Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x86) Versión: 20-09-2020 Ejecutado por User (20-09-2020 22:44:30) Ejecutado desde C:\Documents and Settings\User\Escritorio Microsoft Windows XP Professional Service Pack 3 (X86) (2015-05-13 07:52:15) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-1960408961-879983540-1606980848-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrador Asistente de ayuda (S-1-5-21-1960408961-879983540-1606980848-1000 - Limited - Disabled) ASPNET (S-1-5-21-1960408961-879983540-1606980848-1004 - Limited - Enabled) Invitado (S-1-5-21-1960408961-879983540-1606980848-501 - Limited - Disabled) SUPPORT_388945a0 (S-1-5-21-1960408961-879983540-1606980848-1002 - Limited - Disabled) User (S-1-5-21-1960408961-879983540-1606980848-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\User ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe) Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe) Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated) Adobe Photoshop CS4 (HKLM\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Angry Birds (HKLM\...\{EB8D8402-5741-4CBA-A292-1E530E1A6F13}) (Version: 4.0.0 - Rovio Entertainment Ltd.) Carnivores 2 (HKLM\...\Carnivores 2) (Version: - ) Cheating-Death 4.33.4 (HKLM\...\Cheating-Death) (Version: - ) Chromium (HKLM\...\{279DCF5D-771D-1EDD-C69D-6E5D161DBDDD}) (Version: - ) Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 3.64.14.0 - Conexant) Conexant HD Audio (HKLM\...\CNXT_HDAUDIO) (Version: - ) Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden Counter-Strike 1.6 (HKLM\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD) Free Studio version 6.5.2.525 (HKLM\...\Free Studio_is1) (Version: 6.5.2.525 - DVDVideoSoft Ltd.) Free Video Call Recorder for Skype version 1.2.28.525 (HKLM\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.28.525 - DVDVideoSoft Ltd.) Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 0.0.0.0000 - Intel Corporation) kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden LavasoftTcpService (HKLM\...\{5916A24B-59A4-4FDB-9753-499CB1F65362}) (Version: 2.3.4.2 - Lavasoft) Hidden Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - ) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Mozilla Firefox 52.0 ESR (x86 es-AR) (HKLM\...\Mozilla Firefox 52.0 ESR (x86 es-AR)) (Version: 52.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.0.0.6271 - Mozilla) PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden Quake III Arena (HKLM\...\Quake III Arena) (Version: - ) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7111 - Realtek Semiconductor Corp.) Skype™ 7.23 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.) Stellarium 0.11.3 (HKLM\...\Stellarium_is1) (Version: - ) Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden TL-WN721N/TL-WN722N Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK) TmNationsForever (HKLM\...\TmNationsForever_is1) (Version: - Nadeo) Unity Web Player (HKU\S-1-5-21-1960408961-879983540-1606980848-1003\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) WebFldrs XP (HKLM\...\{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-1960408961-879983540-1606980848-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\User\Configuración local\Datos de programa\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies SF -> Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-1960408961-879983540-1606980848-1003_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Documents and Settings\User\Configuración local\Datos de programa\Chromium\Application\46.0.2480.0\delegate_execute.exe" => Ningún archivo <==== ATENCIÓN SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Windows Component Publisher -> Microsoft Corporation) SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Windows Component Publisher -> Microsoft Corporation) SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Windows Component Publisher -> Microsoft Corporation) SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Windows Component Publisher -> Microsoft Corporation) ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8503296 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Archivos de programa\WinRAR\rarext.dll [2011-03-02] () [Archivo no firmado] ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Archivos de programa\Archivos comunes\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated) ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Archivos de programa\Archivos comunes\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated) ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Archivos de programa\WinRAR\rarext.dll [2011-03-02] () [Archivo no firmado] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2010-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Archivos de programa\Archivos comunes\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated) ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Archivos de programa\WinRAR\rarext.dll [2011-03-02] () [Archivo no firmado] ==================== Codecs (Lista blanca) ==================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Drivers32: [msacm.trspch] => C:\WINDOWS\system32\tssoft32.acm [8192 2001-08-24] (Microsoft Windows Component Publisher -> DSP GROUP, INC.) HKLM\...\Drivers32: [vidc.I420] => C:\WINDOWS\system32\msh263.drv [294912 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.iv31] => C:\WINDOWS\system32\ir32_32.dll [199168 2001-08-24] (Microsoft Windows Component Publisher -> ) HKLM\...\Drivers32: [vidc.iv32] => C:\WINDOWS\system32\ir32_32.dll [199168 2001-08-24] (Microsoft Windows Component Publisher -> ) HKLM\...\Drivers32: [vidc.iv41] => C:\WINDOWS\system32\ir41_32.ax [848384 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation) HKLM\...\Drivers32: [msacm.msg723] => C:\WINDOWS\system32\msg723.acm [118784 2001-08-24] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.M263] => C:\WINDOWS\system32\msh263.drv [294912 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.M261] => C:\WINDOWS\system32\msh261.drv [188416 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINDOWS\system32\msaud32.acm [294912 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINDOWS\system32\sl_anet.acm [86016 2008-04-14] (Microsoft Windows Component Publisher -> Sipro Lab Telecom Inc.) HKLM\...\Drivers32: [msacm.iac2] => C:\WINDOWS\system32\iac25_32.ax [199680 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation) HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\system32\ir50_32.dll [755200 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation) ==================== Accesos directos & WMI ======================== (Las entradas pueden ser listadas para ser restauradas o eliminadas.) WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:MSFT_UCScenarioControl.Name=\"Microsoft WMI Updating Consumer Scenario Control\"",Filter="\\.\root\subscription:__EventFilter.Name=\"Microsoft WMI Updating Consumer Scenario Control\":: WMI:subscription\__EventFilter->Microsoft WMI Updating Consumer Scenario Control::[Query => SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'MSFT_UCScenario'] ==================== Módulos cargados (Lista blanca) ============= 2015-05-13 05:03 - 2011-03-02 12:40 - 000140288 _____ () [Archivo no firmado] C:\Archivos de programa\WinRAR\rarext.dll 2008-08-14 07:15 - 2008-08-14 07:15 - 000276992 _____ (Adobe Systems Incorporated) [Archivo no firmado] C:\Archivos de programa\Archivos comunes\Adobe\Adobe Drive CS4\BIB.dll 2008-04-14 02:48 - 2008-05-19 06:33 - 004445184 _____ (Microsoft Corporation) [Archivo no firmado] c:\windows\system32\msi.dll ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\58336559.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\604DDBD6.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\58336559.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\604DDBD6.sys => ""="Driver" ==================== Asociación (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.) HKLM\...\batfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <==== ATENCIÓN ==================== Internet Explorer (Versión 6) (Lista blanca) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_18_01_orgnl¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtByCzz0AzyzyyBzyyB0D0E0AtAtN0D0Tzu0StBtCzytAtN1L2XzutAtFtAtBtFtCtFyBtBtN1L1Czu1M1Q1CtAyEtFtBtFtDtN1L1G1B1V1N2Y1L1Qzu2StBtByByByBtDtByEtGyB0AtC0EtG0E0DyCyBtGyBtDtDzytG0EyBzy0ByCzzyB0D0FyCtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0DtCzz0DtAtCtGyE0D0DtCtGyEtDtA0EtG0A0C0FzytGyBtAyCzz0AyDtD0DyCtAtBzz2QtN0A0LzuyEtN0D0T0S1P1RzutCyDtCyEzyyDtCyEyBtC%26cr%3D1317996735%26a%3Dhdr_s_18_01_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_18_01_orgnl¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtByCzz0AzyzyyBzyyB0D0E0AtAtN0D0Tzu0StBtCzytAtN1L2XzutAtFtAtBtFtCtFyBtBtN1L1Czu1M1Q1CtAyEtFtBtFtDtN1L1G1B1V1N2Y1L1Qzu2StBtByByByBtDtByEtGyB0AtC0EtG0E0DyCyBtGyBtDtDzytG0EyBzy0ByCzzyB0D0FyCtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0DtCzz0DtAtCtGyE0D0DtCtGyEtDtA0EtG0A0C0FzytGyBtAyCzz0AyDtD0DyCtAtBzz2QtN0A0LzuyEtN0D0T0S1P1RzutCyDtCyEzyyDtCyEyBtC%26cr%3D1317996735%26a%3Dhdr_s_18_01_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP HKU\S-1-5-21-1960408961-879983540-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ar.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_52_orgnl¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dar%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtByCzz0AzyzyyBzyyB0D0E0AtAtN0D0Tzu0StBtCzytDtN1L2XzutAtFtAtBtFtCtFyBtBtN1L1Czu1M1Q1CtAyEtFtBtFtDtN1L1G1B1V1N2Y1L1Qzu2StAzzyByC0EtAtB0FtGyD0E0A0FtGyCyD0E0BtGtDtDtCyEtGtB0F0BzztB0A0CyEtCtDzy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByByByB0DtDtB0AtG0D0D0DzztGyEtDzz0FtG0B0F0F0BtGtA0EyByE0CyDtA0A0BtAtCtC2QtN0A0LzuyEtN0D0T0S1P1RzutCyDtCyEyCtAyEyDtCtD%26cr%3D684691112%26a%3Dhdr_s_17_52_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP HKU\S-1-5-21-1960408961-879983540-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKU\S-1-5-21-1960408961-879983540-1606980848-1003 - Hook de búsqueda de direcciones URL de Microsoft - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxps://ar.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c110c0668f682c4088b65b3c280¶m1=IE¶m2=2¶m3=campaignID%3D605%26UserID%3D1316984601¶m4=XPbueSzfBeG6K2MlxBpfEG0JbOuxpcYRpud01k/SDxtZtyNxIbd1XPv1g/gSdiRffZNJW6PYcPZJzl4bQYymlVmA6zJAzDCZ/rSAnWMIaVWb3sl6xdhoodvT1/MNbUH2jqhFPQkQ7ni2wDwV3KecCtIyEz3r6vZ3NJxlCGCiKgrmlRQaPhAbplRKSZq96Q5p+n33qb+vMxqoz/7joVlc+Y5jA6lQCANY3ONureZjdJvBrK+oJAIZDC1Au0j8fPkHnsFgNdmBEX3MbHxYjoGCJJYjvuFI1WMtYP9+eMwUM4CLU6rnrGNYWOSbwGQCc7cwRILbV3qSd2ebkYOpR50HIl8kgvlCeDIr8EdySQljFBWrDQ1FKMi5p322Jt4A83GZeLnLhBr5p17Xph/9Hyw2yUEor+siKAJ6j9ljYK6m8xBigkRnR4O6ni/Z8glXw+ae68irfJ8TBAEIGwOYsLbCvq/UzyGwB1sAe4CKHgTMMgx8R/5EvmBz3d6ioz8UCEXcv7cy3LbI9U57d5dNDTaOyNzBOW2n/EnlZwCf2WVk47EZpWZmplYe8zzAdKtdZqsLNPUeHZVgSfoB6qjLD6/DXvwrAyJkqvY39QMN+DAoyqrit53zZUhjiIJbmVgJ+xYcQgeja6StzEjOD9qlhyDzQw==" <==== ATENCIÓN HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxps://ar.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c110c0668f682c4088b65b3c280¶m1=IE¶m2=2¶m3=campaignID%3D605%26UserID%3D1316984601¶m4=XPbueSzfBeG6K2MlxBpfEG0JbOuxpcYRpud01k/SDxtZtyNxIbd1XPv1g/gSdiRffZNJW6PYcPZJzl4bQYymlVmA6zJAzDCZ/rSAnWMIaVWb3sl6xdhoodvT1/MNbUH2jqhFPQkQ7ni2wDwV3KecCtIyEz3r6vZ3NJxlCGCiKgrmlRQaPhAbplRKSZq96Q5p+n33qb+vMxqoz/7joVlc+Y5jA6lQCANY3ONureZjdJvBrK+oJAIZDC1Au0j8fPkHnsFgNdmBEX3MbHxYjoGCJJYjvuFI1WMtYP9+eMwUM4CLU6rnrGNYWOSbwGQCc7cwRILbV3qSd2ebkYOpR50HIl8kgvlCeDIr8EdySQljFBWrDQ1FKMi5p322Jt4A83GZeLnLhBr5p17Xph/9Hyw2yUEor+siKAJ6j9ljYK6m8xBigkRnR4O6ni/Z8glXw+ae68irfJ8TBAEIGwOYsLbCvq/UzyGwB1sAe4CKHgTMMgx8R/5EvmBz3d6ioz8UCEXcv7cy3LbI9U57d5dNDTaOyNzBOW2n/EnlZwCf2WVk47EZpWZmplYe8zzAdKtdZqsLNPUeHZVgSfoB6qjLD6/DXvwrAyJkqvY39QMN+DAoyqrit53zZUhjiIJbmVgJ+xYcQgeja6StzEjOD9qlhyDzQw==" <==== ATENCIÓN HKU\S-1-5-21-1960408961-879983540-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxps://ar.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c1107c35d723f19333863b0f4be¶m1=IE¶m2=2¶m3=campaignID%3D130%26UserID%3D1869803634¶m4=XPbueSzfBeG6K2MlxBpfEG0JbOuxpcYRpud01k/SDxtZtyNxIbd1XPv1g/gSdiRffZNJW6PYcPZJzl4bQYymlVmA6zJAzDCZ/rSAnWMIaVWb3sl6xdhoodvT1/MNbUH2jqhFPQkQ7ni2wDwV3KecChJlwczNvCZFVpIq+JFQmQ2Ba+tVfcU70ebJrkETDFy23RTzoWgGBrHjzzoeumJE8P8bQyc9ZaDz3QbVPZ/U6yMG9GEeTGdptnRS3Tk2q0aUkRxmuK60/vAsvwNHgh2+KUsUjdCUE1oEnSGKaWtMhCygqD435g8pLlApxZ5XGOEF9l5iseg270v1gtm8DWyO7dU/ujhZV2o8+qn3bXTGLhIn0Myo0RbximBsGzyUMT2klZbptJ4u+Zb3+n8y5YgfvIBJlAdxow1HhEl4IHb6h6lfmJ0WcsWCokxydChxIwRuH35ltdDzK5rlsioNhXdkmWr2mV0rNhFkgCsUOjCNzdTjFIye9RHHMQxuJtgKRfeXydRTQcaWllHmyKS4/X+HxCkT2LV28i9X6y2QNnt0hedtExix1SoPIBVepFyKu5vavPxaHz+L7fJyKamjSE1qGgWE00htcfpngWbgxorjUFkGtu23b7scwxloDHA/mQ3DdQgRqeUqtNAV2nJ0ANuMRPvl0Ukg6JUjOFFYrVhxDFE=" <==== ATENCIÓN SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://ar.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_3e0a109d64db7e82be¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITUbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVI9ISIXwVQ4J6k3NVU3vCk4vFQ3vCoXNVJdIGYYwVU9GqYVNUI3wGYGwVQ9JmIVvFQ9GqUNNos3wCIYwVA9Jmk4wVA4ICITvFI4J6ILNFdcJ6k8NoFcFGUMwVU4ICITvFI9ImoVwV5cGWUSNFRcEqULNopcGWUIvmFbF6oXvFNdICoXwVJdJmIWvFQ9I6IWwVU9IWYUwVw4JaYVwVU4ICISwVRdJqYWvFE9I6oWvmo9IWYTvFM3vCk3wVQ4IGYVvFFdIqQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGwVQ4JmoXvFRdISIVwVRdJCISNVJdIWYVvmk9I6oUwVI3vqYTwVxdJqYTNVBdJmISwVVdICoXvFFdJ6oVwVVdJGYXwVU9J6IWNoU9GqYYNVc3wCoUQGR7B6RoN9JcMqJdNWBbMaRaQGR7BHFaISopzU0aCaV5CaZaC70bA74hQGR7y6MuwnEbQGMVMH5cQGR7y6NoN9ICzD4py6waQGQXDUZ%3D¶m2=NGx9Nat7MaF%3D&p={searchTerms} SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://ar.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_19_09_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dar%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtByCzz0AzyzyyBzyyB0D0E0AtAtN0D0Tzu0StByCtCtAtN1L2XzuyEtFyEtBtFtDtFyDtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyC0FtCtA0E0FyBtGtAyByEtCtGzztCyCtAtGtByDtB0DtGzyyE0EtDyCyD0A0B0A0AyCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByByByB0DtDtB0AtG0D0D0DzztGyEtDzz0FtG0B0F0F0BtGtA0EyByE0CyDtA0A0BtAtCtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDzztAyDtN1Q2Z1B1P1RzutCyDyDtCtCyBzytAtBzy%26cr%3D1544014975%26a%3Dhdr_s_19_09_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://ar.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_32_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dar%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtByCzz0AzyzyyBzyyB0D0E0AtAtN0D0Tzu0StByEtCtDtN1L2XzutAtFtAtBtFtBtDyDtFyDtCtN1L1Czu1M1Q1CyEtCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2StCtByDzzyD0A0DyCtGyBtCyD0BtGzy0C0CzytGtDzztA0BtGyEzzyE0DyC0C0EtD0AtCzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0DtCzz0DtAtCtGyE0D0DtCtGyEtDtA0EtG0A0C0FzytGyBtAyCzz0AyDtD0DyCtAtBzz2QtN0A0LzutDtN0D0T0S1P1RzutCyDtAtAyBtDtBtCtAtC%26cr%3D1518300037%26a%3Dhdr_s_18_32_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms} SearchScopes: HKU\.DEFAULT -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://ar.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_32_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dar%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtByCzz0AzyzyyBzyyB0D0E0AtAtN0D0Tzu0StByEtCtDtN1L2XzutAtFtAtBtFtBtDyDtFyDtCtN1L1Czu1M1Q1CyEtCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2StCtByDzzyD0A0DyCtGyBtCyD0BtGzy0C0CzytGtDzztA0BtGyEzzyE0DyC0C0EtD0AtCzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0DtCzz0DtAtCtGyE0D0DtCtGyEtDtA0EtG0A0C0FzytGyBtAyCzz0AyDtD0DyCtAtBzz2QtN0A0LzutDtN0D0T0S1P1RzutCyDtAtAyBtDtBtCtAtC%26cr%3D1518300037%26a%3Dhdr_s_18_32_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms} SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation -> Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation -> Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation -> Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation -> Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation -> Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation -> Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation -> Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2001-08-24 14:00 - 2020-09-19 20:06 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKU\S-1-5-21-1960408961-879983540-1606980848-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\User\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp DNS Servers: El medio no está conectado a internet. HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName3 -> C:\WINDOWS\system32\ipconf.tsp (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName4 -> C:\WINDOWS\system32\h323.tsp (Microsoft Windows Component Publisher -> Microsoft Corporation) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) StandardProfile\AuthorizedApplications: [C:\Archivos de programa\ma-config.com\MaConfigAgent.exe] => :LocalSubNet:Enabled:maconfigagent StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dpvsetup.exe] => Enabled:Microsoft DirectPlay Voice Test StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\rundll32.exe] => Enabled:Ejecutar un archivo DLL como una aplicación StandardProfile\AuthorizedApplications: [C:\Archivos de programa\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe] => Enabled:Free Torrent Download (ANY) StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Archivos comunes\Adobe\CS4ServiceManager\CS4ServiceManager.exe] => Enabled:Adobe CSI CS4 StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Archivos de programa\Mozilla Firefox) StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Skype\Phone\Skype.exe] => Enabled:Skype StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Microsoft Games\Age of Empires II\empires2.exe] => Enabled:Age of Empires II StandardProfile\AuthorizedApplications: [C:\Documents and Settings\User\Configuración local\Datos de programa\chromium\Application\chrome.exe] => Enabled:Chromium StandardProfile\AuthorizedApplications: [C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Chromium\Application\chrome.exe] => Enabled:Chromium StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Counter-Strike 1.6\hl.exe] => Enabled:Half-Life Launcher StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Counter-Strike 1.6\hlds.exe] => Enabled:HLDS Launcher StandardProfile\AuthorizedApplications: [C:\Archivos de programa\TmNationsForever\TmForever.exe] => Enabled:TmForever StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dplaysvr.exe] => Enabled:Microsoft DirectPlay Helper StandardProfile\GloballyOpenPorts: [48113:TCP] => :LocalSubNet:Enabled:maconfig_tcp StandardProfile\GloballyOpenPorts: [48114:TCP] => :LocalSubNet:Enabled:maconfig_tcptls StandardProfile\GloballyOpenPorts: [5353:TCP] => Enabled:Adobe CSI CS4 StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007 StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008 ==================== Puntos de Restauración ========================= 19-09-2020 20:07:06 Punto de control del sistema ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ Name: Description: Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dispositivo de módem en el bus High Definition Audio Description: Dispositivo de módem en el bus High Definition Audio Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Qualcomm Atheros AR5007 802.11b/g WiFi Adapter Description: Qualcomm Atheros AR5007 802.11b/g WiFi Adapter Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Atheros Service: AR5416 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Realtek RTL8139/810x Family Fast Ethernet NIC Description: Realtek RTL8139/810x Family Fast Ethernet NIC Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Realtek Semiconductor Corp. Service: RTL8023xp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (09/20/2020 10:27:59 PM) (Source: crypt32) (EventID: 8) (User: ) Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: con el error: No existe esta conexión de red. Error: (09/20/2020 10:27:57 PM) (Source: crypt32) (EventID: 8) (User: ) Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: con el error: No se ha podido resolver el nombre de servidor o su dirección Error: (09/20/2020 10:26:20 PM) (Source: crypt32) (EventID: 8) (User: ) Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: con el error: No existe esta conexión de red. Error: (09/20/2020 10:26:20 PM) (Source: crypt32) (EventID: 8) (User: ) Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: con el error: No se ha podido resolver el nombre de servidor o su dirección Error: (09/20/2020 10:26:18 PM) (Source: crypt32) (EventID: 8) (User: ) Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: con el error: No existe esta conexión de red. Error: (09/20/2020 10:26:17 PM) (Source: crypt32) (EventID: 8) (User: ) Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: con el error: No existe esta conexión de red. Error: (09/20/2020 10:26:17 PM) (Source: crypt32) (EventID: 8) (User: ) Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: con el error: No existe esta conexión de red. Error: (09/20/2020 10:26:17 PM) (Source: crypt32) (EventID: 8) (User: ) Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: con el error: No existe esta conexión de red. Errores del sistema: ============= Error: (09/20/2020 10:41:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio Servicio de restauración de sistema terminó con el error: El sistema no puede hallar el archivo especificado. Error: (09/20/2020 10:41:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio HP Support Solutions Framework Service no pudo iniciarse debido al siguiente error: El servicio no ha respondido a la petición o inicio del control en un tiempo adecuado. Error: (09/20/2020 10:41:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Intervalo de espera (30000 ms.) para la conexión con el servicio HP Support Solutions Framework Service. Error: (09/20/2020 10:41:59 PM) (Source: SRService) (EventID: 104) (User: ) Description: Error en el proceso de inicialización de Restaurar sistema. Error: (09/20/2020 10:40:21 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM ha obtenido un error "%%1084 = El servicio no puede iniciarse en modo a prueba de errores" al intentar iniciar el servicio EventSystem con argumentos "" para ejecutar el servidor: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (09/20/2020 10:39:00 PM) (Source: DCOM) (EventID: 10005) (User: USUARIO-ACC9883) Description: DCOM ha obtenido un error "%%1084 = El servicio no puede iniciarse en modo a prueba de errores" al intentar iniciar el servicio StiSvc con argumentos "" para ejecutar el servidor: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (09/20/2020 10:39:00 PM) (Source: DCOM) (EventID: 10005) (User: USUARIO-ACC9883) Description: DCOM ha obtenido un error "%%1084 = El servicio no puede iniciarse en modo a prueba de errores" al intentar iniciar el servicio StiSvc con argumentos "" para ejecutar el servidor: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (09/20/2020 10:23:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El controlador de inicialización siguiente no se cargó correctamente: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip ==================== Información de la memoria =========================== BIOS: Hewlett-Packard HPQOEM - 1 04/29/2008 Motherboard: Hewlett-Packard 30D9 Procesador: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz Porcentaje de memoria en uso: 99% RAM física total: 1013.94 MB RAM física disponible: 4.52 MB Virtual total: 2437.27 MB Virtual disponible: 1049.64 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:111.78 GB) (Free:18.55 GB) NTFS ==>[unidad con componentes de arranque (Windows XP)] ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: 3ADD3ADC) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) ==================== Final Addition.txt =======================