Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 30-04-2020 Ejecutado por bigotes-tatil (02-05-2020 14:16:55) Ejecutado desde C:\Users\bigotes-tatil\Desktop Windows 10 Pro Versión 1909 18363.778 (X64) (2019-07-01 21:13:59) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-4028806782-3372094689-3326841577-500 - Administrator - Disabled) => C:\Users\Administrador bigotes-tatil (S-1-5-21-4028806782-3372094689-3326841577-1001 - Administrator - Enabled) => C:\Users\bigotes-tatil DefaultAccount (S-1-5-21-4028806782-3372094689-3326841577-503 - Limited - Disabled) Invitado (S-1-5-21-4028806782-3372094689-3326841577-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-4028806782-3372094689-3326841577-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) Actualización de NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated) BatteryCare 0.9.32.0 (HKLM-x32\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.32.0 - Filipe Lourenço) BurnAware Free 12.9 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware) Canon MP Navigator 3.1 (HKLM-x32\...\MP Navigator 3.1) (Version: - ) Canon MP140 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform) Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.5 - FNMT-RCM) FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden Freemake Video Converter versión 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.) Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft) Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft) Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft) Microsoft OneDrive (HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) MioMore Desktop 7.50 (HKLM-x32\...\{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.50) (Version: 7.50.0110.129 - Mio Technology) Mozilla Firefox 75.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 75.0 (x64 es-ES)) (Version: 75.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla) NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Panel de control de NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden Paquete de compatibilidad para 2007 Office system (HKLM-x32\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) RAPID Mode (HKLM\...\{7B2F4116-7C42-4EB6-9B11-220F0FAA3567}) (Version: 1.0.1.105 - Samsung Electronics Co., Ltd.) Hidden Recover My Files (HKLM-x32\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd) Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.1.0.170 - Samsung Electronics) ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated) TomTom HOME (HKLM-x32\...\{C51F55EC-477D-4385-B951-BDEFA5DFC90B}) (Version: 2.11.6 - Nombre de su organización) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinX DVD Ripper Platinum 8.9.1 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.) Wise Care 365 5.4.5 (HKLM-x32\...\Wise Care 365_is1) (Version: 5.4.5 - WiseCleaner.com, Inc.) Packages: ========= Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad] Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.4282.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad] MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad] ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-02] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> ) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-02] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> ) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE trusted site: HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\...\fnmt.es -> hxxp://fnmt.es IE trusted site: HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\...\fnmt.es -> hxxps://fnmt.es IE trusted site: HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\...\fnmt.gob.es -> hxxps://fnmt.gob.es IE trusted site: HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\...\fnmt.gob.es -> hxxp://fnmt.gob.es IE trusted site: HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\...\localhost -> localhost ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2020-04-18 18:44 - 2020-04-18 18:44 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bigotes-tatil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 80.58.61.254 - 80.58.61.250 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "SynTPEnh" HKLM\...\StartupApproved\Run32: => "UnlockerAssistant" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "SSBkgdUpdate" HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\...\StartupApproved\Run: => "Sony PC Companion" HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\...\StartupApproved\Run: => "TomTomHOME.exe" HKU\S-1-5-21-4028806782-3372094689-3326841577-1001\...\StartupApproved\Run: => "87fc0f0e" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [{95282723-7A09-46A4-BB37-324BED865405}] => (Allow) C:\Users\bigotes-tatil\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [Archivo no firmado] FirewallRules: [{4C3A80B6-E719-43FB-B1FD-EF11B38515F2}] => (Allow) C:\Users\bigotes-tatil\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [Archivo no firmado] FirewallRules: [{5C589C5A-3F5D-46CD-BA94-FEB4AE11E49C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{942B7BBD-CD22-47B3-B31D-32D4D4BB238F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{3E59A499-E219-403F-BDD9-495D57D0B118}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{FDC6F77C-970B-4F69-9A95-40D921E3A0FD}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{A08C18C5-D991-4376-AE45-826A013DC722}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{CCBBA3BB-DDBE-4532-95A6-99A22711D49A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{7FC0E0BB-0093-45ED-A2D9-0161344B826A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{5BE49BE7-BEC1-4CA8-8965-C98DC70DD57C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B2C71B1F-DAD1-42CD-A700-D87BC04D678D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0C858C57-F12E-4EA9-B4DF-C57A88942CC5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A2A4C96A-C253-4E36-8E04-2486869C12E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{016DC2B8-356C-4D6E-8FB5-85F1E124780F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{29A94C15-7B75-49CA-A1A1-662410B61BC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0FDEC6D3-CF80-4EB0-9A76-B7F5DF9EEBC3}] => (Block) LPort=445 FirewallRules: [{C44980F4-DC88-4F41-A845-DC347E6A1AE0}] => (Block) LPort=445 FirewallRules: [TCP Query User{D7B5F3F1-0F43-412B-8D25-1E3EC9F11DDC}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{A2B6FE13-90DE-4FE1-BA90-4EE31148E453}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{F811F849-9A07-4920-854A-1558B97F725C}] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{80D5215C-6E10-45CF-B8AE-22AB637D91B6}] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{B0E4960C-B28B-4765-9C4F-07AF882E38BE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C7ED40DB-3EF0-4C5E-ABCB-89BF39182D03}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Puntos de Restauración ========================= 24-04-2020 18:52:19 Installed Adobe Acrobat DC. 01-05-2020 15:48:07 Operación de restauración 01-05-2020 17:25:27 Revo Uninstaller Pro's restore point - Skype versión 8.59 01-05-2020 17:26:57 Revo Uninstaller Pro's restore point - TomTom HOME 01-05-2020 20:25:13 Revo Uninstaller Pro's restore point - Reimage Repair 01-05-2020 20:40:43 Revo Uninstaller Pro's restore point - Malwarebytes version 4.1.0.56 01-05-2020 21:31:06 Revo Uninstaller Pro's restore point - reimage 01-05-2020 21:32:01 Revo Uninstaller Pro's restore point - reimage 01-05-2020 21:38:34 Operación de restauración 02-05-2020 01:59:56 Revo Uninstaller Pro's restore point - Skype 02-05-2020 02:01:04 Revo Uninstaller Pro's restore point - Skype ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (05/02/2020 02:15:09 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (29472,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/02/2020 01:27:42 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2828,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/02/2020 11:47:36 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4672,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/02/2020 11:31:49 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2100,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/02/2020 11:26:20 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3048,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/02/2020 11:17:36 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (832,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/02/2020 11:01:09 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2704,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (05/02/2020 10:53:59 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4756,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Errores del sistema: ============= Error: (05/02/2020 11:31:52 AM) (Source: DCOM) (EventID: 10010) (User: BIGOTES) Description: El servidor {7022A3B3-D004-4F52-AF11-E9E987FEE25F} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/02/2020 11:29:52 AM) (Source: DCOM) (EventID: 10010) (User: BIGOTES) Description: El servidor {7022A3B3-D004-4F52-AF11-E9E987FEE25F} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/02/2020 11:27:52 AM) (Source: DCOM) (EventID: 10010) (User: BIGOTES) Description: El servidor {7022A3B3-D004-4F52-AF11-E9E987FEE25F} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/02/2020 11:25:51 AM) (Source: DCOM) (EventID: 10010) (User: BIGOTES) Description: El servidor {7022A3B3-D004-4F52-AF11-E9E987FEE25F} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/02/2020 11:23:51 AM) (Source: DCOM) (EventID: 10010) (User: BIGOTES) Description: El servidor {7022A3B3-D004-4F52-AF11-E9E987FEE25F} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/02/2020 11:22:14 AM) (Source: DCOM) (EventID: 10000) (User: BIGOTES) Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error "2147942767" al iniciar este comando: C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (05/02/2020 11:21:51 AM) (Source: DCOM) (EventID: 10010) (User: BIGOTES) Description: El servidor {7022A3B3-D004-4F52-AF11-E9E987FEE25F} no se registró con DCOM dentro del tiempo de espera requerido. Error: (05/02/2020 11:19:51 AM) (Source: DCOM) (EventID: 10010) (User: BIGOTES) Description: El servidor {7022A3B3-D004-4F52-AF11-E9E987FEE25F} no se registró con DCOM dentro del tiempo de espera requerido. Windows Defender: =================================== Date: 2020-05-01 22:20:24.066 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {B6371CAE-B735-4960-A81B-C0EB4FB081D5} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-05-01 16:30:48.805 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {50FA8E33-13BC-4F87-82A7-195F1E4A8B18} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-04-30 18:05:40.473 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Nombre: HackTool:Win32/Keygen Id.: 2147593794 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\adobe.snr.patch.v2.0-painter.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: BIGOTES\bigotes-tatil Nombre de proceso: C:\Windows\explorer.exe Versión de inteligencia de seguridad: AV: 1.313.2638.0, AS: 1.313.2638.0, NIS: 1.313.2638.0 Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4 Date: 2020-04-28 22:11:32.480 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {0C21A729-A97E-4ACF-A0A8-01EA36529FBB} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-04-28 19:11:41.709 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!MSR&threatid=2147743020&enterprise=0 Nombre: HackTool:Win32/Keygen!MSR Id.: 2147743020 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\bigotes-tatil\Downloads\Nueva carpeta\Piriform.Speccy.Technician.Edition.v1.25.674.Multilingual.Incl.Keymaker-CORE\cr-pirfm.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: BIGOTES\bigotes-tatil Nombre de proceso: C:\Windows\explorer.exe Versión de inteligencia de seguridad: AV: 1.313.2493.0, AS: 1.313.2493.0, NIS: 1.313.2493.0 Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4 Date: 2020-05-02 11:10:30.506 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.313.2769.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16900.4 Código de error: 0x8024001e Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. Date: 2020-05-01 22:10:15.434 Description: Antivirus de Windows Defender encontró un error al intentar cargar la inteligencia de seguridad e intentará revertir a una versión que sepa que es correcta. Inteligencia de seguridad intentada: Actual Código de error: 0x80070003 Descripción del error: El sistema no puede encontrar la ruta especificada. Versión de inteligencia de seguridad: 0.0.0.0;0.0.0.0 Versión del motor: 0.0.0.0 Date: 2020-05-01 16:20:35.380 Description: Antivirus de Windows Defender encontró un error al intentar cargar la inteligencia de seguridad e intentará revertir a una versión que sepa que es correcta. Inteligencia de seguridad intentada: Actual Código de error: 0x80070003 Descripción del error: El sistema no puede encontrar la ruta especificada. Versión de inteligencia de seguridad: 0.0.0.0;0.0.0.0 Versión del motor: 0.0.0.0 Date: 2020-04-18 12:57:28.088 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.307.2891.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16600.7 Código de error: 0x80072f8f Descripción del error: Error de seguridad Date: 2020-01-23 19:29:24.916 Description: Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.307.1832.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16600.7 Código de error: 0x80072f8f Descripción del error: Error de seguridad CodeIntegrity: =================================== Date: 2020-05-02 13:19:06.979 Description: Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2020-05-02 13:18:57.875 Description: Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2020-05-02 13:18:57.754 Description: Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2020-05-02 13:18:34.722 Description: Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2020-05-02 13:18:34.612 Description: Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2020-05-02 13:18:34.536 Description: Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2020-05-02 10:51:52.934 Description: Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2020-05-02 10:51:17.425 Description: Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes. ==================== Información de la memoria =========================== BIOS: Packard Bell V1.05 06/25/2009 Placa base: Packard Bell EasyNote LJ65 Procesador: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz Porcentaje de memoria en uso: 50% RAM física total: 8189.98 MB RAM física disponible: 4082 MB Virtual total: 10054.64 MB Virtual disponible: 5223.65 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:418.1 GB) (Free:280.2 GB) NTFS Drive e: () (Removable) (Total:115.69 GB) (Free:49.97 GB) NTFS \\?\Volume{e49fdc7b-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS \\?\Volume{e49fdc7b-0000-0000-0000-f0a568000000}\ () (Fixed) (Total:0.59 GB) (Free:0.08 GB) NTFS ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: E49FDC7B) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=418.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=606 MB) - (Type=27) ========================================================== Disk: 1 (Size: 115.7 GB) (Disk ID: 90CCF184) Partition 1: (Not Active) - (Size=115.7 GB) - (Type=07 NTFS) ==================== Final de Addition.txt =======================