Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 19.02.2024 02 Ejecutado por Jesús (19-02-2024 23:01:32) Ejecutado desde C:\Users\Jesús\Downloads\Programs Microsoft Windows 10 Pro Versión 22H2 19045.3693 (X64) (2024-01-19 19:39:44) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= (Si una entrada es incluida en el fixlist, será eliminada.) Administrador (S-1-5-21-1113270788-249563240-2962103402-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1113270788-249563240-2962103402-503 - Limited - Disabled) Invitado (S-1-5-21-1113270788-249563240-2962103402-501 - Limited - Disabled) Jesús (S-1-5-21-1113270788-249563240-2962103402-1001 - Administrator - Enabled) => C:\Users\Jesús WDAGUtilityAccount (S-1-5-21-1113270788-249563240-2962103402-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) 7Launcher CS: Source 1.5.3 (HKLM\...\7Launcher CS: Source_is1) (Version: 1.5.3 - SE7EN Solutions) AIMP (HKLM\...\AIMP) (Version: 5.30.2533 - Artem Izmaylov) Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version: - Sandbox Interactive GmbH) Assassins Creed II MULTi11 - ElAmigos versión 1.01 (HKLM-x32\...\{4744C9B4-665D-4036-894F-DA64EC1607A4}_is1) (Version: 1.01 - Ubisoft) BitTorrent (HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\BitTorrent) (Version: 7.11.0.46923 - BitTorrent Inc.) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 121.1.62.165 - Los creadores de Brave) CMClient Launcher version 1.8.0 (HKLM\...\CMClient Launcher_is1) (Version: 1.8.0 - CMClient) Discord (HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\Discord) (Version: 1.0.9030 - Discord Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.104.0.5617 - Electronic Arts) Hidden EA app (HKLM-x32\...\{e482530b-b35f-49bd-a98a-8c43da619e9f}) (Version: 13.104.0.5617 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{FA06BD44-6ED1-42D5-963C-D5B165C4D892}) (Version: 1.3.93.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.) FileZilla Client 3.55.1 (HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\FileZilla Client) (Version: 3.55.1 - Tim Kosse) Human Fall Flat MULTi7 - ElAmigos versión 01.09.2023 (HKLM-x32\...\{CBE2350A-5C97-404E-A121-8850F34C4679}_is1) (Version: 01.09.2023 - Curve Digital) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: 6.41.2 - Tonec Inc.) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) League of Legends PBE (HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc) Liberica JDK 8 (64-bit) (HKLM\...\{B0F7B9C6-13EC-4857-8E2D-7E6F5D7671C2}) (Version: 8.0.402.7 - BellSoft) Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains) Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes) MENU Extendido (HKLM\...\MENUEX) (Version: 7.4 - Doofy's Projects) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.128 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 (HKLM-x32\...\{1de5e707-82da-4db6-b810-5d140cc4cbb3}) (Version: 14.38.33130.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130 (HKLM\...\{C31777DB-51C1-4B19-9F80-38EF5C1D7C89}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130 (HKLM\...\{1CA7421F-A225-4A9C-B320-A36981A2B789}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD) NVIDIA Controlador de 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation) NVIDIA Controlador de audio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Controlador de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation) NVIDIA Controlador de la controladora 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA Software del sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.0.2 - OBS Project) Official Krunker.io Client 3.0.8 (HKLM\...\3a7cc3b8-0ea0-52d2-a196-7657f955507b) (Version: 3.0.8 - FRVR Limited) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.) Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.) Riot Client (HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc) RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder) Spotify (HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\Spotify) (Version: 1.2.31.1205.g4d59ad7c - Spotify AB) StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 2.9.19 - startisback.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs Desktop 1.15.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.15.1 - General Workings, Inc.) Telegram A 10.4.5 (HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\4485b756-d2de-5b75-84bd-f6a00f8ea3a0) (Version: 10.4.5 - Alexander Zinchuk) TLauncher (HKLM-x32\...\TLauncher) (Version: 2.885 - TLauncher Inc.) Tunelf Spotify Music Converter 2.3.2.180 (HKLM-x32\...\Tunelf Spotify Music Converter_is1) (Version: - Tunelf Studio.) WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.128 - Microsoft Corporation) WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH) YouTube Music (HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\dc47208d91838d2fa1a5b7aa49ac84a6) (Version: 1.0 - BraveSoftware\Brave-Browser) Packages: ========= Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2024-02-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2024-01-19] (Microsoft Corporation) [MS Ad] YouTube Music -> C:\Program Files\WindowsApps\music.youtube.com-5929F88E_1.0.0.0_neutral__vezhnr0wkvrcy [2024-01-21] (music.youtube.com) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ShellServiceObjects: Sin Nombre -> {872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac} => ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-01-19] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jesús\AppData\Local\MEGAsync\ShellExtX64.dll -> Ningún archivo ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jesús\AppData\Local\MEGAsync\ShellExtX64.dll -> Ningún archivo ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-18] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jesús\AppData\Local\MEGAsync\ShellExtX64.dll -> Ningún archivo ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-01-19] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jesús\AppData\Local\MEGAsync\ShellExtX64.dll -> Ningún archivo ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-18] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Archivo no firmado] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Archivo no firmado] ==================== Accesos directos & WMI ======================== (Las entradas pueden ser listadas para ser restauradas o eliminadas.) ShortcutWithArgument: C:\Users\Jesús\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__cinhimbnkkaeohfgghhklpknlkffjgod\YouTube Music.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod --app-url=hxxps://music.youtube.com/?source=pwa --app-launch-source=4 ShortcutWithArgument: C:\Users\Jesús\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Web Applications\_crx_cinhimbnkkaeohfgghhklpknlkffjgod\YouTube Music.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod ShortcutWithArgument: C:\Users\Jesús\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Brave\YouTube Music.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod ShortcutWithArgument: C:\Users\Jesús\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Music.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod ==================== Módulos cargados (Lista blanca) ============= 0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () [Acceso Denegado] C:\Users\Jesús\AppData\Local\SpinAdvance\RemoveFsnt\GeocolluEdiqo238.dll 2024-01-20 22:32 - 2016-11-14 08:30 - 001300688 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll 2024-01-20 22:32 - 2016-11-14 05:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Archivo no firmado] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll 2024-01-19 15:49 - 2023-03-08 19:53 - 000663552 _____ (www.startisback.com) [Archivo no firmado] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer (Lista blanca) ========== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = dprojects.org HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = dprojects.org HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = dprojects.org HKU\S-1-5-21-1113270788-249563240-2962103402-1001\Software\Microsoft\Internet Explorer\Main,Start Page = dprojects.org BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2019-12-07 05:14 - 2024-02-18 19:54 - 000000828 _____ C:\Windows\system32\drivers\etc\hosts 2024-02-15 02:23 - 2024-02-15 02:35 - 000000441 _____ C:\Windows\system32\drivers\etc\hosts.ics 25.11.59.3 DESKTOP-68NERTE.mshome.net # 2029 2 2 13 6 35 0 903 ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\BellSoft\LibericaJDK-8\bin\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1113270788-249563240-2962103402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jesús\AppData\Roaming\Microsoft\Windows Photo Viewer\Papel tapiz de Visualizador de fotos de Windows.jpg DNS Servers: 192.168.100.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0) HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0) HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0) HKU\S-1-5-21-1113270788-249563240-2962103402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "Svchost" HKLM\...\StartupApproved\Run32: => "Explorer" HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1113270788-249563240-2962103402-1001\...\StartupApproved\Run: => "Spotify" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Puntos de Restauración ========================= 13-02-2024 11:29:17 Punto de control programado 15-02-2024 02:12:09 Installed Hamachi 19-02-2024 02:35:03 Revo Uninstaller's restore point - MEGAsync ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (02/19/2024 10:56:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: El programa WinStore.App.exe (versión 11910.1002.5.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento. Id. de proceso: 1570 Hora de Inicio: 01da63a836defda2 Hora de finalización: 4294967295 Ruta de la aplicación: C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe Id. de informe: 0cb77ab7-401e-479a-9ea3-ecff415ff156 Nombre completo del paquete con errores: Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe Id. de la aplicación relativa al paquete con errores: App Tipo de bloqueo: Quiesce Error: (02/19/2024 02:35:03 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado..A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud. Operación: Recopilando datos del escritor Contexto: Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220} Nombre del escritor: System Writer Id. de instancia del escritor: {40348c79-864c-4600-9d40-a5b8767712ee} Error: (02/19/2024 02:15:12 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: El programa WinStore.App.exe (versión 11910.1002.5.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento. Id. de proceso: 146c Hora de Inicio: 01da62fada36fe6a Hora de finalización: 4294967295 Ruta de la aplicación: C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe Id. de informe: bd558ddf-d7e3-4d48-a783-fbb032b849d1 Nombre completo del paquete con errores: Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe Id. de la aplicación relativa al paquete con errores: App Tipo de bloqueo: Quiesce Error: (02/19/2024 02:10:51 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.. Error: (02/19/2024 02:10:51 AM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.] Error: (02/19/2024 02:10:51 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.. Error: (02/19/2024 02:10:51 AM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.] Error: (02/18/2024 10:25:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: El optimizador de almacenamiento no pudo completar volver a optimizar en SYSTEM (E:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A) Errores del sistema: ============= Error: (02/19/2024 03:45:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (45000 ms) para la conexión con el servicio NvStreamNetworkSvc. Error: (02/19/2024 03:44:23 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado. Error: (02/19/2024 03:05:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-68NERTE) Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido. Error: (02/19/2024 02:48:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-68NERTE) Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido. Error: (02/19/2024 02:45:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-68NERTE) Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido. Error: (02/19/2024 02:37:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-68NERTE) Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido. Error: (02/19/2024 02:30:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-68NERTE) Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido. Error: (02/19/2024 02:00:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-68NERTE) Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido. CodeIntegrity: =============== Date: 2024-02-17 17:59:49 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\wscript.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. 4.6.5 02/28/2013 Placa base: ECS H61H2-CM Procesador: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz Porcentaje de memoria en uso: 84% RAM física total: 4077.57 MB RAM física disponible: 617.92 MB Virtual total: 7021.57 MB Virtual disponible: 3261.57 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:149.01 GB) (Free:37.97 GB) (Model: WDC WD1600AAJS-75B4A0) NTFS ==>[unidad con componentes de arranque (obtenido de BCD)] Drive e: (SYSTEM) (Fixed) (Total:298.08 GB) (Free:37.31 GB) (Model: Hitachi HTS543232A7A384) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)] ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149 GB) (Disk ID: C6647D30) Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 298.1 GB) (Disk ID: 7A2EEF93) Partition 1: (Active) - (Size=993 KB) - (Type=42) Partition 2: (Not Active) - (Size=298.1 GB) - (Type=42) Partition 3: (Not Active) - (Size=4 MB) - (Type=42) ==================== Final de Addition.txt =======================