Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 08-07-2020 01 Ejecutado por car_s (10-07-2020 13:17:51) Ejecutado desde C:\Users\car_s\Desktop Windows 10 Home Single Language Versión 1903 18362.900 (X64) (2020-01-10 23:19:08) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-518414003-2518324091-1017218472-500 - Administrator - Disabled) car_s (S-1-5-21-518414003-2518324091-1017218472-1001 - Administrator - Enabled) => C:\Users\car_s DefaultAccount (S-1-5-21-518414003-2518324091-1017218472-503 - Limited - Disabled) Invitado (S-1-5-21-518414003-2518324091-1017218472-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-518414003-2518324091-1017218472-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Disabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440} FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) ArcGIS 10.3 for Desktop (HKLM-x32\...\{9A0BC33A-EAA8-4ED4-8D0C-CB9B42B06D7F}) (Version: 10.3.4000 - Environmental Systems Research Institute, Inc.) Hidden ArcGIS 10.3 for Desktop (HKLM-x32\...\ArcGIS 10.3 for Desktop) (Version: 10.3.4000 - Environmental Systems Research Institute, Inc.) ArcGIS 10.3 License Manager (HKLM-x32\...\{710C34F3-9270-4DF9-AB44-BC8D71DB24F0}) (Version: 10.3.4000 - Environmental Systems Research Institute, Inc.) Hidden ArcGIS 10.3 License Manager (HKLM-x32\...\ArcGIS 10.3 License Manager) (Version: 10.3.4000 - Environmental Systems Research Institute, Inc.) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.24 - ASUS) AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.108.0 - Autodesk) Hidden AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0409-2102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 Language Pack - English (HKLM\...\{5783F2D7-D001-0409-1102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk) Autodesk AutoCAD 2014 - English SP1 (HKLM\...\AutoCAD 2014 - English SP1) (Version: 1 - Autodesk) Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk) Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) CivilCAD Demo para AutoCAD 2013-2014 64 Bits (HKLM-x32\...\CivilCAD Demo para AutoCAD 2013-2014 64 Bits) (Version: 1.0.0.0 - Arqcom) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.94.51 - Conexant) ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 13.2.15.0 - ESET, spol. s r.o.) FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production) Global Mapper 12 (HKLM-x32\...\{24A2EF09-57E2-45F8-B4CA-D31823BA69A9}) (Version: 12.00.0010 - Global Mapper Software) LibreOffice 6.3.4.2 (HKLM\...\{191F4D69-B671-4163-BB01-901B89A20D04}) (Version: 6.3.4.2 - The Document Foundation) Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.61 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - ) Microsoft OneDrive (HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) PDF to DWG Converter (HKLM-x32\...\{547C9628-C490-48AB-94F4-7F2495562930}) (Version: - ) Prolink Version 1.15 (HKLM-x32\...\{D7BEBBEE-5AF1-4FBB-B666-2CAD7F7646BB}) (Version: - ) Revo Uninstaller 2.1.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.5 - VS Revo Group, Ltd.) SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk) SpywareBlaster 5.6 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.6.0 - BrightFort LLC) WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) Packages: ========= Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2020-01-10] (Facebook Inc) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_580.7.122.0_x64__8xx8rvfyw5nnt [2020-07-03] (Facebook Inc) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-10] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-10] (Microsoft Corporation) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad] ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-518414003-2518324091-1017218472-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-518414003-2518324091-1017218472-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-518414003-2518324091-1017218472-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-518414003-2518324091-1017218472-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc -> Autodesk, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2013-02-08] (Autodesk, Inc -> Autodesk) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-07] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-07] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-05] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-07] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-05] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= 2020-01-10 21:17 - 2020-01-10 21:17 - 262253568 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\App.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000875008 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\c++_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000816640 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\CrossPortability_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000053760 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\EGL_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000087040 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\exif_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000998400 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\ffmpeg_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000829952 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\GLESv2_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 006719488 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\JavaScriptCore_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000453120 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\OpenAL_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 064198144 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 001305600 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\pgl_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000040448 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\pthreadVC_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000113664 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\system_malloc_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000883200 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\System_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000368128 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\SystemResources_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000015872 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\unwind_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 021368832 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\WebCore_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 004304384 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\WebKit_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 001553408 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\WebKitLegacy_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000095232 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\WinMediaFoundation_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000013312 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\WinPhoneBridge_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000373760 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\WP8MSVCBridge.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000147456 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\WP8MSVCCommon.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000098304 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\WRTBridge_osmeta.dll 2020-01-10 21:17 - 2020-01-10 21:17 - 000096768 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt\z_osmeta.dll 2020-05-15 10:46 - 2020-05-15 10:46 - 000372736 _____ () [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\cf4820006f4b991efe5100602acf8ef1\Interop.CxHDAudioAPILib.ni.dll 2020-05-15 10:46 - 2020-05-15 10:46 - 000018944 _____ () [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\39624ab75c5ec36d693095ae24c64631\Interop.CxUtilSvcLib.ni.dll 2020-01-10 18:34 - 2018-03-13 11:21 - 001173504 _____ (Conexant Systems, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll 2014-08-30 17:20 - 2014-08-30 17:20 - 004747264 _____ (Flexera Software LLC) [Archivo no firmado] C:\Program Files (x86)\ArcGIS\License10.3\bin\ARCGIS_libFNP.dll ==================== Alternate Data Streams (Lista blanca) ======== (Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [288] ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.) HKU\S-1-5-21-518414003-2518324091-1017218472-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer sitios de confianza/restringidos ========== (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\1001movie.com -> 1001movie.com Hay 6091 más sitios. ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2019-03-18 23:49 - 2019-03-18 23:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKU\S-1-5-21-518414003-2518324091-1017218472-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\car_s\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hoyla-fgal-fotos-america-celebra-aniversario-m-001.jpg DNS Servers: 192.168.100.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKU\S-1-5-21-518414003-2518324091-1017218472-1001\...\StartupApproved\StartupFolder: => "CivilCAD Demo para AutoCAD 2013-2014 64 Bits - Auto Update.lnk" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [{FC590E06-B779-4B48-B3F7-1DEF7AC6E038}] => (Allow) LPort=50248 ==================== Puntos de Restauración ========================= 16-06-2020 07:08:22 Windows Update 25-06-2020 10:56:11 Punto de control programado 04-07-2020 15:23:40 Punto de control programado ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (07/09/2020 01:41:44 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido. . Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Error: (07/09/2020 01:41:04 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado. . A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud. Operación: Recopilando datos del escritor Contexto: Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220} Nombre del escritor: System Writer Id. de instancia del escritor: {6c6c40bd-f595-4b3c-9f39-75eebcbff1c1} Error: (07/09/2020 12:19:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: msedge.exe, versión: 83.0.478.61, marca de tiempo: 0x5f03cc2d Nombre del módulo con errores: ole32.dll, versión: 10.0.18362.693, marca de tiempo: 0x00331c0f Código de excepción: 0xc0000005 Desplazamiento de errores: 0x00000000000a21c2 Identificador del proceso con errores: 0x368 Hora de inicio de la aplicación con errores: 0x01d656151af53a74 Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe Ruta de acceso del módulo con errores: C:\Windows\System32\ole32.dll Identificador del informe: 344b65aa-2b6a-4f42-a12d-d74b10b7f335 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (07/08/2020 01:11:21 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: ) Description: Event-ID 3002 Error: (07/08/2020 01:11:21 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: ) Description: Event-ID 3002 Error: (07/08/2020 01:11:21 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: ) Description: Event-ID 2002 Error: (07/08/2020 01:11:21 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: ) Description: Event-ID 2002 Error: (07/08/2020 01:11:21 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: ) Description: Event-ID 2003 Errores del sistema: ============= Error: (07/10/2020 12:38:37 PM) (Source: disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (07/10/2020 12:38:37 PM) (Source: disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (07/10/2020 12:38:37 PM) (Source: disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (07/10/2020 12:38:36 PM) (Source: disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (07/10/2020 11:00:46 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (07/10/2020 10:52:58 AM) (Source: disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (07/10/2020 10:52:58 AM) (Source: disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. Error: (07/10/2020 10:52:57 AM) (Source: disk) (EventID: 7) (User: ) Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso. CodeIntegrity: =================================== Date: 2020-07-10 13:14:58.213 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-07-10 06:03:52.972 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-07-10 06:03:52.965 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-07-10 06:03:52.950 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-07-10 06:03:52.942 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-07-10 06:03:52.917 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-07-09 13:23:31.939 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ProgramData\ESET\ESET Security\Updfiles\base_nonnups\nod611C.dll.nup.raw because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-07-09 13:23:31.531 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ProgramData\ESET\ESET Security\Updfiles\base_nonnups\nod611C.dll.nup.raw because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. X555QG.320 09/08/2017 Placa base: ASUSTeK COMPUTER INC. X555QG Procesador: AMD A10-9620P RADEON R5, 10 COMPUTE CORES 4C+6G Porcentaje de memoria en uso: 40% RAM física total: 7120.46 MB RAM física disponible: 4205.6 MB Virtual total: 10459.3 MB Virtual disponible: 6723.86 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:930.88 GB) (Free:860.29 GB) NTFS \\?\Volume{05eb08de-e5f8-47df-a8dd-a3f9b56465f6}\ (Recuperación) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS \\?\Volume{4bd2d661-6be8-45ee-be93-68ccbca4e4a9}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 920CA5D1) Partition: GPT. ==================== Final de Addition.txt =======================