Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 02-02-2020 02 Ejecutado por Florenci (05-02-2020 18:45:14) Ejecutado desde C:\Users\Florenci\Desktop Windows 10 Home Versión 1909 18363.628 (X64) (2019-05-29 20:06:59) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-549940460-2404856339-1566757125-500 - Administrator - Disabled) => C:\Users\Administrador DefaultAccount (S-1-5-21-549940460-2404856339-1566757125-503 - Limited - Disabled) Florenci (S-1-5-21-549940460-2404856339-1566757125-1000 - Administrator - Enabled) => C:\Users\Florenci Invitado (S-1-5-21-549940460-2404856339-1566757125-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-549940460-2404856339-1566757125-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22749 - Microsoft Corporation) Backup and Sync from Google (HKLM\...\{825F60D9-2633-4D52-B2B0-5DA143433BBC}) (Version: 3.48.8668.1933 - Google, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform) CrystalDiskInfo 8.3.1 Kurei Kei Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.3.1 - Crystal Dew World) CrystalDiskInfo 8.4.0 Kurei Kei Edition (64-bit) (HKLM\...\CrystalDiskInfo_is1) (Version: 8.4.0 - Crystal Dew World) Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) File Splitter and Joiner (FFSJ v3.3) (HKLM-x32\...\File Splitter and Joiner_is1) (Version: - Le Minh Hoang) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 79.0.309.71 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.119.43 - ) Microsoft OneDrive (HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 72.0.2 (x64 ca) (HKLM\...\Mozilla Firefox 72.0.2 (x64 ca)) (Version: 72.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0 - Mozilla) netcut version 3.5.4 (HKLM-x32\...\{6BE5152F-0885-4AA5-8385-4AD2D8472C71}_is1) (Version: 3.5.4 - arcai.com) NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue) Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1035.0 - Passmark Software) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.) Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.) Screamer Radio (HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\Screamer) (Version: 1.6840.41260 - Steamcore) SoftPerfect WiFi Guard version 2.1.2 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 2.1.2 - SoftPerfect) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1026 - SUPERAntiSpyware.com) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) XnView 2.49.2 (HKLM-x32\...\XnView_is1) (Version: 2.49.2 - Gougelet Pierre-e) Packages: ========= Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2017-09-08] (Acer Incorporated) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1691.1.0_x86__kgqvnymyfvs32 [2020-02-04] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.156.300.0_x86__kgqvnymyfvs32 [2020-01-30] (king.com) Comunitat lingüística -> C:\Program Files\WindowsApps\Microsoft.LanguageCommunity_2.1905.21511.0_x64__8wekyb3d8bbwe [2019-07-03] (Microsoft Corporation) Fondos de Naturaleza -> C:\Program Files\WindowsApps\OnionSoftware.FreeNatureWallpapers_1.1.2.0_x64__ervdxkv9fa05r [2017-09-09] (Opening Code LTD) [MS Ad] Fondos Hermosos -> C:\Program Files\WindowsApps\OnionSoftware.FreeBeautifulWallpapersHD_1.1.0.0_x64__ervdxkv9fa05r [2017-09-09] (Opening Code LTD) [MS Ad] Ice Crystals PREMIUM -> C:\Program Files\WindowsApps\Microsoft.IceCrystalsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-01-12] (Microsoft Corporation) Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_18.5.500.0_x64__4n2hpmxwrvr6p [2019-12-14] (XBMC Foundation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad] Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Studios) [MS Ad] MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad] MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad] MSN El Temps -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad] OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.22.5.0_x64__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation) Rellotge -> C:\Program Files\WindowsApps\12199Asparion.AsparionClock_4.0.2.69_x64__f89vgcf3qm37t [2017-09-08] (Asparion) [MS Ad] River Delta PREMIUM -> C:\Program Files\WindowsApps\Microsoft.RiverDeltaPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-01-12] (Microsoft Corporation) TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.7.0_x64__6bhtb546zcxnj [2019-09-20] (TuneIn) [MS Ad] Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-13] (Twitter Inc.) uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2018-12-28] (Nik Rolls) Umbrellas -> C:\Program Files\WindowsApps\Microsoft.Umbrellas_1.0.0.0_neutral__8wekyb3d8bbwe [2020-01-03] (Microsoft Corporation) VPN Shield 2 - conexión segura a Internet gratuito para el acceso anónimo privada ilimitada -> C:\Program Files\WindowsApps\D17A4821.VPNShield2_3.16.0.0_x64__2zm6z74hr5n3c [2019-08-14] (Defendemus sp. z o.o.) What Next PREMIUM -> C:\Program Files\WindowsApps\Microsoft.WhatNextPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-01-12] (Microsoft Corporation) WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.4.315.0_x64__cv1g1gvanyjgm [2020-01-30] (WhatsApp Inc.) WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2017-09-08] (Microsoft Corporation) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers1-x32: [FFSJ] -> {AB0DFD4E-9145-4412-85E4-D1EC5F4F1B1F} => C:\WINDOWS\SysWow64\FFSJ\FFSJSHL.dll [2008-07-20] () [Archivo no firmado] ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google) ContextMenuHandlers1-x32: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files (x86)\XnView\ShellEx\XnViewShellExt.dll [2015-02-19] () [Archivo no firmado] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado] ==================== Accesos directos & WMI ======================== (Las entradas pueden ser listadas para ser restauradas o eliminadas.) ShortcutWithArgument: C:\Users\Florenci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Florenci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Florenci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\Users\Florenci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6" ==================== Módulos cargados (Lista blanca) ============= ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE trusted site: HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\localhost -> localhost ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2018-08-17 12:21 - 2020-02-01 18:21 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKU\S-1-5-21-549940460-2404856339-1566757125-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Florenci\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 1.1.1.1 - 1.0.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKLM\...\StartupApproved\StartupFolder: => "HandyAndy.lnk" HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant" HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\StartupApproved\Run: => "FooPlayer" HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\StartupApproved\Run: => "SUPERAntiSpyware" HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\StartupApproved\Run: => "RainWallpaper" HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\StartupApproved\Run: => "Windscribe" HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\StartupApproved\Run: => "Delete Cached Update Binary" HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\StartupApproved\Run: => "Delete Cached Standalone Update Binary" HKU\S-1-5-21-549940460-2404856339-1566757125-1000\...\StartupApproved\Run: => "GoogleDriveSync" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [{D94D2BBD-571E-4092-96C3-7B8DB7CFF02F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B29BD4AE-71F3-49A2-BC94-9EDDCAA1F29D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{E3098F87-A507-4884-8657-B9FCBFCE6909}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [UDP Query User{919A82A7-545A-49BC-BCB6-BF965F4676E6}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [TCP Query User{3E4700AC-0B8B-4800-948E-3714A6776A62}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [UDP Query User{B6301D1C-A74E-4F24-80EE-C06A08DFB2F1}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [{B9DC13F7-7606-48E5-B0E9-F73F6EBC3681}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4590874F-CDC8-47AA-90FC-0DDC9C49CC5B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{11EB0F56-9B67-40ED-B24F-3BAF418A847D}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{DE9C9E99-AFCE-4D9C-9BC1-33335B1306FC}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{17E11079-D83F-4320-962B-6575993E39F1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{8DE11D4C-D829-4848-86E4-D04A61244BA3}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) ==================== Puntos de Restauración ========================= 30-01-2020 18:50:07 Windows Update 03-02-2020 00:09:37 Instalador de Módulos de Windows ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (02/05/2020 06:40:42 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3852,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/05/2020 06:27:50 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Florenci-PC) Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado. Error: (02/04/2020 08:43:22 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4176,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/04/2020 08:34:16 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: El servicio Windows Search no pudo procesar la lista de ubicaciones incluidas y excluidas. Error: <30, 0x80040d07, "iehistory://{S-1-5-21-549940460-2404856339-1566757125-1000}/">. Error: (02/04/2020 08:34:15 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: El servicio Windows Search no pudo procesar la lista de ubicaciones incluidas y excluidas. Error: <30, 0x80040d07, "iehistory://{S-1-5-21-549940460-2404856339-1566757125-1000}/">. Error: (02/04/2020 08:30:52 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido. . Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Error: (02/04/2020 08:22:39 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido. . Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Error: (02/04/2020 08:13:36 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Florenci-PC) Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado. Errores del sistema: ============= Error: (02/05/2020 06:28:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: El servicio Energy Server Service queencreek no respondió después de iniciar. Error: (02/05/2020 06:24:19 PM) (Source: DCOM) (EventID: 10001) (User: Florenci-PC) Description: No se puede iniciar un servidor DCOM: Microsoft.YourPhone_1.19122.138.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca como No disponible/No disponible. Error "2147942402" al iniciar este comando: "C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19122.138.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca Error: (02/04/2020 09:01:22 PM) (Source: DCOM) (EventID: 10010) (User: Florenci-PC) Description: El servidor microsoft.windowscommunicationsapps_16005.12430.20136.0_x64__8wekyb3d8bbwe!microsoft.windowslive.mail no se registró con DCOM dentro del tiempo de espera requerido. Error: (02/04/2020 08:51:03 PM) (Source: DCOM) (EventID: 10001) (User: Florenci-PC) Description: No se puede iniciar un servidor DCOM: Microsoft.YourPhone_1.19122.138.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca como No disponible/No disponible. Error "2147942402" al iniciar este comando: "C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19122.138.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca Error: (02/04/2020 08:45:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Ayudante para el inicio de sesión de cuenta Microsoft no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control. Error: (02/04/2020 08:45:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Ayudante para el inicio de sesión de cuenta Microsoft. Error: (02/04/2020 08:45:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Actualizador de zona horaria automática no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control. Error: (02/04/2020 08:45:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Actualizador de zona horaria automática. Windows Defender: =================================== Date: 2020-02-04 20:45:57.071 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {73182541-65CD-47A5-901E-0DF3B5F9D63F} Tipo de examen: Antimalware Parámetros de examen: Examen completo Usuario: Florenci-PC\Florenci Date: 2020-02-04 07:39:26.667 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {04A410CF-D687-4C2F-A603-7C3EC6653163} Tipo de examen: Antimalware Parámetros de examen: Examen completo Usuario: Florenci-PC\Florenci Date: 2020-02-03 18:47:20.524 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {1CC87FCA-DB75-42FD-8562-3373915BA125} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-01-22 20:38:32.631 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {910CCDAC-8D19-492A-9986-1A649BE52EE2} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-01-22 20:25:59.211 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {177FD78D-EC5E-44C1-8877-C2CAA6F0EC18} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-02-02 20:49:13.910 Description: Antivirus de Windows Defender encontró un error al intentar cargar la inteligencia de seguridad e intentará revertir a una versión que sepa que es correcta. Inteligencia de seguridad intentada: Copia de seguridad Código de error: 0x80070005 Descripción del error: Acceso denegado. Versión de inteligencia de seguridad: 1.309.212.0;1.309.212.0 Versión del motor: 1.1.16700.3 Date: 2020-02-02 20:49:12.816 Description: Antivirus de Windows Defender encontró un error al intentar cargar la inteligencia de seguridad e intentará revertir a una versión que sepa que es correcta. Inteligencia de seguridad intentada: Actual Código de error: 0x80070005 Descripción del error: Acceso denegado. Versión de inteligencia de seguridad: 1.309.215.0;1.309.215.0 Versión del motor: 1.1.16700.3 Date: 2020-02-01 19:29:46.267 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.309.161.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16700.3 Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Date: 2020-02-01 19:19:08.255 Description: La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2020-02-01 19:05:33.922 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.309.161.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16700.3 Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores CodeIntegrity: =================================== Date: 2019-11-19 19:47:14.694 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-11-19 19:47:14.680 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-11-19 19:47:14.060 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-11-19 19:47:14.046 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-11-19 19:47:14.028 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system. Date: 2019-11-19 19:47:14.009 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system. Date: 2019-11-19 19:47:13.063 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2019-11-19 19:47:12.964 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. ==================== Información de la memoria =========================== BIOS: Acer V1.02 04/20/2011 Placa base: Acer Aspire 5733Z Procesador: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz Porcentaje de memoria en uso: 35% RAM física total: 7862.7 MB RAM física disponible: 5055.66 MB Virtual total: 15798.7 MB Virtual disponible: 13127.23 MB ==================== Unidades ================================ Drive c: (Acer) (Fixed) (Total:449.66 GB) (Free:356.91 GB) NTFS \\?\Volume{117a4172-a2e8-11e3-aced-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{117a4171-a2e8-11e3-aced-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:16 GB) (Free:2.78 GB) NTFS ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AD5CD5F4) Partition 1: (Not Active) - (Size=16 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=449.7 GB) - (Type=07 NTFS) ==================== Final de Addition.txt =======================