFEE5-3B40-4D13-84C4-D703E488A6F3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{535C01CC-50EC-4134-82D4-2281344F6374}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{60A50071-8314-425A-84FA-805FD75564F2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{A5C0480D-99E3-479D-AB3C-526AB8AAD536}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Puntos de Restauración =========================
18-12-2019 15:52:33 End of disinfection
22-12-2019 12:20:10 SketchUp 2019 instalado(s)
31-12-2019 21:09:06 Punto de control programado
02-01-2020 19:09:49 Instalador de Módulos de Windows
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: Teclado PS/2 estándar
Description: Teclado PS/2 estándar
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Teclados estándar)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Mouse PS/2 de Microsoft
Description: Mouse PS/2 de Microsoft
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (01/02/2020 07:13:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5020,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/02/2020 06:27:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4920,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/02/2020 06:20:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5216,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/02/2020 06:05:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2016,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/02/2020 05:27:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5836,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/02/2020 04:29:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6528,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/02/2020 04:10:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11776,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/02/2020 03:32:46 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4260,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Errores del sistema:
=============
Error: (01/02/2020 07:41:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio cphs se cerró con el siguiente error:
Identificador no válido
Error: (01/02/2020 07:41:23 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QOB28A0)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (01/02/2020 07:41:20 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QOB28A0)
Description: Error de DCOM "1084" al intentar iniciar el servicio camsvc con argumentos "No disponible" para ejecutar el servidor:
Windows.Internal.CapabilityAccess.CapabilityAccess
Error: (01/02/2020 07:41:06 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QOB28A0)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (01/02/2020 07:41:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QOB28A0)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (01/02/2020 07:40:55 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QOB28A0)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (01/02/2020 07:40:49 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QOB28A0)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (01/02/2020 07:40:43 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QOB28A0)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Windows Defender:
===================================
Date: 2020-01-02 18:15:00.788
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_D:\uTorrent\Windows 10 (Multiple Editions) SPANISH\MICROSOFT.WINDOWS.10.PRO-CORE.RTM.10240.X64.OEMRET.SPANISH.DVD-WZT\KMSAuto Lite Portable TEST5+\KMSAuto.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-QOB28A0\Jaco
Nombre de proceso: C:\Users\Jaco\Downloads\esetonlinescanner_esn.exe
Versión de inteligencia de seguridad: AV: 1.307.1571.0, AS: 1.307.1571.0, NIS: 1.307.1571.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7
Date: 2020-01-02 18:00:12.220
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.E!MSR&threatid=2147743252&enterprise=0
Nombre: HackTool:Win32/AutoKMS.E!MSR
Id.: 2147743252
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_D:\Software\Office 2010 Castellano-Multilenguaje Full.mundomanuales\Office Toolkit 2010 [activa cualquier edicion 2010]\ActivadorOffice 2010 Toolkit.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-QOB28A0\Jaco
Nombre de proceso: C:\Users\Jaco\Downloads\esetonlinescanner_esn.exe
Versión de inteligencia de seguridad: AV: 1.307.1571.0, AS: 1.307.1571.0, NIS: 1.307.1571.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7
Date: 2020-01-02 17:58:06.323
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Patcher&threatid=2147659947&enterprise=0
Nombre: HackTool:Win32/Patcher
Id.: 2147659947
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_D:\Software\ADOBE ACROBAT DC.2018-PVP\Patch (PainteR)\amtemu.v0.9.2.win-painter\amtemu.v0.9.2-painter.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-QOB28A0\Jaco
Nombre de proceso: C:\Users\Jaco\Downloads\esetonlinescanner_esn.exe
Versión de inteligencia de seguridad: AV: 1.307.1571.0, AS: 1.307.1571.0, NIS: 1.307.1571.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7
Date: 2019-12-18 16:05:45.538
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {1BB4FB83-724A-4311-8F73-0324D0C0254F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-12-18 15:15:52.127
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {4EDFDD67-490C-4E09-9F47-4F64EDFF10C9}
Tipo de examen: Antimalware
Parámetros de examen: Examen personalizado
Usuario: DESKTOP-QOB28A0\Jaco
Date: 2020-01-02 19:36:06.694
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.307.1571.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16600.7
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Date: 2020-01-02 19:26:05.278
Description:
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2019-12-19 01:08:53.946
Description:
Antivirus de Windows Defender encontró un error al intentar cargar la inteligencia de seguridad e intentará revertir a una versión que sepa que es correcta.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80070003
Descripción del error: El sistema no puede encontrar la ruta especificada.
Versión de inteligencia de seguridad: 0.0.0.0;0.0.0.0
Versión del motor: 0.0.0.0
CodeIntegrity:
===================================
Date: 2020-01-02 19:42:23.920
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-01-02 19:20:02.891
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-02 19:20:02.819
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-02 19:20:02.798
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-02 19:20:02.026
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-01-02 19:04:33.949
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-01-02 09:30:09.986
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2019-12-19 01:09:34.069
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. A.30 04/05/2017
Placa base: MSI B250I PRO (MS-7A67)
Procesador: Intel(R) Pentium(R) CPU G4600 @ 3.60GHz
Porcentaje de memoria en uso: 56%
RAM física total: 8085.03 MB
RAM física disponible: 3525.35 MB
Virtual total: 10901.03 MB
Virtual disponible: 6215.98 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:231.82 GB) (Free:98.6 GB) NTFS
Drive d: (Disco local) (Fixed) (Total:1765.35 GB) (Free:143.81 GB) NTFS
\\?\Volume{5cc03e19-88f6-4338-862b-9631edb8cd14}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{f94e8231-6924-4cef-bd02-d596144521e2}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{4e67eec6-7e9e-40bc-b9d6-b6f8a432863e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005418E)
Partition 1: (Active) - (Size=1765.4 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 30313BF2)
Partition: GPT.
==================== Final de Addition.txt =======================