Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 09-01-2021 Ejecutado por m4igu (10-01-2021 23:33:26) Ejecutado desde C:\Users\m4igu\Desktop Windows 10 Home Versión 1909 18363.1256 (X64) (2020-07-24 17:02:39) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-1092995832-2248879882-1141805322-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1092995832-2248879882-1141805322-503 - Limited - Disabled) Invitado (S-1-5-21-1092995832-2248879882-1141805322-501 - Limited - Disabled) m4igu (S-1-5-21-1092995832-2248879882-1141805322-1001 - Administrator - Enabled) => C:\Users\m4igu WDAGUtilityAccount (S-1-5-21-1092995832-2248879882-1141805322-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09} FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) ACDSee 9 Administrador fotografico (HKLM-x32\...\{4AA377FF-9D88-485F-B86E-AE631A1AA069}) (Version: 9.0.108 - ACD Systems Ltd.) Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated) Adobe Photoshop CS6 versión 13.0.1 (HKLM-x32\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.) aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Configurador FNMT (HKLM-x32\...\ConfiguradorFnmt) (Version: 1.0.2 - FNMT-RCM) FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time) Free Amazon Prime Download version 5.0.11.1123 (HKLM-x32\...\Free Amazon Prime Download_is1) (Version: 5.0.11.1123 - FreeGrabApp Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC) Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.) LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation) MediaHuman YouTube to MP3 Converter 3.9.9.41 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.41 - MediaHuman) Microsoft 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.13426.20404 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.65 - ) Microsoft OneDrive (HKU\S-1-5-21-1092995832-2248879882-1141805322-1001\...\OneDriveSetup.exe) (Version: 20.219.1029.0007 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden Opera Stable 73.0.3856.329 (HKLM-x32\...\Opera 73.0.3856.329) (Version: 73.0.3856.329 - Opera Software) qBittorrent 4.3.2 (HKLM-x32\...\qBittorrent) (Version: 4.3.2 - The qBittorrent project) Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) XnView 2.41 (HKLM-x32\...\XnView_is1) (Version: 2.41 - Gougelet Pierre-e) Packages: ========= Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.42.0_x64__pwbj9vvecjh7j [2020-12-10] (Amazon Development Centre (London) Ltd) AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10027.0_x64__0a9344xs7nr4m [2020-12-20] (Advanced Micro Devices Inc.) [Startup Task] AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-07-24] (Advanced Micro Devices Inc.) Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20800.804.0_x64__rz1tebttyb220 [2020-12-12] (Dolby Laboratories) Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-07-25] (Microsoft Corporation) Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-26] (LENOVO INC.) LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.19.0_x64__5grkq8ppsgwt4 [2020-12-16] (LENOVO INC) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-25] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-25] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-22] (Microsoft Studios) [MS Ad] Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.222.0_x64__dt26b99r8h8gj [2020-09-16] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-13] (Spotify AB) [Startup Task] ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\SysWOW64\ACDV.dll [462848 2005-06-20] (ACD Systems) [Archivo no firmado] HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado] ==================== Accesos directos & WMI ======================== (Las entradas pueden ser listadas para ser restauradas o eliminadas.) ShortcutWithArgument: C:\Users\m4igu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ==================== Módulos cargados (Lista blanca) ============= 2004-04-21 15:22 - 2004-04-21 15:22 - 001060864 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\ACD Systems\MFC71.DLL 2003-03-18 21:14 - 2003-03-18 21:14 - 000499712 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\ACD Systems\MSVCP71.dll 2004-04-21 15:22 - 2004-04-21 15:22 - 000348160 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\ACD Systems\MSVCR71.dll 2020-12-20 00:04 - 2020-11-03 08:06 - 000954864 _____ (SQLite Development Team) [Archivo no firmado] C:\ProgramData\Lenovo\Vantage\Addins\Lenovo.Vantage.SmartPerformanceAddin\1.0.0.81\sqlite3.dll ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer (Lista blanca) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1092995832-2248879882-1141805322-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.es/#spf=1608068488334 HKU\S-1-5-21-1092995832-2248879882-1141805322-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE SearchScopes: HKU\S-1-5-21-1092995832-2248879882-1141805322-1001 -> DefaultScope {BC185332-2FC2-4133-BA01-79D5D7F6B00F} URL = SearchScopes: HKU\S-1-5-21-1092995832-2248879882-1141805322-1001 -> {BC185332-2FC2-4133-BA01-79D5D7F6B00F} URL = BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKU\S-1-5-21-1092995832-2248879882-1141805322-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\m4igu\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_20200907_134051.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [{FD5C5669-0330-418D-81D7-FD96F3990A30}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) FirewallRules: [{5CB7E015-8AD7-4845-9170-DC8C2B77B7C1}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) FirewallRules: [{09AE8D82-0193-4C69-9474-257B2281E189}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) FirewallRules: [{474A7409-6744-4593-9E0F-16D22694A0A0}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) FirewallRules: [{74790571-B9CC-4573-9DB3-F89C92396FE2}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) FirewallRules: [{F95B2065-BE16-480D-8B49-75B27DEBCCC1}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) FirewallRules: [{985AE8D2-F5A3-40DC-873E-876C4B6A7480}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time) FirewallRules: [{01F5E173-7467-44AC-ADB1-B29D844809CC}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time) FirewallRules: [{B9D12238-10EE-4687-97A0-ED99D9DD7204}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DE510AA3-62AD-4CC1-B0E5-890619BBF6F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DA7D53B1-E320-48C1-8544-D0697023A9D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{86686D87-ABF7-4F7D-961C-E86081223159}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{06C606D3-3E2C-4207-A1B1-D77D4FECF708}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D399516C-D2C1-445D-8830-D961EA05D826}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3BB7EA52-0E5C-45A8-BFE1-77343E2A6897}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B29D0081-FCED-4F64-8C2F-D00D7CF961B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{8530856C-00A3-4F82-868B-154A76ED9B94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{36FB9FAA-D2EF-4BFE-A2AB-AF0772945E4E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{F86B6DFD-CC06-4521-B8DB-26EB362345BF}] => (Allow) C:\Program Files\Opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{E9D9CD08-9C2F-4D37-B98D-F0F337BEA67E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{01AFF836-6B87-40A4-B3E8-675C7FD5F9AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1F316FB2-FDE5-498F-9E18-F1E91AC89AD5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{60FA31CD-FB9A-4261-B7AE-751F1B3FD1A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0E9E238C-8F26-45C7-B53A-A7DB025824B0}] => (Allow) C:\Program Files\Opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{48F19B40-0244-4AEE-8451-0BC72B4A91C2}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado] FirewallRules: [{85CAAD6B-4B6E-4704-AAA1-E427D9F7E662}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado] ==================== Puntos de Restauración ========================= 16-12-2020 22:15:12 Revo Uninstaller Pro's restore point - Google Chrome 20-12-2020 00:39:36 Windows Update 05-01-2021 23:40:59 AdwCleaner_BeforeCleaning_05/01/2021_23:40:58 08-01-2021 00:42:43 Revo Uninstaller Pro's restore point - Malwarebytes version 4.3.0.98 08-01-2021 01:07:51 Revo Uninstaller Pro's restore point - FRST64 ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (01/08/2021 12:43:03 AM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center no pudo validar al autor de la llamada con el error %1. Error: (01/08/2021 12:42:42 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado. . A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud. Operación: Recopilando datos del escritor Contexto: Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220} Nombre del escritor: System Writer Id. de instancia del escritor: {51fd311f-16a6-468c-938d-c047358e7681} Error: (01/08/2021 12:35:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: mbam.exe, versión: 4.0.0.865, marca de tiempo: 0x5fc55bed Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x5f84e8d4 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0000000000219dc5 Identificador del proceso con errores: 0x29fc Hora de inicio de la aplicación con errores: 0x01d6e54d9d638d11 Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Identificador del informe: efb64501-8276-49e9-81b5-9690d3e62353 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (01/05/2021 11:34:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: chrome.exe, versión: 87.0.4280.88, marca de tiempo: 0x5fc6dfae Nombre del módulo con errores: SHELL32.dll_unloaded, versión: 10.0.18362.1237, marca de tiempo: 0x4a880a39 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x000000000027c375 Identificador del proceso con errores: 0x1a10 Hora de inicio de la aplicación con errores: 0x01d6e3b2e6ea5c32 Ruta de acceso de la aplicación con errores: C:\Program Files\Google\Chrome\Application\chrome.exe Ruta de acceso del módulo con errores: SHELL32.dll Identificador del informe: 3bff01be-492a-4a5d-921e-3947d03ed6e6 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (12/16/2020 10:15:12 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado. . A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud. Operación: Recopilando datos del escritor Contexto: Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220} Nombre del escritor: System Writer Id. de instancia del escritor: {1b3ea56c-4ccd-4bec-a12b-2510bee10a73} Error: (12/11/2020 09:10:01 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY) Description: El subárbol del usuario se carga mediante otro proceso (bloqueo del registro) nombre del proceso: C:\Windows\System32\svchost.exe, PID: 3224, ProfSvc PID: 1944. Error: (12/08/2020 02:11:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: FreeAmazonPrimeDownload.exe, versión: 5.0.11.1123, marca de tiempo: 0x5fbba3e5 Nombre del módulo con errores: FreeAmazonPrimeDownload.exe, versión: 5.0.11.1123, marca de tiempo: 0x5fbba3e5 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0005312f Identificador del proceso con errores: 0x3568 Hora de inicio de la aplicación con errores: 0x01d6cd597fc9e0f0 Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\FreeGrabApp\Free Amazon Prime Download\FreeAmazonPrimeDownload.exe Ruta de acceso del módulo con errores: C:\Program Files (x86)\FreeGrabApp\Free Amazon Prime Download\FreeAmazonPrimeDownload.exe Identificador del informe: 80ece727-0d50-44ff-9783-0b484df165ff Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (12/08/2020 12:58:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: FreeAmazonPrimeDownload.exe, versión: 5.0.11.1123, marca de tiempo: 0x5fbba3e5 Nombre del módulo con errores: FreeAmazonPrimeDownload.exe, versión: 5.0.11.1123, marca de tiempo: 0x5fbba3e5 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0005312f Identificador del proceso con errores: 0x2fa0 Hora de inicio de la aplicación con errores: 0x01d6cd5973ece8ef Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\FreeGrabApp\Free Amazon Prime Download\FreeAmazonPrimeDownload.exe Ruta de acceso del módulo con errores: C:\Program Files (x86)\FreeGrabApp\Free Amazon Prime Download\FreeAmazonPrimeDownload.exe Identificador del informe: e2824df0-f2ed-465f-a8bf-c886777b32de Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Errores del sistema: ============= Error: (01/10/2021 11:20:02 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-POOKIJM6) Description: El servidor Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (01/10/2021 11:17:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-POOKIJM6) Description: El servidor Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (01/10/2021 12:32:47 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-POOKIJM6) Description: El servidor Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (01/10/2021 12:30:11 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-POOKIJM6) Description: El servidor Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (01/09/2021 11:17:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-POOKIJM6) Description: El servidor Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (01/09/2021 11:12:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-POOKIJM6) Description: El servidor Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (01/08/2021 11:14:26 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-POOKIJM6) Description: El servidor Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido. Error: (01/08/2021 11:13:28 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-POOKIJM6) Description: El servidor Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido. Windows Defender: =================================== Date: 2020-12-20 00:39:31.778 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {F6502E4A-8A92-49DA-B265-30EBAFFBF2D4} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-12-15 17:47:33.699 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {1C464ACF-B5B0-4CB5-A5A5-2045E25D2FFA} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-12-14 13:50:07.510 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {921A7154-BDFD-4EB5-BA11-AEE0D1606132} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-12-14 13:21:26.739 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {EFD4FAFE-CC04-4B6F-A284-5C9054824205} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-12-14 13:07:29.688 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {8C21D57C-5189-497D-ACE3-67D3AC06434B} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM CodeIntegrity: =================================== Date: 2020-11-25 11:30:02.050 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system. Date: 2020-11-25 11:30:02.037 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system. Date: 2020-11-25 11:29:45.018 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system. Date: 2020-11-25 11:29:45.001 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system. Date: 2020-11-25 10:48:56.630 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system. Date: 2020-11-25 10:48:56.612 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system. Date: 2020-11-25 10:48:35.285 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system. Date: 2020-11-25 10:48:35.271 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system. ==================== Información de la memoria =========================== BIOS: LENOVO E8CN20WW 04/10/2020 Placa base: LENOVO LNVNB161216 Procesador: AMD 3020e with Radeon Graphics Porcentaje de memoria en uso: 59% RAM física total: 6020.26 MB RAM física disponible: 2446.04 MB Virtual total: 6980.26 MB Virtual disponible: 2935.41 MB ==================== Unidades ================================ Drive c: (Windows-SSD) (Fixed) (Total:237.23 GB) (Free:54.79 GB) NTFS \\?\Volume{c0e3e270-1e50-41f9-b179-f9ca9e12c2e4}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS \\?\Volume{0beb0363-96dc-4cc9-964a-be0b4fbeacd2}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 53BF9932) Partition: GPT. ==================== Final de Addition.txt =======================