Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 11-11-2020 Ejecutado por Usuario (12-11-2020 00:03:57) Ejecutado desde C:\Users\Usuario\Desktop Windows 10 Home Versión 2004 19041.630 (X64) (2020-09-16 00:05:16) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-2873243708-2116610979-1280463503-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2873243708-2116610979-1280463503-503 - Limited - Disabled) Invitado (S-1-5-21-2873243708-2116610979-1280463503-501 - Limited - Disabled) Usuario (S-1-5-21-2873243708-2116610979-1280463503-1000 - Administrator - Enabled) => C:\Users\Usuario WDAGUtilityAccount (S-1-5-21-2873243708-2116610979-1280463503-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: ESET Security (Disabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440} AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) "Castlevania - Lords of Shadow - Mirror of Fate HD" (HKLM-x32\...\{DDFE028C-6FE4-41D5-80AF-EF6AA830824E}_is1) (Version: 1.0.684551.0 (Update 1) - ) µTorrent (HKU\S-1-5-21-2873243708-2116610979-1280463503-1000\...\uTorrent) (Version: 3.5.5.45790 - BitTorrent Inc.) Actualización de NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated) Backup and Sync from Google (HKLM\...\{86E7EC52-41D9-4573-951C-FB7AC339A251}) (Version: 3.52.3372.2621 - Google, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.1 - Canon Inc.) CanoScan LiDE 400 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4813S) (Version: 1.00 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 14.0.22.0 - ESET, spol. s r.o.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.193 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.1.1075 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden IPCCameraOCX (HKLM-x32\...\IPCCameraOCX) (Version: - ) IPCTool (HKLM-x32\...\IPCTool) (Version: - ) Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.63 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - ) Microsoft Office Profesional 2016 - es-es (HKLM\...\ProfessionalRetail - es-es) (Version: 16.0.13328.20292 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2873243708-2116610979-1280463503-1000\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) NoxPlayer (HKLM-x32\...\Nox) (Version: 6.6.1.2 - Duodian Technology Co. Ltd.) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA Controlador de audio HD 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation) NVIDIA Controlador de gráficos 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13328.20278 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20278 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20292 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.13328.20278 - Microsoft Corporation) Hidden OpenOffice 4.1.5 (HKLM-x32\...\{A93E0F8F-B3C1-4784-916D-15865808017B}) (Version: 4.15.9789 - Apache Software Foundation) OpenOffice 4.1.5 Language Pack (Spanish) (HKLM-x32\...\{0D7AC7A4-D8B5-4EE9-9C55-06CC237D902C}) (Version: 4.15.9789 - Apache Software Foundation) Panel de control de NVIDIA 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 445.75 - NVIDIA Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.) Software para dispositivos de chipset Intel® (HKLM-x32\...\{bd366c5e-00cd-46ed-b647-0b9874f32140}) (Version: 10.1.17809.8096 - Intel(R) Corporation) Hidden Super Bomberman R (HKLM\...\SKIDROW - Super Bomberman R) (Version: - SKIDROW) Transmission 3.00 (bb6b5a062e) (x64) (HKLM\...\{B206C51C-27D2-4251-95E2-B4B28DE80633}) (Version: 3.00.0 - Transmission Project) Tyrian 2000 (HKLM-x32\...\1207658901_is1) (Version: 3.0 - GOG.com) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 18 - Windscribe Limited) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) WiperSoft 1.1.1157.64 (HKLM\...\{AB1C8C91-4D8E-4C28-80E7-FD135FB90515}}_is1) (Version: 1.1.1157.64 - WiperSoft) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment) Packages: ========= BlueMail Email -> C:\Program Files\WindowsApps\BlueMail.BlueMailEmail_1.1.44.0_x64__t08282y3j4hc4 [2020-11-05] (Blix Inc) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1890.2.0_x86__kgqvnymyfvs32 [2020-11-05] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.180.400.0_x86__kgqvnymyfvs32 [2020-10-29] (king.com) Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-06] (Canon Inc.) Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-10-15] (Microsoft Corporation) Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-14] (Microsoft Corporation) Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-04] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-14] (Netflix, Inc.) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-09-21] (Adobe Systems Incorporated) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-2873243708-2116610979-1280463503-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2873243708-2116610979-1280463503-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2873243708-2116610979-1280463503-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2873243708-2116610979-1280463503-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2873243708-2116610979-1280463503-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2873243708-2116610979-1280463503-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-10-14] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-10-14] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-10-14] (Google LLC -> Google) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-10] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-10-14] (Google LLC -> Google) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-10] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-19] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-10-14] (Google LLC -> Google) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-10] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-19] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= 2020-11-05 23:09 - 2020-11-05 23:09 - 000543232 _____ () [Archivo no firmado] \\?\C:\Program Files\WindowsApps\BlueMail.BlueMailEmail_1.1.44.0_x64__t08282y3j4hc4\app\resources\app.asar.unpacked\node_modules\spellchecker\build\Release\spellchecker.node 2018-08-27 22:09 - 2015-05-08 13:26 - 000104448 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2020-10-27 11:37 - 2020-10-27 11:37 - 002123264 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\BlueMail.BlueMailEmail_1.1.44.0_x64__t08282y3j4hc4\app\ffmpeg.dll 2020-10-27 11:37 - 2020-10-27 11:37 - 000131072 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\BlueMail.BlueMailEmail_1.1.44.0_x64__t08282y3j4hc4\app\libegl.dll 2020-10-27 11:37 - 2020-10-27 11:37 - 006792704 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\BlueMail.BlueMailEmail_1.1.44.0_x64__t08282y3j4hc4\app\libglesv2.dll ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer (Lista blanca) ========== HKU\S-1-5-21-2873243708-2116610979-1280463503-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://google.es/ BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-11-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-06] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2020-02-10 19:25 - 2020-02-14 18:27 - 000000903 _____ C:\WINDOWS\system32\drivers\etc\hosts 27.122.12.226 hk-002.whiskergalaxy.com #added by Windscribe, do not modify. ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKU\S-1-5-21-2873243708-2116610979-1280463503-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 212.230.135.2 - 212.230.135.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKLM\...\StartupApproved\Run: => "SecurityHealth" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [{EE8FD10B-B4CB-43F1-A975-82F9AB9C7DAB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{394DF6A4-847C-428C-BB16-4136DA45FA78}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AF5A7601-B639-427D-8A56-A6E572AF6171}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{39C51EF6-CFF2-47B2-99EB-9F2D2E2FBB05}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{9D3ED1BA-3F48-4BF6-B259-AEF9791A2A01}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project) FirewallRules: [TCP Query User{E5DCDC1A-0C5E-47BA-AB7F-67B038900A3D}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project) FirewallRules: [{5665B5E6-F852-42F4-AB0E-2B1F301D93FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{89676A69-E22A-4246-850B-4B66E7FA24E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8276D4AA-7586-4AFA-99DE-BDEBE6043D7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B80B2A1E-B554-46F5-B536-0C4A2E9783D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C14E85B5-3308-4CEC-96E4-F66165D5506D}] => (Allow) C:\Games\Castlevania - Lords of Shadow - Mirror of Fate HD\CMOF.exe (Mercury Steam Entertainment S.L.) [Archivo no firmado] FirewallRules: [{89005176-C14B-4255-98D4-1D01C80F733B}] => (Allow) C:\Games\Castlevania - Lords of Shadow - Mirror of Fate HD\CMOF.exe (Mercury Steam Entertainment S.L.) [Archivo no firmado] FirewallRules: [{7CDC55E7-6905-4583-8C0D-47E72F259F37}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> Nox Limited Corporation) FirewallRules: [{1044041D-3A0A-49EB-BAB8-BEFE0478987A}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.) FirewallRules: [{B19210EA-4948-4F7A-BDEB-B5BA783A34B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B73BCEA1-C31A-4D65-B232-FC4D0F8BFD2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E85AC1D5-DB6F-4B23-8973-91A1CB59DB41}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{7D088253-1C1A-4EA8-8246-2FFC6E24E507}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{34EB48F2-7ADA-4492-BDE0-174C8B0B4F82}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{7CE33B9C-C771-483F-8C88-D7A8A35AD8F7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{0F7A3908-8218-41F8-BB2C-39C6DFF7E8D7}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{C0563127-3D8E-457B-ABA4-DB69257D3DA7}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{4FFE0BF8-C8A1-49B1-AACF-42A429108A69}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe () [Archivo no firmado] FirewallRules: [UDP Query User{4F6FDF2E-3347-4A0C-AC0D-F98DD16A6E86}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe () [Archivo no firmado] FirewallRules: [{3C05A938-B25E-4D64-B3E8-8E1DF3B0CAF2}] => (Allow) C:\Program Files (x86)\IPCTool\IPCTool.exe () [Archivo no firmado] FirewallRules: [TCP Query User{1B080607-A01E-44A8-ADC3-976BE3C841BC}D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{7BD533FA-4BF5-46CF-9086-85B2F8E80DDC}D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{F8D34CF6-A135-4DFA-9C2F-112250EA3CFB}C:\users\usuario\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\usuario\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon Services LLC) FirewallRules: [UDP Query User{8559A68A-1A94-4F3B-B45B-B0E96DC2DB93}C:\users\usuario\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\usuario\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon Services LLC) FirewallRules: [TCP Query User{B6328104-A6AB-4C9C-83D7-68978AF42BD7}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [UDP Query User{E62876B8-9FE6-4B4A-B9D0-AC338FB98068}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [{5B90D1DF-4682-4783-BA9A-47FE70E6E142}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{3953CEBB-F7A8-4F81-857B-AB870D7C1850}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{B86DD090-C11A-4F99-AA63-9EE03E130871}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ED326E06-5848-45F9-A722-83A83F1771D2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Puntos de Restauración ========================= ATENCIÓN: Restaurar Sistema está deshabilitado (Total:111.19 GB) (Free:62.54 GB) (56%) ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (11/12/2020 12:04:17 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2020-11-14T19:28:17Z. Código de error: 0x80070002. Error: (11/12/2020 12:03:47 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2020-11-14T19:27:47Z. Código de error: 0x80070002. Error: (11/12/2020 12:03:17 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2020-11-14T19:28:17Z. Código de error: 0x80070002. Error: (11/12/2020 12:02:47 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2020-11-14T19:27:47Z. Código de error: 0x80070002. Error: (11/12/2020 12:02:17 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2020-11-14T19:28:17Z. Código de error: 0x80070002. Error: (11/12/2020 12:01:47 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2020-11-14T19:27:47Z. Código de error: 0x80070002. Error: (11/12/2020 12:00:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2020-11-14T19:27:57Z. Código de error: 0x80070002. Error: (11/12/2020 12:00:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2020-11-14T19:28:27Z. Código de error: 0x80070002. Errores del sistema: ============= Error: (11/11/2020 07:53:40 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-QF13VUL) Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error "2147942767" al iniciar este comando: C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (11/11/2020 04:49:44 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-QF13VUL) Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error "2147942767" al iniciar este comando: C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (11/10/2020 09:55:11 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: Error irrecuperable al crear una credencial TLS cliente. El estado de error interno es 10013. Error: (11/10/2020 07:21:42 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: Error irrecuperable al crear una credencial TLS cliente. El estado de error interno es 10013. Error: (11/10/2020 06:51:22 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: Error irrecuperable al crear una credencial TLS cliente. El estado de error interno es 10013. Error: (11/08/2020 09:53:15 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY) Description: Se detectó un daño en la estructura del sistema de archivos del volumen \\?\Volume{5c58562a-0000-0000-0000-c0da88000000}. Se desconoce la naturaleza exacta del daño. Las estructuras del sistema de archivos deberán examinarse y corregirse sin conexión. Error: (11/08/2020 09:53:15 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY) Description: \\?\Volume{5c58562a-0000-0000-0000-c0da88000000}\Device\HarddiskVolume143 Error: (11/08/2020 09:53:14 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY) Description: E:\Device\HarddiskVolume133 CodeIntegrity: =================================== Date: 2020-11-11 23:31:05.4880000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-11-11 16:56:15.3490000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-11-11 16:56:15.3460000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-11-11 16:56:15.3390000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-11-11 16:54:45.2970000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-11-11 16:54:45.2940000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-11-11 16:54:45.2900000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-11-11 16:54:45.2870000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. 0805 08/03/2018 Placa base: ASUSTeK COMPUTER INC. PRIME B360M-A Procesador: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz Porcentaje de memoria en uso: 29% RAM física total: 16302.39 MB RAM física disponible: 11513.8 MB Virtual total: 18734.39 MB Virtual disponible: 12180.78 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:111.19 GB) (Free:62.54 GB) NTFS Drive d: (HDD) (Fixed) (Total:931.5 GB) (Free:695.85 GB) NTFS \\?\Volume{f874c024-28a8-4dd9-80ad-a79dc5390d59}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS \\?\Volume{4f31f410-6915-4494-a567-59249d5ba1f7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Final de Addition.txt =======================