Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 09-08-2020 Ejecutado por usuario (10-08-2020 12:49:49) Ejecutado desde C:\Users\usuario\Desktop Windows 10 Home Versión 1903 18362.959 (X64) (2019-11-03 23:43:46) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-2379521174-702662167-1151423853-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2379521174-702662167-1151423853-503 - Limited - Disabled) Invitado (S-1-5-21-2379521174-702662167-1151423853-501 - Limited - Disabled) usuario (S-1-5-21-2379521174-702662167-1151423853-1001 - Administrator - Enabled) => C:\Users\usuario WDAGUtilityAccount (S-1-5-21-2379521174-702662167-1151423853-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Disabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: AVG Antivirus (Disabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated) Epic Games Launcher (HKLM-x32\...\{90D54587-044D-4B17-AA6D-BB7976F3211C}) (Version: 1.1.279.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.105 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) hppP1100P1560P1600SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes) MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.52 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - ) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\OneDriveSetup.exe) (Version: 20.124.0621.0006 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Oracle VM VirtualBox 6.1.12 (HKLM\...\{BD4C2875-9059-4C94-A7B5-493A538AC180}) (Version: 6.1.12 - Oracle Corporation) Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.) SafeNet Authentication Client 8.3 (HKLM\...\{648B71AE-68FC-45D4-B1A3-21BC86229A73}) (Version: 8.3.52.0 - SafeNet, Inc.) SETCCE proXSign® 2.1.4.81 (HKLM-x32\...\{5829CC72-35A3-439B-AB90-CE2776075835}}_is1) (Version: 2.1.4.81 - SETCCE) SETCCE proXSign® PDF for IE (HKLM-x32\...\{8598729F-B16A-4140-94CF-66B1914723BF}) (Version: 1.2.25 - SETCCE) SETCCE proXSign® PDF for Opera, Chrome and Safari (HKLM-x32\...\{B8F22556-1D3F-485F-A0E6-35350D1CA6DF}) (Version: 1.2.25 - SETCCE) SETCCE proXSign® XML for IE (HKLM-x32\...\{2CC73AE9-646C-4236-B152-EBB70F2969C9}) (Version: 1.2.24 - SETCCE) SETCCE proXSign® XML for Opera, Chrome and Safari (HKLM-x32\...\{3B823AD1-CC01-4F5A-94CD-45142BC5D443}) (Version: 1.2.24 - SETCCE) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden uTorrent Web (HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\utweb) (Version: 1.1.0 - BitTorrent, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH) Wondershare Filmora Scrn(Build 2.0.1) (HKLM\...\Wondershare Filmora Scrn_is1) (Version: - Wondershare Software) Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare) Packages: ========= Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.10.5.0_x86__kgqvnymyfvs32 [2020-06-17] (king.com) Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.39.4.0_x86__kgqvnymyfvs32 [2020-06-24] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1820.3.0_x86__kgqvnymyfvs32 [2020-08-05] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.174.400.0_x86__kgqvnymyfvs32 [2020-08-07] (king.com) Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-12] (Microsoft Corporation) March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.0.0.8_x86__h6adky7gbf63m [2020-08-05] (Gameloft SE) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-04] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-04] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.7162.0_x64__8wekyb3d8bbwe [2020-07-22] (Microsoft Studios) [MS Ad] MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad] Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.20.1.0_x64__nfy108tqq3p12 [2020-07-27] (Thumbmunkeys Ltd) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.138.558.0_x86__zpdnekdrzrea0 [2020-07-27] (Spotify AB) [Startup Task] ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-2379521174-702662167-1151423853-1001_Classes\CLSID\{EFE46AAA-6D2D-46C8-AD63-CA5683795CBE} -> [MEGAsync] => C:\Users\usuario\Documents\MEGAsync [2020-07-26 21:24] ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-09] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-09] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-09] (Mega Limited -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-09] (Mega Limited -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-09] (Mega Limited -> ) ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-09] (Mega Limited -> ) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2020-06-09] (Mega Limited -> ) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= 2020-08-09 17:24 - 2016-07-21 10:54 - 000137728 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2020-08-09 17:24 - 2016-10-08 16:48 - 001506304 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2020-08-09 17:24 - 2016-10-08 16:49 - 000708608 _____ (Wondershare) [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Hay 7942 más sitios. IE trusted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\scba.gov.ar -> hxxps://firmadigital.scba.gov.ar IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\123simsen.com -> www.123simsen.com Hay 7942 más sitios. ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2017-03-18 18:03 - 2020-08-06 20:41 - 000454574 ____R C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Hay 15603 más lineas. ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKU\S-1-5-21-2379521174-702662167-1151423853-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall de Windows está habilitado. Network Binding: ============= Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKLM\...\StartupApproved\Run: => "SACMonitor" HKLM\...\StartupApproved\Run32: => "GrooveMonitor" HKLM\...\StartupApproved\Run32: => "proxsign" HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2379521174-702662167-1151423853-1001\...\StartupApproved\Run: => "EpicGamesLauncher" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [TCP Query User{8922417B-4A92-4B41-93D0-B27343CDFC23}C:\lex10e\servidor\lexsvrm.exe] => (Block) C:\lex10e\servidor\lexsvrm.exe (Sistemas Jurídicos SRL -> Sistemas Jurídicos SRL (República Argentina)) FirewallRules: [UDP Query User{C8D29BA6-7B82-40C8-B52F-7CFBCE24D584}C:\lex10e\servidor\lexsvrm.exe] => (Block) C:\lex10e\servidor\lexsvrm.exe (Sistemas Jurídicos SRL -> Sistemas Jurídicos SRL (República Argentina)) FirewallRules: [TCP Query User{97CABF92-C3DC-49E1-B6B1-96A2F0E553A8}C:\lex10e\lex10e\servidor\lexsvrm.exe] => (Block) C:\lex10e\lex10e\servidor\lexsvrm.exe (Sistemas Jurídicos SRL -> Sistemas Jurídicos SRL (República Argentina)) FirewallRules: [UDP Query User{B86E9E09-04AC-4315-BA5D-14728C6F4075}C:\lex10e\lex10e\servidor\lexsvrm.exe] => (Block) C:\lex10e\lex10e\servidor\lexsvrm.exe (Sistemas Jurídicos SRL -> Sistemas Jurídicos SRL (República Argentina)) FirewallRules: [TCP Query User{6B228AFD-003A-44B3-A615-F0D0D76CC489}C:\lex10e\servidor\lexsvrm.exe] => (Allow) C:\lex10e\servidor\lexsvrm.exe (Sistemas Jurídicos SRL -> Sistemas Jurídicos SRL (República Argentina)) FirewallRules: [UDP Query User{8A93E62E-CDDB-4E7C-856E-6A808F7A6235}C:\lex10e\servidor\lexsvrm.exe] => (Allow) C:\lex10e\servidor\lexsvrm.exe (Sistemas Jurídicos SRL -> Sistemas Jurídicos SRL (República Argentina)) FirewallRules: [TCP Query User{09F693C1-D23B-4077-9303-6A98D319197F}D:\lex10e\lex10e\servidor\lexsvrm.exe] => (Allow) D:\lex10e\lex10e\servidor\lexsvrm.exe => Ningún archivo FirewallRules: [UDP Query User{E2ECD1ED-4D95-45EC-82A6-9D9C3A053F7C}D:\lex10e\lex10e\servidor\lexsvrm.exe] => (Allow) D:\lex10e\lex10e\servidor\lexsvrm.exe => Ningún archivo FirewallRules: [TCP Query User{C8088A21-923E-47C2-B159-453678AD9A69}C:\lex10e\lex10e\lex10e\servidor\lexsvrm.exe] => (Allow) C:\lex10e\lex10e\lex10e\servidor\lexsvrm.exe (Sistemas Jurídicos SRL -> Sistemas Jurídicos SRL (República Argentina)) FirewallRules: [UDP Query User{02342FFF-3E0F-4A5F-9F29-46175FA3E25D}C:\lex10e\lex10e\lex10e\servidor\lexsvrm.exe] => (Allow) C:\lex10e\lex10e\lex10e\servidor\lexsvrm.exe (Sistemas Jurídicos SRL -> Sistemas Jurídicos SRL (República Argentina)) FirewallRules: [{55EBE652-6259-48D8-B05E-C438DD25EAB8}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Archivo no firmado] FirewallRules: [{CAFB8392-C30D-47ED-9234-50486FE3BF9B}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Archivo no firmado] FirewallRules: [{A2CC8DC9-886D-4B31-A85F-5031F2F352B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.138.558.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{EE9CE933-C505-4CDC-BC5D-D2223A118508}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.138.558.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{56617F18-9AE8-448B-A02F-FC3334EA249F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.138.558.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BB78D1C7-0D75-468F-9DB0-ACCE0E3A39CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.138.558.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D3339314-4307-4AEB-BD81-63E5FE7FF5FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.138.558.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C1D2D011-5371-4932-A488-3C5C35A6516D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.138.558.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{881748F3-AB28-4400-961B-0817EE8EAF89}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.138.558.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{677CDCA6-E412-42FF-A154-AC5372B8B822}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.138.558.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0E028C32-2807-45B9-98E7-A1F13EF590BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{61D879AF-C95E-4C16-A040-12C67326302A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A302A1A2-5547-4667-AEF8-7845C0B9E393}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C86F9276-3662-446B-AB63-5F9086279FAB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9A8953A4-CDEB-42CF-B26E-0BE4DCD25A20}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Puntos de Restauración ========================= 05-08-2020 18:03:55 Punto de control programado ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: VirtualBox Host-Only Ethernet Adapter Description: VirtualBox Host-Only Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Oracle Corporation Service: VBoxNetAdp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (08/10/2020 12:35:03 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema. . Error: (08/10/2020 12:35:03 PM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema. ] Error: (08/10/2020 12:35:03 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema. . Error: (08/10/2020 12:35:03 PM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema. ] Error: (08/10/2020 12:22:55 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema. . Error: (08/10/2020 12:22:55 PM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema. ] Error: (08/10/2020 12:22:55 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema. . Error: (08/10/2020 12:22:55 PM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema. ] Errores del sistema: ============= Error: (08/10/2020 12:37:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio avgbIDSAgent no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control. Error: (08/10/2020 12:37:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (45000 ms) para la conexión con el servicio avgbIDSAgent. Error: (08/10/2020 12:36:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: El módulo de extensibilidad de WLAN no se pudo iniciar. Ruta de acceso del módulo: C:\WINDOWS\system32\athExt.dll Código de error: 126 Error: (08/10/2020 12:36:51 PM) (Source: VBoxNetLwf) (EventID: 12) (User: ) Description: El controlador detectó un error interno del controlador en \Device\VBoxNetLwf. Error: (08/10/2020 12:24:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: El módulo de extensibilidad de WLAN no se pudo iniciar. Ruta de acceso del módulo: C:\WINDOWS\system32\athExt.dll Código de error: 126 Error: (08/10/2020 12:24:47 PM) (Source: VBoxNetLwf) (EventID: 12) (User: ) Description: El controlador detectó un error interno del controlador en \Device\VBoxNetLwf. Error: (08/10/2020 11:13:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Spybot Security Center Integration Service no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control. Error: (08/10/2020 11:13:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (45000 ms) para la conexión con el servicio Spybot Security Center Integration Service. Windows Defender: =================================== Date: 2020-07-27 21:36:50.896 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {7010DCFD-185C-4390-81BE-7464E3FF71B6} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-07-26 18:08:34.694 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {15B60B68-BF64-4DA6-92BC-D9FEB451C13D} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-07-26 14:39:08.823 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {298F3EEA-DFE2-4598-9765-FA1F55B25180} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-08-03 00:38:26.143 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.321.452.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17300.4 Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Date: 2020-08-03 00:28:01.789 Description: La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema. Date: 2020-07-30 15:53:22.010 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.321.200.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17300.4 Código de error: 0x80240438 Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. Date: 2020-07-26 16:11:28.616 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.319.2273.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17200.2 Código de error: 0x80240438 Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. Date: 2020-07-26 14:36:09.715 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.319.2273.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.17200.2 Código de error: 0x80240438 Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. CodeIntegrity: =================================== Date: 2020-08-10 12:50:19.710 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-08-10 12:50:19.106 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-08-10 12:50:05.041 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-08-10 12:49:46.743 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-08-10 12:49:43.402 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-08-10 12:49:42.768 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-08-10 12:48:26.309 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-08-10 12:48:26.145 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. P1.10 03/07/2011 Placa base: ASRock H61M-S Procesador: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz Porcentaje de memoria en uso: 54% RAM física total: 5864.67 MB RAM física disponible: 2651.01 MB Virtual total: 6824.67 MB Virtual disponible: 3822.51 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:463.98 GB) (Free:395.25 GB) NTFS \\?\Volume{cb68fd39-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS \\?\Volume{cb68fd39-0000-0000-0000-201e74000000}\ () (Fixed) (Total:0.47 GB) (Free:0.04 GB) NTFS \\?\Volume{cb68fd39-0000-0000-0000-403c74000000}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: CB68FD39) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=464 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=481 MB) - (Type=27) Partition 4: (Not Active) - (Size=838 MB) - (Type=27) ==================== Final de Addition.txt =======================