Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 22-11-2020 01 Ejecutado por selohu (25-11-2020 16:34:04) Ejecutado desde C:\Users\selohu\Desktop Windows 10 Pro Versión 20H2 19042.630 (X64) (2020-05-28 08:09:57) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-991384485-3360299836-4042273512-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-991384485-3360299836-4042273512-503 - Limited - Disabled) Invitado (S-1-5-21-991384485-3360299836-4042273512-501 - Limited - Enabled) selohu (S-1-5-21-991384485-3360299836-4042273512-1001 - Administrator - Enabled) => C:\Users\selohu WDAGUtilityAccount (S-1-5-21-991384485-3360299836-4042273512-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} FW: ESET Cortafuegos (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) 4K Video Downloader 4.12 (HKLM-x32\...\{A490FDCE-03DF-4B63-92D9-9C9ADC4246C3}) (Version: 4.12.0.3570 - Open Media LLC) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) AccessData FTK Imager (HKLM-x32\...\{0ADC8340-4A94-4CE3-A721-B558F365F8D0}) (Version: 3.1.2.0 - AccessData) Acronis Disk Director 12.5 (HKLM-x32\...\{AE5BBAA8-5AF2-40DB-A13D-F015439EC7C7}) (Version: 12.5.163 - Acronis) Actualización de NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden Adobe Connect (HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Adobe Connect App) (Version: 2020.9.21.64 - Adobe Systems Inc.) Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0) (Version: 22.0.0.35 - Adobe Inc.) Air Live Drive (HKLM\...\Air Live Drive) (Version: 1.7.0 - hxxp://www.airlivedrive.com) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.40.01.18 - Advanced Micro Devices, Inc.) Apowersoft Online Launcher version 1.7.8 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.8 - APOWERSOFT LIMITED) Apowersoft Online Launcher version 1.8.0 (HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.0 - APOWERSOFT LIMITED) Apple Application Support (32 bits) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.2.3.0000 - Asmedia Technology) Asoftech Data Recovery (HKLM-x32\...\{1AED6EB7-8FEA-4021-B8FD-EBAA6B21679F}) (Version: 2.00 - ) Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team) Autopsy (HKLM\...\{9F0FC65E-2169-49ED-A2CA-14F8C4D50115}) (Version: 4.14.0 - The Sleuth Kit) AVerMedia A706 PCI Pure DVB-S 3.6.64.2 (HKLM-x32\...\AVerMedia A706 PCI Pure DVB-S) (Version: 3.6.64.2 - AVerMedia TECHNOLOGIES, Inc.) AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - ) BCUninstaller (HKLM\...\{f4fef76c-1aa9-441c-af7e-d27f58d898d1}_is1) (Version: 4.16.0.38993 - Marcin Szeniak) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 87.1.17.73 - Los creadores de Brave) Camtasia 2019 (HKLM\...\{FF10C4F0-9186-405F-809D-D2E8D5E39448}) (Version: 19.0.10.17662 - TechSmith Corporation) Hidden Camtasia 2019 (HKLM-x32\...\{03e048a7-3690-409c-b9c4-27612f78bd68}) (Version: 19.0.10.17662 - TechSmith Corporation) CrystalDiskInfo 8.8.9 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.8.9 - Crystal Dew World) Cuadro de mensaje de excepción de Microsoft (HKLM\...\{847CE738-909B-4A98-9CF5-230EB23CA92D}) (Version: 9.00.5000.00 - Microsoft Corporation) Hidden Discord (HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Discord) (Version: 0.0.308 - Discord Inc.) DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 6.1.7.2 - CM&V) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) eMule (HKLM-x32\...\eMule) (Version: - ) ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.) FinalData Standard 2.0 (HKLM-x32\...\FinalData Standard 2.0) (Version: - ) GetDataBack Pro version 5.55 (HKLM\...\GetDataBack Pro Install_is1) (Version: 5.55 - Runtime Software, LLC) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.61 - Janos Mathe) iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.) IPTViewr para movistar+ 1.5 “Kruger 60” beta 1 SP1 (HKLM-x32\...\{525CDE99-1EB0-4E7D-8C36-A4F148E82463}) (Version: 1.5.1105.0 - hxxp://www.alphacentaury.org) Java(TM) SE Development Kit 13.0.2 (64-bit) (HKLM\...\{606493F9-D1F1-5355-BB8A-F0E30F1AFFED}) (Version: 13.0.2.0 - Oracle Corporation) K-Lite Codec Pack 15.4.8 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.4.8 - KLCP) LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes) LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft OneDrive (HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ESN (HKLM\...\{D7126FFC-90BA-4120-8FFB-3688C9931A09}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.51.1 - Microsoft Corporation) Npcap (HKLM-x32\...\NpcapInst) (Version: 0.9997 - Nmap Project) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden NVIDIA Controlador de audio HD 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation) NVIDIA Controlador de gráficos 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation) NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden Paquete de controladores de Windows - Amazon.com (WinUSB) FireDevicesUsbDeviceClass (10/27/2014 1.4.0000.00000) (HKLM\...\70D74CAD18BB165614511A2A67DB9EBF036D06A9) (Version: 10/27/2014 1.4.0000.00000 - Amazon.com) Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) Python 3.9.0 (64-bit) (HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\{a2a37ca0-8ebd-4d7e-b4b8-e6b1740c2ce0}) (Version: 3.9.150.0 - Python Software Foundation) Python 3.9.0 Add to Path (64-bit) (HKLM\...\{4F5E962C-96E9-45B9-8F14-9A91748981C6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Core Interpreter (64-bit symbols) (HKLM\...\{0B6B4D1E-0A3A-4EBE-813B-FC70C0A44D41}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Core Interpreter (64-bit) (HKLM\...\{92F322B1-D69A-43D1-82B4-24ADEBE5C650}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Development Libraries (64-bit) (HKLM\...\{E73FE192-7766-49FA-B28A-32F700D98A15}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Documentation (64-bit) (HKLM\...\{35E94198-B9F1-4D1E-A869-636AD5E6BCA8}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Executables (64-bit symbols) (HKLM\...\{E90A7B0C-2DD1-47FB-86B8-749A63983B01}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Executables (64-bit) (HKLM\...\{A9F718BA-8B5F-4AE7-ADDA-EFFF431948DB}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 pip Bootstrap (64-bit) (HKLM\...\{27FF09D8-6DE6-4F63-A3DD-8758D615D543}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Standard Library (64-bit symbols) (HKLM\...\{E2B7FD64-E2BD-48CA-BB34-07060F2FEB9D}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Standard Library (64-bit) (HKLM\...\{42480EE5-670F-4AF3-A619-2E761A398340}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Tcl/Tk Support (64-bit symbols) (HKLM\...\{579D3A1C-8DB7-4415-971D-408D25543C17}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Tcl/Tk Support (64-bit) (HKLM\...\{4460A893-EFF6-4B33-BF21-BAA2159F57E6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Test Suite (64-bit symbols) (HKLM\...\{F3044CD6-CDAD-4A3F-8232-FDC3F5D4C7D0}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Test Suite (64-bit) (HKLM\...\{9141E990-BD45-4F42-BB32-B3012969355D}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python 3.9.0 Utility Scripts (64-bit) (HKLM\...\{35DC2DFB-0AEA-4DC2-AFA5-4EA2D2612B51}) (Version: 3.9.150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{E45E56A4-FCDD-4C4A-966A-4FB81C932219}) (Version: 3.9.7217.0 - Python Software Foundation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek) Revo Uninstaller Pro 4.3.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.7 - VS Revo Group, Ltd.) RogueKillerPE version 3.5.1.0 (HKLM\...\BEC55C5D-D6D0-4A41-B82C-264EC5EE8052_is1) (Version: 3.5.1.0 - Adlice Software) R-Studio 8.3 (HKLM-x32\...\R-Studio 8.3NSIS) (Version: 8.3.168075 - R-Tools Technology Inc.) Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) Telegram Desktop version 2.4.7 (HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC) VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) W10Privacy (HKLM-x32\...\W10Privacy) (Version: 3.6.1.1 - Bernd Schuster) WhatsApp (HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\WhatsApp) (Version: 2.2045.19 - WhatsApp) Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA) Wireshark 3.2.7 64-bit (HKLM-x32\...\Wireshark) (Version: 3.2.7 - The Wireshark developer community, hxxps://www.wireshark.org) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-05-10] (Adobe Systems Incorporated) Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-05-10] (Canon Inc.) Linux Cheatsheet -> C:\Program Files\WindowsApps\51231akshay2000.LinuxCheatsheet_1.2.0.0_neutral__1y7n7bzn5h0zw [2020-05-27] (akshay2000) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-10] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-10] (Microsoft Corporation) [MS Ad] Microsoft Defender Application Guard Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsDefenderApplicationGuard_1.0.11.0_x64__8wekyb3d8bbwe [2020-11-02] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-25] (NVIDIA Corp.) Python 3.8 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.8_3.8.1776.0_x64__qbz5n2kfra8p0 [2020-09-24] (Python Software Foundation) Ubuntu -> C:\Program Files\WindowsApps\CanonicalGroupLimited.UbuntuonWindows_2004.2020.812.0_x64__79rhkp1fndgsc [2020-08-20] (Canonical Group Limited) Windows Terminal -> C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.4.3243.0_x64__8wekyb3d8bbwe [2020-11-22] (Microsoft Corporation) [Startup Task] WinGet Source -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2020.529.552.462_neutral__8wekyb3d8bbwe [2020-05-29] (Microsoft Corporation) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-991384485-3360299836-4042273512-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-991384485-3360299836-4042273512-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-991384485-3360299836-4042273512-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-991384485-3360299836-4042273512-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-991384485-3360299836-4042273512-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-991384485-3360299836-4042273512-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-991384485-3360299836-4042273512-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0 CustomCLSID: HKU\S-1-5-21-991384485-3360299836-4042273512-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe (TechSmith Corporation -> TechSmith Corporation) CustomCLSID: HKU\S-1-5-21-991384485-3360299836-4042273512-1001_Classes\CLSID\{D592DDB5-1CFF-4CE2-A3A5-3C061503251E} -> [MEGA] => C:\Users\selohu\Documents\MEGA [2020-03-30 17:05] ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\selohu\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\selohu\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\selohu\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\selohu\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\selohu\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\selohu\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo ContextMenuHandlers1: [BthSendToContextMenuExt] -> {CF373149-C3D9-4AEB-9CE8-BDD1D2FFFA5B} => C:\WINDOWS\system32\BSAppShlExt.dll [2012-09-19] (IVT CORPORATION -> TODO: <公司名>) ContextMenuHandlers1: [CloudContextMenu] -> {f16ff8b9-0db7-39ef-b2ef-68ab9c2951c1} => C:\Program Files\AirLiveDrive\AirLiveDriveShellEx.DLL [2020-11-05] (INICIATIVAS INFORMATICAS Y DE COMUNICACION SL -> www.airlivedrive.com) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\selohu\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\selohu\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2020-09-14] (VMware, Inc. -> VMware, Inc.) ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2020-09-14] (VMware, Inc. -> VMware, Inc.) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\selohu\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado] ContextMenuHandlers4: [CloudContextMenu] -> {f16ff8b9-0db7-39ef-b2ef-68ab9c2951c1} => C:\Program Files\AirLiveDrive\AirLiveDriveShellEx.DLL [2020-11-05] (INICIATIVAS INFORMATICAS Y DE COMUNICACION SL -> www.airlivedrive.com) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\selohu\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_feed726c6560f7a7\nvshext.dll [2020-10-02] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado] ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group) ==================== Codecs (Lista blanca) ==================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [475672 2007-10-12] (Logitech Inc -> Logitech Inc.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2007-10-12] (Logitech Inc -> Logitech Inc.) ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= ==================== Alternate Data Streams (Lista blanca) ======== (Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.) AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74] AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74] ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\10589338.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\16990891.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19648080.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24697462.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\37238653.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\39326786.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\41645524.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\56281002.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\56866735.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\92292752.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\96003709.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMInstallerService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\10589338.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\16990891.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19648080.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24697462.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\37238653.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\39326786.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\41645524.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\56281002.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\56866735.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\92292752.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\96003709.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IMFservice => "@"="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMInstallerService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR523 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR523.SYS => ""="Driver" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer (Lista blanca) ========== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Internet Explorer\Main,Start Page = SearchScopes: HKU\S-1-5-21-991384485-3360299836-4042273512-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\SysWow64\skype4com.dll [2012-09-19] (IVT CORPORATION -> Skype Technologies) (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE trusted site: HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\trendmicro.com -> hxxps://pwm.trendmicro.com ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2020-11-25 14:29 - 2020-11-25 14:29 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2020-03-28 02:57 - 2020-10-11 12:54 - 000000621 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 192.168.1.33 selohu.mshome.net # 2025 10 5 10 11 54 57 473 17.209.65 selohu.mshome.net # 2025 4 5 18 3 20 5 366 172.18.44.1 selohu.mshome.net # 2025 4 3 16 9 6 42 330 84 ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall de Windows está habilitado. Network Binding: ============= VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) VMware Network Adapter VMnet8: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) VMware Network Adapter VMnet8: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) VMware Network Adapter VMnet1: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) VMware Network Adapter VMnet1: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) Npcap Loopback Adapter: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) Npcap Loopback Adapter: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) Npcap Loopback Adapter: VMware Bridge Protocol -> vmware_bridge (enabled) Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) Ethernet: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) Conexión de área local: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) Conexión de área local: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) Conexión de área local: VMware Bridge Protocol -> vmware_bridge (enabled) Ethernet 3: VMware Bridge Protocol -> vmware_bridge (enabled) Ethernet 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) Ethernet 3: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKLM\...\StartupApproved\StartupFolder: => "WSAppHelper.lnk" HKLM\...\StartupApproved\StartupFolder: => "WSAndroidAppHelper.lnk" HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger" HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "Argente Utilities" HKLM\...\StartupApproved\Run32: => "BtTray" HKLM\...\StartupApproved\Run32: => "WinampAgent" HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\StartupApproved\Run: => "CCXProcess" HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\StartupApproved\Run: => "ConnectDetector" HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\StartupApproved\Run: => "az7x8ung" HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\StartupApproved\Run: => "Application Restart #2" HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\StartupApproved\Run: => "AirLiveDriveAutoRun" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [{5F2505F4-DD54-4585-A2F1-C18C2B97BF22}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{D2137B9F-F860-444C-9DD6-B4899AD4AECD}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) ==================== Puntos de Restauración ========================= ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Npcap Loopback Adapter Description: Adaptador de bucle invertido KM-TEST de Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: kmloop Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: TAP-Windows Adapter V9 Description: TAP-Windows Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: tap0901 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VMware Virtual Ethernet Adapter for VMnet1 Description: VMware Virtual Ethernet Adapter for VMnet1 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VMware Virtual Ethernet Adapter for VMnet8 Description: VMware Virtual Ethernet Adapter for VMnet8 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VSP de integración de kernel de Microsoft Hyper-V NT Description: VSP de integración de kernel de Microsoft Hyper-V NT Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vkrnlintvsp Problem: : Windows cannot initialize the device driver for this hardware. (Code 37) Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. Name: Realtek RTL8139/810x Family Fast Ethernet NIC Description: NIC de Fast Ethernet de la familia Realtek RTL8139/810x Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Semiconductor Corp. Service: RTL8023x64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (11/25/2020 03:27:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: wmiprvse.exe, versión: 10.0.19041.546, marca de tiempo: 0x5da7ab91 Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000 Código de excepción: 0x80131623 Desplazamiento de errores: 0x00007ff89fb5200f Identificador del proceso con errores: 0x1b9c Hora de inicio de la aplicación con errores: 0x01d6c337151b63cb Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\wbem\wmiprvse.exe Ruta de acceso del módulo con errores: unknown Identificador del informe: 165a3eb0-e13f-46f7-9ed7-cf2cff3c8b72 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (11/25/2020 03:27:20 PM) (Source: .NET Runtime) (EventID: 1025) (User: ) Description: Application: wmiprvse.exe Framework Version: v4.0.30319 Description: The application requested process termination through System.Environment.FailFast(string message). Message: El proveedor ha iniciado una excepción inesperada: System.IO.FileLoadException: File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers() Stack: at System.Environment.FailFast(System.String) at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink) Error: (11/25/2020 03:27:19 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: ) Description: Event-ID 3002 Error: (11/25/2020 03:27:19 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: ) Description: Event-ID 2002 Error: (11/25/2020 03:27:19 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: ) Description: Event-ID 2003 Error: (11/25/2020 02:29:28 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido. . Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Error: (11/25/2020 02:29:07 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado. . A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud. Operación: Recopilando datos del escritor Contexto: Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220} Nombre del escritor: System Writer Id. de instancia del escritor: {a24adbfa-df1a-4717-99d2-bccb65d9b74d} Error: (11/25/2020 04:19:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity(). Details: AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL. System Error: El sistema no puede encontrar el archivo especificado. . Errores del sistema: ============= Error: (11/25/2020 02:31:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: El servicio hvsics depende del servicio CmService, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. Error: (11/25/2020 02:31:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: El servicio CmService depende del servicio HvHost, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. Error: (11/25/2020 02:31:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: El servicio HvHost depende del servicio hvservice, el cual no pudo iniciarse debido al siguiente error: No se ha encontrado el elemento. Error: (11/25/2020 02:31:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio hvservice no pudo iniciarse debido al siguiente error: No se ha encontrado el elemento. Error: (11/25/2020 02:31:29 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \SystemRoot\SysWow64\Drivers\NtFsLdf20.SYS Error: (11/25/2020 02:30:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio VMware Workstation Server terminó inesperadamente. Esto se ha repetido 2 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio. Error: (11/25/2020 02:29:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio. Error: (11/25/2020 02:29:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio CodeMeter Runtime Server se terminó de manera inesperada. Esto ha sucedido 1 veces. Windows Defender: =================================== Date: 2020-11-24 20:13:07.0850000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {C7FF5FBE-2B38-48F4-BBB5-529656A7B8F8} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-11-24 20:04:53.4630000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {6ECA62AA-64F3-4ECF-B69E-60AC69F3817E} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-11-23 23:56:32.8190000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {61EE9CD6-6CF9-4FA4-A1E4-9799FB2B8A65} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-11-22 19:26:07.1700000Z Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {E2D75A87-ED2A-4768-A2F7-C725BD813758} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-11-21 14:53:22.7810000Z Description: El acceso controlado a carpetas impidió que C:\Program Files\ESET\ESET Security\ekrn.exe realizara cambios en la memoria. Tiempo de detección: 2020-11-21T13:53:22.781Z Usuario: NT AUTHORITY\SYSTEM Ruta de acceso: \Device\Harddisk0\DR0 Nombre del proceso: C:\Program Files\ESET\ESET Security\ekrn.exe Versión de inteligencia de seguridad: 1.327.1300.0 Versión del motor: 1.1.17600.5 Versión del producto: 4.18.2010.7 Date: 2020-11-19 13:37:02.6020000Z Description: Antivirus de Microsoft Defender encontró un error al intentar cargar un archivo sospechoso para analizarlo. Nombre de archivo: C:\Windows\Installer\5d8e2d.msi Sha256: e65eb8ced031c5fd391c2c82bd39a338f514f04fb07eb0a5708d7a33b2f2a671 Versión actual de inteligencia de seguridad: AV: 1.327.1185.0, AS: 1.327.1185.0 Versión actual del motor: 1.1.17600.5 Código de error: 0x80508016 CodeIntegrity: =================================== Date: 2020-11-25 16:34:02.9550000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2020-11-25 16:34:02.9530000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2020-11-25 16:32:33.7910000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. Date: 2020-11-25 16:32:33.7890000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. Date: 2020-11-25 16:32:04.8820000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-11-25 16:32:04.8770000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-11-25 16:32:04.2410000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-11-25 16:32:04.2370000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. 2501 04/09/2014 Placa base: ASUSTeK COMPUTER INC. M5A97 EVO R2.0 Procesador: AMD FX(tm)-4300 Quad-Core Processor Porcentaje de memoria en uso: 49% RAM física total: 7927.12 MB RAM física disponible: 3964.96 MB Virtual total: 8439.12 MB Virtual disponible: 4555.78 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:111.16 GB) (Free:10.55 GB) NTFS Drive d: () (Fixed) (Total:149.04 GB) (Free:54.29 GB) NTFS Drive e: () (Fixed) (Total:465.76 GB) (Free:77.43 GB) NTFS Drive l: (WD My Passport) (Fixed) (Total:931.48 GB) (Free:151.97 GB) NTFS Drive m: (My Passport) (Fixed) (Total:931.48 GB) (Free:142.87 GB) NTFS \\?\Volume{508dd2cc-8f05-4d4b-8c2b-a314a6be81e2}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS \\?\Volume{4dd25713-7527-4ff0-804b-573d5300eb55}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Size: 149.1 GB) (Disk ID: F2638184) Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 111.8 GB) (Disk ID: 6582A299) Partition: GPT. ========================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: 217A6D10) No partition Table on disk 2. ========================================================== Disk: 3 (Size: 931.5 GB) (Disk ID: E64B7ED8) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 4 (Size: 931.5 GB) (Disk ID: 16F2A91F) Partition: GPT. ==================== Final de Addition.txt =======================