Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 22-04-2022 Ejecutado por JOSEMANUEL (30-04-2022 16:17:36) Ejecutado desde C:\Users\JOSEMANUEL\Downloads Microsoft Windows 10 Home Versión 21H2 19044.1682 (X64) (2020-08-28 15:28:46) Modo de Inicio: Safe Mode (with Networking) ========================================================== ==================== Cuentas: ============================= (Si una entrada es incluida en el fixlist, será eliminada.) Administrador (S-1-5-21-1713810364-3618217416-4259660789-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1713810364-3618217416-4259660789-503 - Limited - Disabled) Invitado (S-1-5-21-1713810364-3618217416-4259660789-501 - Limited - Disabled) JOSEMANUEL (S-1-5-21-1713810364-3618217416-4259660789-1001 - Administrator - Enabled) => C:\Users\JOSEMANUEL WDAGUtilityAccount (S-1-5-21-1713810364-3618217416-4259660789-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Brother MFL-Pro Suite MFC-8520DN (HKLM-x32\...\{37372D85-4945-4B6B-AC87-7BC5D1AB9F5C}) (Version: 2.0.1.0 - Brother Industries, Ltd.) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7041 - CDBurnerXP) Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation) Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.41 - Google LLC) HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.) HP Color LaserJet Enterprise M552 (HKLM-x32\...\{af075933-726e-4334-8649-e102d0786033}) (Version: 14.0.18141.351 - Hewlett-Packard) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.) HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.) HP System Event Utility (HKLM-x32\...\{4B0A7A8A-ECE5-4639-9A0D-C535F354313D}) (Version: 1.4.26 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPCLJEnterpriseM552 (HKLM-x32\...\{4B549D46-3605-4B97-B093-C6D501B2BB6C}) (Version: 0.05.0000 - Hewlett-Packard) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6518 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000010-0200-1034-84C8-B8D95FA3C8C3}) (Version: 20.10.0 - Intel Corporation) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.32 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1713810364-3618217416-4259660789-1001\...\OneDriveSetup.exe) (Version: 22.065.0412.0004 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.21.811.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Software Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation) Software para dispositivos de chipset Intel® (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Spotify (HKU\S-1-5-21-1713810364-3618217416-4259660789-1001\...\Spotify) (Version: 1.1.84.716.gc5f8b819 - Spotify AB) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.29.4 - TeamViewer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN) WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH) Packages: ========= ¡Solitario! -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2021-10-07] (Random Salad Games LLC) Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.79.1.0_x64__kgqvnymyfvs32 [2022-04-28] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2260.1.0_x64__kgqvnymyfvs32 [2022-04-29] (king.com) Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-20] (Microsoft Corporation) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.12.419.0_x64__rz1tebttyb220 [2022-03-04] (Dolby Laboratories) Dropbox - promoción -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.8.0_x64__xbfy0k16fey96 [2022-04-12] (Dropbox Inc.) Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-19] (Fitbit) HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.443.0_x86__v10z8vjag6ke6 [2018-02-23] (HP Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-28] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-19] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-19] (Microsoft Corporation) [MS Ad] Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15028.20228.0_x86__8wekyb3d8bbwe [2022-04-26] (Microsoft Corporation) Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.15028.20228.0_x86__8wekyb3d8bbwe [2022-04-26] (Microsoft Corporation) Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.15028.20228.0_x86__8wekyb3d8bbwe [2022-04-26] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-28] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-16] (Netflix, Inc.) Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.5.0_x64__nfy108tqq3p12 [2021-12-14] (Thumbmunkeys Ltd) Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2021-12-02] (CYBERLINKCOM CORP) Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-13] (Synaptics Incorporated) Up in the Sky -> C:\Program Files\WindowsApps\Microsoft.UpintheSky_2.0.0.0_neutral__8wekyb3d8bbwe [2019-03-20] (Microsoft Corporation) WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.84.0_x64__qt5r5pa5dyg8m [2021-03-15] (WildTangent Games) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igfxDTCM.dll [2020-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer (Lista blanca) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-1713810364-3618217416-4259660789-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/ HKU\S-1-5-21-1713810364-3618217416-4259660789-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1713810364-3618217416-4259660789-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg DNS Servers: 80.58.61.254 - 80.58.61.250 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [TCP Query User{4ECE78E5-5B53-470B-BEAA-438E9347FD41}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{D4F62788-E655-477C-8FFA-7CD6B8220FA7}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{9B99D295-248F-4D36-B31F-7A9DDCD0819F}C:\users\josemanuel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josemanuel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{369CFBDE-1A25-4560-B9B5-A8CB2B3E5516}C:\users\josemanuel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josemanuel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{7C42E1A5-7BE2-40C1-8928-C0EDF8D9F92C}C:\instalar\anydesk.exe] => (Allow) C:\instalar\anydesk.exe (philandro Software GmbH -> ) FirewallRules: [UDP Query User{24C80145-5A0C-404E-B4D6-7A8D69350567}C:\instalar\anydesk.exe] => (Allow) C:\instalar\anydesk.exe (philandro Software GmbH -> ) FirewallRules: [{982EAB63-DCA9-40F1-B567-6404A05EAA14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EF282B13-DB2F-43D4-AA68-0A9CD0D22123}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6E4A726C-7399-47C1-BFE7-82E91358E1BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{44C0466A-56DF-4C9A-A689-D0A69F40886F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1B2A884C-4ADF-421E-9210-930A56590F93}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{9B66AA48-E178-453A-9409-47766D13F8DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C057A936-BC7F-4CBE-90EE-BDB9E73B1D67}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{B3E563AA-2E4D-435C-93AF-5062D7B20EB1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D4B345B4-CA70-409F-A54B-486747BC537D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Puntos de Restauración ========================= ATENCIÓN: Restaurar Sistema está deshabilitado (Total:118.01 GB) (Free:59.92 GB) (51%) ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ Name: Realtek High Definition Audio Description: Realtek High Definition Audio Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: IntcAzAudAddService Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Controlador de infraestructura de virtualización de Microsoft Hyper-V Description: Controlador de infraestructura de virtualización de Microsoft Hyper-V Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: Vid Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Intel(R) Dual Band Wireless-AC 7265 Description: Intel(R) Dual Band Wireless-AC 7265 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Corporation Service: Netwtw04 Problem: : Windows cannot initialize the device driver for this hardware. (Code 37) Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. Name: Sonido Intel(R) para pantallas Description: Sonido Intel(R) para pantallas Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Intel(R) Corporation Service: IntcDAud Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (04/30/2022 01:36:27 PM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema. ] Error: (04/30/2022 09:21:34 AM) (Source: HP Comm Recovery) (EventID: 0) (User: ) Description: Error al controlar PowerEvent. Error: System.Exception: StartProcessAsCurrentUser: GetSessionUserToken failed. en _HPCommRecovery.ProcessExtensions.StartProcessAsCurrentUser(String appPath, String cmdLine, String workDir, Boolean visible) en _HPCommRecovery.HPAHAgent.CallAgent() en _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath) en _HPCommRecovery.HPAHLogger.NewSession() en _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus) en System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData). Error: (04/30/2022 09:21:33 AM) (Source: HP Comm Recovery) (EventID: 0) (User: ) Description: Error al controlar PowerEvent. Error: System.IO.IOException: El proceso no puede obtener acceso al archivo 'C:\Windows\Temp\signtool.exe' porque está siendo utilizado en otro proceso. en System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) en System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) en System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) en System.IO.FileStream..ctor(String path, FileMode mode) en _HPCommRecovery.Tools.Signtool.ExtractSignTool() en _HPCommRecovery.Tools.Signtool.Verify(String arg) en _HPCommRecovery.HPAHAgent.CallAgent() en _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath) en _HPCommRecovery.HPAHLogger.NewSession() en _HPC.... Error: (04/29/2022 08:44:57 AM) (Source: HP Comm Recovery) (EventID: 0) (User: ) Description: Error al controlar PowerEvent. Error: System.Exception: StartProcessAsCurrentUser: GetSessionUserToken failed. en _HPCommRecovery.ProcessExtensions.StartProcessAsCurrentUser(String appPath, String cmdLine, String workDir, Boolean visible) en _HPCommRecovery.HPAHAgent.CallAgent() en _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath) en _HPCommRecovery.HPAHLogger.NewSession() en _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus) en System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData). Error: (04/28/2022 05:47:38 PM) (Source: HP Comm Recovery) (EventID: 0) (User: ) Description: Error al controlar PowerEvent. Error: System.Exception: StartProcessAsCurrentUser: GetSessionUserToken failed. en _HPCommRecovery.ProcessExtensions.StartProcessAsCurrentUser(String appPath, String cmdLine, String workDir, Boolean visible) en _HPCommRecovery.HPAHAgent.CallAgent() en _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath) en _HPCommRecovery.HPAHLogger.NewSession() en _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus) en System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData). Error: (04/28/2022 08:41:43 AM) (Source: HP Comm Recovery) (EventID: 0) (User: ) Description: Error al controlar PowerEvent. Error: System.Exception: StartProcessAsCurrentUser: GetSessionUserToken failed. en _HPCommRecovery.ProcessExtensions.StartProcessAsCurrentUser(String appPath, String cmdLine, String workDir, Boolean visible) en _HPCommRecovery.HPAHAgent.CallAgent() en _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath) en _HPCommRecovery.HPAHLogger.NewSession() en _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus) en System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData). Error: (04/28/2022 08:41:42 AM) (Source: HP Comm Recovery) (EventID: 0) (User: ) Description: Error al controlar PowerEvent. Error: System.IO.IOException: El proceso no puede obtener acceso al archivo 'C:\Windows\Temp\signtool.exe' porque está siendo utilizado en otro proceso. en System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) en System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) en System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) en System.IO.FileStream..ctor(String path, FileMode mode) en _HPCommRecovery.Tools.Signtool.ExtractSignTool() en _HPCommRecovery.Tools.Signtool.Verify(String arg) en _HPCommRecovery.HPAHAgent.CallAgent() en _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath) en _HPCommRecovery.HPAHLogger.NewSession() en _HPC.... Error: (04/27/2022 08:37:27 AM) (Source: HP Comm Recovery) (EventID: 0) (User: ) Description: Error al controlar PowerEvent. Error: System.Exception: StartProcessAsCurrentUser: GetSessionUserToken failed. en _HPCommRecovery.ProcessExtensions.StartProcessAsCurrentUser(String appPath, String cmdLine, String workDir, Boolean visible) en _HPCommRecovery.HPAHAgent.CallAgent() en _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath) en _HPCommRecovery.HPAHLogger.NewSession() en _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus) en System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData). Errores del sistema: ============= Error: (04/30/2022 04:18:38 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "No disponible" para ejecutar el servidor: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (04/30/2022 04:18:25 PM) (Source: DCOM) (EventID: 10005) (User: ALVAROMARTIN-PC) Description: Error de DCOM "1084" al intentar iniciar el servicio BITS con argumentos "No disponible" para ejecutar el servidor: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (04/30/2022 04:18:25 PM) (Source: DCOM) (EventID: 10005) (User: ALVAROMARTIN-PC) Description: Error de DCOM "1084" al intentar iniciar el servicio BITS con argumentos "No disponible" para ejecutar el servidor: {F087771F-D74F-4C1A-BB8A-E16ACA9124EA} Error: (04/30/2022 04:18:25 PM) (Source: DCOM) (EventID: 10005) (User: ALVAROMARTIN-PC) Description: Error de DCOM "1084" al intentar iniciar el servicio BITS con argumentos "No disponible" para ejecutar el servidor: {6D18AD12-BDE3-4393-B311-099C346E6DF9} Error: (04/30/2022 04:18:25 PM) (Source: DCOM) (EventID: 10005) (User: ALVAROMARTIN-PC) Description: Error de DCOM "1084" al intentar iniciar el servicio BITS con argumentos "No disponible" para ejecutar el servidor: {03CA98D6-FF5D-49B8-ABC6-03DD84127020} Error: (04/30/2022 04:18:25 PM) (Source: DCOM) (EventID: 10005) (User: ALVAROMARTIN-PC) Description: Error de DCOM "1084" al intentar iniciar el servicio BITS con argumentos "No disponible" para ejecutar el servidor: {659CDEA7-489E-11D9-A9CD-000D56965251} Error: (04/30/2022 04:18:25 PM) (Source: DCOM) (EventID: 10005) (User: ALVAROMARTIN-PC) Description: Error de DCOM "1084" al intentar iniciar el servicio BITS con argumentos "No disponible" para ejecutar el servidor: {BB6DF56B-CACE-11DC-9992-0019B93A3A84} Error: (04/30/2022 04:18:25 PM) (Source: DCOM) (EventID: 10005) (User: ALVAROMARTIN-PC) Description: Error de DCOM "1084" al intentar iniciar el servicio BITS con argumentos "No disponible" para ejecutar el servidor: {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} Windows Defender: ================ Date: 2022-04-30 13:41:10 Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {26D1F93C-9BB8-4E37-B38E-47272096D0FD} Tipo de examen: Antimalware Parámetros de examen: Examen completo Usuario: ALVAROMARTIN-PC\JOSEMANUEL Date: 2022-04-30 13:36:25 Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {1B89FB3D-F622-49EA-865A-B7812C102781} Tipo de examen: Antimalware Parámetros de examen: Examen completo Usuario: ALVAROMARTIN-PC\JOSEMANUEL Date: 2022-04-30 12:14:16 Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega.BK!MTB&threatid=2147772774&enterprise=0 Nombre: Trojan:Win32/Tnega.BK!MTB Id.: 2147772774 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: file:_C:\Windows\Temp\tmp0000023a\tmp0004b034; file:_C:\Windows\Temp\tmp0000023a\tmp0004b538 Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe Versión de inteligencia de seguridad: AV: 1.363.1180.0, AS: 1.363.1180.0, NIS: 1.363.1180.0 Versión de motor: AM: 1.1.19200.5, NIS: 1.1.19200.5 Date: 2022-04-30 12:14:16 Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega.BK!MTB&threatid=2147772774&enterprise=0 Nombre: Trojan:Win32/Tnega.BK!MTB Id.: 2147772774 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: file:_C:\Windows\Temp\tmp0000023a\tmp0004b034 Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe Versión de inteligencia de seguridad: AV: 1.363.1180.0, AS: 1.363.1180.0, NIS: 1.363.1180.0 Versión de motor: AM: 1.1.19200.5, NIS: 1.1.19200.5 Date: 2022-04-30 12:11:39 Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Nombre: Trojan:Win32/Tiggre!rfn Id.: 2147723625 Gravedad: Grave Categoría: Caballo de Troya Ruta de acceso: file:_C:\Windows\Temp\tmp0000023a\tmp0001db4b; file:_C:\Windows\Temp\tmp0000023a\tmp0001dd99 Origen de detección: Equipo local Tipo de detección: FastPath Origen de detección: Protección en tiempo real Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe Versión de inteligencia de seguridad: AV: 1.363.1180.0, AS: 1.363.1180.0, NIS: 1.363.1180.0 Versión de motor: AM: 1.1.19200.5, NIS: 1.1.19200.5 Event[0]: Date: 2022-04-30 16:12:26 Description: La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. CodeIntegrity: =============== Date: 2022-04-30 13:59:12 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Información de la memoria =========================== BIOS: Insyde F.33 12/08/2017 Placa base: HP 832A Procesador: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz Porcentaje de memoria en uso: 26% RAM física total: 8108.91 MB RAM física disponible: 5959.73 MB Virtual total: 9388.91 MB Virtual disponible: 7567.92 MB ==================== Unidades ================================ Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:59.92 GB) NTFS Drive z: () (Network) (Total:0 GB) (Free:0 GB) \\?\Volume{766c9882-4979-44b5-8c25-b9435aaaacda}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.4 GB) NTFS \\?\Volume{4f1af374-2872-45a6-9e78-b9eb74866dda}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 2566F754) Partition: GPT. ==================== Final de Addition.txt =======================