ok I saved all my pictures elsewhere, I am unsure if I can save my Microsoft office, excel, power point, but I paid for the download on my computer as well that will probably get wiped out. other than that think I'm ready for the next step. the only thing that got done is like I said earlier a different the told me it was a network virus??? I really appreciate the help.
virus detected
↧
↧
network virus
I think you may have wanted me to reply here instead of a new thread. srry
↧
BING Hijacking & Computer Freezes
Hi:
I have 2 current problems. My computer has been freezing up for some time. Recently, the fan has started running much faster than normal and certain programs have become unmanageable, especially gmail. Text lags behind typing so much it's almost impossible to write an email. Just typing this message, for example, is tough.
Yesterday, things got much worse and I saw that several new programs had installed themselves on the computer. I researched them all and determined that they were malware so I uninstalled all of them immediately. However, simultaneously Bing took over both Firefox and IE. I've tried to get rid of it but nothing seems to work. In Firefox, I have the Morning Coffee add-on installed. This opens 4 different sites as my "home pages." Bing tried to take over the homepage function as well as search engine but I reinstalled the original 4 sites. Now, if I open a 5th tab, instead of being Google it's Bing.
Bing never shows up in the Control Panel list of installed programs so I downloaded Revo Uninstaller but it doesn't show there either.
This is driving me absolutely bananas. Any help most appreciated.
Jane
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 8067 Mb
Graphics Card: AMD Radeon HD 7730M, -2048 Mb
Hard Drives: C: Total - 715301 MB, Free - 557052 MB;
Motherboard: Dell Inc., 0HDRR5
Antivirus: Microsoft Security Essentials, Updated and Enabled
I have 2 current problems. My computer has been freezing up for some time. Recently, the fan has started running much faster than normal and certain programs have become unmanageable, especially gmail. Text lags behind typing so much it's almost impossible to write an email. Just typing this message, for example, is tough.
Yesterday, things got much worse and I saw that several new programs had installed themselves on the computer. I researched them all and determined that they were malware so I uninstalled all of them immediately. However, simultaneously Bing took over both Firefox and IE. I've tried to get rid of it but nothing seems to work. In Firefox, I have the Morning Coffee add-on installed. This opens 4 different sites as my "home pages." Bing tried to take over the homepage function as well as search engine but I reinstalled the original 4 sites. Now, if I open a 5th tab, instead of being Google it's Bing.
Bing never shows up in the Control Panel list of installed programs so I downloaded Revo Uninstaller but it doesn't show there either.
This is driving me absolutely bananas. Any help most appreciated.
Jane
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 8067 Mb
Graphics Card: AMD Radeon HD 7730M, -2048 Mb
Hard Drives: C: Total - 715301 MB, Free - 557052 MB;
Motherboard: Dell Inc., 0HDRR5
Antivirus: Microsoft Security Essentials, Updated and Enabled
↧
Annoying redirection
Hey guys,
I randomly have started to get redirection on my search on google chrome through yahoo search and anytime I search on google , I get annoying "It's Result Hub ads" on my screen. I've installed super antispyware remover and anti malwarebytes as well and none of which have helped solve my problem. I'm really stuck on what to do from here and hope I can get some help. I also reinstalled google chrome which did no good :(. In addition, I've also reset my settings in google chrome and removed all extensions which has still not fixed my problem. Any help is appreciated! Thanks
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1 Pro, 64 bit
Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 8050 Mb
Graphics Card: Intel(R) HD Graphics 4000, -1984 Mb
Hard Drives: C: Total - 228582 MB, Free - 133955 MB; E: Total - 476936 MB, Free - 314136 MB;
Motherboard: LENOVO, Lenovo
Antivirus: Windows Defender, Disabled
I randomly have started to get redirection on my search on google chrome through yahoo search and anytime I search on google , I get annoying "It's Result Hub ads" on my screen. I've installed super antispyware remover and anti malwarebytes as well and none of which have helped solve my problem. I'm really stuck on what to do from here and hope I can get some help. I also reinstalled google chrome which did no good :(. In addition, I've also reset my settings in google chrome and removed all extensions which has still not fixed my problem. Any help is appreciated! Thanks
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1 Pro, 64 bit
Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 8050 Mb
Graphics Card: Intel(R) HD Graphics 4000, -1984 Mb
Hard Drives: C: Total - 228582 MB, Free - 133955 MB; E: Total - 476936 MB, Free - 314136 MB;
Motherboard: LENOVO, Lenovo
Antivirus: Windows Defender, Disabled
↧
Windows 7 Laptop Hijacked - Help please!
Thanks for the help everyone but I couldn't get any response from my machine without defaulting it. I chose to factory default it (alt-f10 on startup for anyone who's interested) and chose not to save any info on the drive so there was no chance of any nasties still lurking there. I have my work and any other data stored on a cloud drive so there wasn't anything that I was going to overwrite that can't be retrieved. I know that my problem hasn't really been solved but at least I now have a machine that is fast(ish). We will have to see for how long......
↧
↧
Malware
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 10 Home, 64 bit
Processor: AMD A6-6310 APU with AMD Radeon R4 Graphics, AMD64 Family 22 Model 48 Stepping 1
Processor Count: 4
RAM: 7103 Mb
Graphics Card: AMD Radeon (TM) R7 M260, -2048 Mb
Hard Drives: C: Total - 690422 MB, Free - 617511 MB; D: Total - 23076 MB, Free - 2310 MB;
Motherboard: Hewlett-Packard, 2269
Antivirus: Norton Internet Security, Updated and Enabled
OS Version: Microsoft Windows 10 Home, 64 bit
Processor: AMD A6-6310 APU with AMD Radeon R4 Graphics, AMD64 Family 22 Model 48 Stepping 1
Processor Count: 4
RAM: 7103 Mb
Graphics Card: AMD Radeon (TM) R7 M260, -2048 Mb
Hard Drives: C: Total - 690422 MB, Free - 617511 MB; D: Total - 23076 MB, Free - 2310 MB;
Motherboard: Hewlett-Packard, 2269
Antivirus: Norton Internet Security, Updated and Enabled
↧
Internet not working after removal of malware using AdwCleaner
The logs show clear signs of an activation hack for windows/office
we do not assist with pirated windows/office so this topic is now closed
we do not assist with pirated windows/office so this topic is now closed
↧
Trojan.Agent/Gen-FakeAV
I have ran my super anti Spyware and it picks up the Trojan.Agent/Gen-Fake AV but won't remove it or quarantine it either . My virus protection (Avast) does not pick it up. I have tried adware cleaner and nothing is helping. PLEASE someone help.
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1 Pro, 64 bit
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 8
RAM: 12240 Mb
Graphics Card: NVIDIA GeForce GTX 660M, -2048 Mb
Hard Drives: C: Total - 285710 MB, Free - 209104 MB; D: Total - 407733 MB, Free - 407050 MB; E: Total - 357700 MB, Free - 357116 MB; F: Total - 357701 MB, Free - 357117 MB;
Motherboard: ASUSTeK COMPUTER INC., G75VW
Antivirus: Windows Defender, Disabled
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1 Pro, 64 bit
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 8
RAM: 12240 Mb
Graphics Card: NVIDIA GeForce GTX 660M, -2048 Mb
Hard Drives: C: Total - 285710 MB, Free - 209104 MB; D: Total - 407733 MB, Free - 407050 MB; E: Total - 357700 MB, Free - 357116 MB; F: Total - 357701 MB, Free - 357117 MB;
Motherboard: ASUSTeK COMPUTER INC., G75VW
Antivirus: Windows Defender, Disabled
↧
dregol
Hello, harvey321. My nickname is Nevan and I will be helping you getting your system back on its electronic feet.
Before we get started, please keep these things in mind:
Also, please note that I'm currently in training, so my answers to you will have to be checked first by an experienced helper before I can post them. This can lengthen the time between my answers to you, but in return you will have an extra person reviewing your log.
Let's get started :)
As we will need to run some tools on the infected computer, we will have to get them there first.
You're saying that you cannot access the Internet from it. Do you by any chance have an USB Drive? We could use it to move tools between your computers.
Before we get started, please keep these things in mind:
- Always read every part of my post carefully. If you don't, you may do something wrong and there could be more problems to solve.
- If your security programs give you any warnings when using tools I asked you to, don't be afraid. Every tool I provide to you is 100% safe.
- Only run tools that I ask you to. Some of them can be dangerous to your system as they have much power.
- You should save or print my instructions. It is possible that we will be using Safe mode, which will cut you off from your internet connection and without access to them, you might be stuck.
- Malware removal is a complicated process that takes multiple steps to be completed. Don't give up, be patient.
- The tools we are going to use and your software may cause unwanted interactions. Because of that, I recommend you to make backups of any important files from your machine before proceeding as they might be lost.
- I recommend you to stay with me until I tell you that we are done. It is important because when your system does not show any bad symptoms anymore it does not mean that it is 100% clean.
- Every program I ask you to download should be saved to and run from desktop. If you don't know how to choose the direction of where a download is saved, check this site. You can also just copy these programs to your desktop manually and then run them from there.
- Remember that the fixes I give you are only for your machine. Using it on other systems may (and probably will) cause problems.
- Finally, if you have any questions or are unsure about something, just ask. I will not blame you for it. It is better to ask rather than regret it later.
Also, please note that I'm currently in training, so my answers to you will have to be checked first by an experienced helper before I can post them. This can lengthen the time between my answers to you, but in return you will have an extra person reviewing your log.
Let's get started :)
As we will need to run some tools on the infected computer, we will have to get them there first.
You're saying that you cannot access the Internet from it. Do you by any chance have an USB Drive? We could use it to move tools between your computers.
↧
↧
Virus
I have been concerned about a virus called s.yimg that keeps popping up on the search bar on the bottom and says its redirecting to this site. To let you know my internet speed is fine at about 5 megs and so is the bandwidth. I see it on Mozilla, Chrome, and ie, but not on Torch. Something is really slowing down my browsers and I believe its that s.yimg that is doing it but not sure. I have tried malware bytes and other spyware and malware but its still there. I have switched antiviruses also but no go. Last thing I tried was the upgrade to windows 10 but to no avail and no change slow browsers even torch.
Can you please help me with this as it has me pulling my hair out. Thank you for any assistance.
Dar
Can you please help me with this as it has me pulling my hair out. Thank you for any assistance.
Dar
↧
Think I have a Virus
Do you have access to another non-infected computer? If so, please download FRST64 on that computer
link: For 64 bit Systems
copy it onto a USB drive, and then copy it from the USB drive onto the DESKTOP of your infected computer.
Once you have plugged the USB into your infected computer, DO NOT plug it into any other computer until we can protect that computer. It can easily transmit the virus.
If that does not work, let's try the following:
Boot to Safe Mode Windows 8/8.1
FRST Scan
Please download FRST ... by Farbar, from the link below and save it to your Desktop.
For 64 bit Systems
Let me know if one of these methods works (and please post the logs.)
link: For 64 bit Systems
copy it onto a USB drive, and then copy it from the USB drive onto the DESKTOP of your infected computer.
Once you have plugged the USB into your infected computer, DO NOT plug it into any other computer until we can protect that computer. It can easily transmit the virus.
If that does not work, let's try the following:
Boot to Safe Mode Windows 8/8.1
- go to the Control Panel -->System and Security --> Administrative Tools. Here you will find the System Configuration shortcut. Click or tap on it.
- Go to the Boot tab and, in the Boot options section check the box that says "Safe boot". You will also see four options: Minimal, Alternate Shell, Active Directory, and Network. For this procedure, please click on Network
![]()
- Then, click or tap OK.
- You are informed that you need to restart your computer. Click Restart.
- The computer will restart in safe mode
FRST Scan
Please download FRST ... by Farbar, from the link below and save it to your Desktop.
For 64 bit Systems
- Right-click FRST.exe and select " Run as administrator " to run it.
- When the tool opens click Yes to the disclaimer.
- Press Scan button. ... When finished a log will be created, FRST.txt.
- Please post the content of the FRST.txt in your next reply.
- The first time the tool is run, it will create another log... Addition.txt.
- Please post the content of the Addition.txt in your next reply.
Let me know if one of these methods works (and please post the logs.)
↧
ShowMyPC scam
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 16345 Mb
Graphics Card: NVIDIA GeForce GT 620, 1024 Mb
Hard Drives: C: Total - 944100 MB, Free - 208953 MB;
Motherboard: Dell Inc., 0NW73C
Antivirus: Norton 360, Updated and Enabled
I was contacted by someone who said they were from Dell, but weren't as I found out later. I installed showmypc because they said my computer was downloading malicious software. They controlled my PC until I hung up the phone and reset my pc. I contacted Dell who said it wasn't them, so I disconnected from the internet while I went for dinner. When I got back, I rolled back my windows 10 install to the 8.1 I have now, hoping to get rid of whatever they did. I don't see the teamviewer and the showmypc file but how do I make sure? Thank you in advance
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 16345 Mb
Graphics Card: NVIDIA GeForce GT 620, 1024 Mb
Hard Drives: C: Total - 944100 MB, Free - 208953 MB;
Motherboard: Dell Inc., 0NW73C
Antivirus: Norton 360, Updated and Enabled
I was contacted by someone who said they were from Dell, but weren't as I found out later. I installed showmypc because they said my computer was downloading malicious software. They controlled my PC until I hung up the phone and reset my pc. I contacted Dell who said it wasn't them, so I disconnected from the internet while I went for dinner. When I got back, I rolled back my windows 10 install to the 8.1 I have now, hoping to get rid of whatever they did. I don't see the teamviewer and the showmypc file but how do I make sure? Thank you in advance
↧
Faulty Internet and slow startup, DNS Server Changed error
In opening chrome today I've had errors in which my internet icon flickers on and off. It is connected to the internet but it's slower than usual and sometimes it just disconnects and reconnects on its own.
The disk cleanup has done the best results but my internet still shows the "DNS Network changed" error at times. It used to disconnect so badly that it would say I had no internet connection at all. I'm not sure if its malware or a virus or if my USB internet adapter is finally giving itself out and I have to buy a new one. But if it isn't a virus and it's just my usb adapter then let me know.
Edit: As of today, August 9th, my internet has returned (but slow) but my startup is still laggy. I also forgot to mention that my internet connection was working fine on my father's and brother's laptop, and I was the only one with connectivity issues, which is why I was unsure what was causing the problem.
System Info
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz, Intel64 Family 6 Model 37 Stepping 2
Processor Count: 4
RAM: 5943 Mb
Graphics Card: Intel(R) HD Graphics, -1348 Mb
Hard Drives: C: Total - 705244 MB, Free - 602851 MB;
Motherboard: Dell Inc., 0C2KJT
Antivirus: McAfee Anti-Virus and Anti-Spyware, Updated and Enabled
Hijackthis log:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:21:51 PM, on 8/8/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
CHROME: 44.0.2403.130
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tumblr.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Alexis\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29R212K205RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1) -
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://images3.pnimedia.com/ProductA...eX_Control.cab
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (mcbootdelaystartsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
--
End of file - 13638 bytes
The disk cleanup has done the best results but my internet still shows the "DNS Network changed" error at times. It used to disconnect so badly that it would say I had no internet connection at all. I'm not sure if its malware or a virus or if my USB internet adapter is finally giving itself out and I have to buy a new one. But if it isn't a virus and it's just my usb adapter then let me know.
Edit: As of today, August 9th, my internet has returned (but slow) but my startup is still laggy. I also forgot to mention that my internet connection was working fine on my father's and brother's laptop, and I was the only one with connectivity issues, which is why I was unsure what was causing the problem.
System Info
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz, Intel64 Family 6 Model 37 Stepping 2
Processor Count: 4
RAM: 5943 Mb
Graphics Card: Intel(R) HD Graphics, -1348 Mb
Hard Drives: C: Total - 705244 MB, Free - 602851 MB;
Motherboard: Dell Inc., 0C2KJT
Antivirus: McAfee Anti-Virus and Anti-Spyware, Updated and Enabled
Hijackthis log:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:21:51 PM, on 8/8/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
CHROME: 44.0.2403.130
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tumblr.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Alexis\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29R212K205RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1) -
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://images3.pnimedia.com/ProductA...eX_Control.cab
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (mcbootdelaystartsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
--
End of file - 13638 bytes
↧
↧
interruption
sounds like malware to me
moved to malware cleaning
Step 1
Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.
See the screenshot where the proper download buttons are highlighted
![]()
NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.
Close your browser and double click on this icon on your desktop:
![]()
You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same
![]()
moved to malware cleaning
Step 1
Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.
See the screenshot where the proper download buttons are highlighted
NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.
Close your browser and double click on this icon on your desktop:
You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same
↧
Suspected malware
Okay Cody, here are the files
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-08-2015
Ran by Administrador (administrator) on USUARIO-061D4ED (10-08-2015 11:35:20)
Running from C:\Documents and Settings\Administrador\Mis documentos\Downloads
Loaded Profiles: Administrador (Available Profiles: Administrador)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: Español (alfabetización internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe
(brother Industries Ltd) C:\WINDOWS\system32\brsvc01a.exe
(brother Industries Ltd) C:\WINDOWS\system32\brss01a.exe
(Microsoft Corporation) C:\WINDOWS\system32\WgaTray.exe
(Apple Inc.) C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Archivos de programa\Bonjour\mDNSResponder.exe
(Comodo) C:\Archivos de programa\Comodo\Dragon\dragon_updater.exe
(Microsoft Corporation) C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Yahoo! Inc.) C:\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Apple Inc.) C:\Archivos de programa\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Archivos de programa\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Archivos de programa\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.EXE
() C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\Viber.exe
(BitTorrent Inc.) C:\DOCUME~1\ADMINI~1\DATOSD~1\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Apple Inc.) C:\Archivos de programa\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [APSDaemon] => C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Archivos de programa\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe [998104 2015-07-07] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Archivos de programa\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-07] (AVAST Software)
HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Run: [Skype] => C:\Archivos de programa\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Run: [L08EXLRD_34474125] => C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.EXE [351000 2007-05-23] (Microsoft Corporation)
HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Run: [Viber] => C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\Viber.exe [776400 2015-02-25] ()
HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Run: [BitTorrent] => C:\Documents and Settings\Administrador\Datos de programa\BitTorrent\BitTorrent.exe [1998952 2015-08-04] (BitTorrent Inc.)
Startup: C:\Documents and Settings\Administrador\Menú Inicio\Programas\Inicio\Supervisar alertas de tinta - HP Deskjet 1510 series.lnk [2015-07-30]
ShortcutTarget: Supervisar alertas de tinta - HP Deskjet 1510 series.lnk -> C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Archivos de programa\AVAST Software\Avast\ashShell.dll [2015-08-07] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2007-02-11] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
GroupPolicyScripts: Group Policy detected <======= ATTENTION
CHR HKU\S-1-5-21-1343024091-1425521274-725345543-500\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-1343024091-1425521274-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.msn.com/
HKU\S-1-5-21-1343024091-1425521274-725345543-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://es.msn.com/
HKU\S-1-5-21-1343024091-1425521274-725345543-500\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.com/
HKU\S-1-5-21-1343024091-1425521274-725345543-500\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {04B09FAA-7168-4221-A49D-B55E5F7CE70A} URL = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
SearchScopes: HKLM -> {3CCD0BDC-3256-4361-94EE-DB53D6C0D2D8} URL = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
SearchScopes: HKLM -> {8038A243-3327-4075-BEC6-ADA5D19F7CC3} URL = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c
SearchScopes: HKLM -> {8659B4B3-9404-48D7-9EB8-7F806A0B4187} URL = http://video.yahoo.com/search/?p={searchTerms}&fr=yie7c
SearchScopes: HKLM -> {8D4D6C01-1587-464C-9E02-49FAEA92558D} URL = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c
SearchScopes: HKLM -> {DABF3F79-F5F7-4420-9D83-B29B83AC6535} URL = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {0093B600-CD2E-4309-836A-7AA5C307738B} URL = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {04B09FAA-7168-4221-A49D-B55E5F7CE70A} URL =
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {07F36C07-FF2F-4531-BE55-F26D1A235EA0} URL = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {1D0D52FD-C895-4676-982C-359D1F7DD1C1} URL = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {5073B6F2-AAA8-4100-9AC9-E28CA6EFCBDB} URL = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {B4B3DE88-662E-45C0-906F-0560D0412A35} URL = http://video.yahoo.com/search/?p={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {CA5F7CB1-1981-48EC-BB1E-85778EA008C0} URL = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Archivos de programa\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Archivos de programa\Java\jre1.8.0_25\bin\ssv.dll [2015-01-20] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll [2015-08-07] (AVAST Software)
BHO: Windows Live Aplicación auxiliar de inicio de sesión -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Archivos de programa\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-10-12] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Archivos de programa\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-20] (Oracle Corporation)
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll [2010-04-16] (Microsoft Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll [2010-04-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
Toolbar: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll [2010-04-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.facebook.com/fbplug...?1270785264281
DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://alynurincolombia.spaces.live....d/MsnPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jin...ndows-i586.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll [2006-10-26] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll [2010-04-16] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Archivos de programa\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 190.157.8.33 181.48.0.231
Tcpip\..\Interfaces\{AF3BBFFC-A8DF-4F1A-94AF-72DD00BDC9FF}: [DhcpNameServer] 190.157.8.33 181.48.0.231
Tcpip\..\Interfaces\{F52352A1-530D-4161-915E-59956314A755}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\piwwtno3.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.google.com.co
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-19] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Archivos de programa\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-20] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Archivos de programa\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Archivos de programa\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Archivos de programa\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Archivos de programa\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-10-12] (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Archivos de programa\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Archivos de programa\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\Administrador\Datos de programa\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Archivos de programa\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Archivos de programa\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Archivos de programa\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1343024091-1425521274-725345543-500: @acestream.net/acestreamplugin,version=2.2.5-next -> C:\Documents and Settings\Administrador\Datos de programa\ACEStream\player\npace_plugin.dll [2014-06-13] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-1343024091-1425521274-725345543-500: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\Administrador\Datos de programa\Facebook\npfbplugin_1_0_3.dll [2010-03-06] ( )
FF Plugin HKU\S-1-5-21-1343024091-1425521274-725345543-500: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-18] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\npqtplugin.dll [2014-11-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\npqtplugin2.dll [2014-11-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\npqtplugin3.dll [2014-11-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\npqtplugin4.dll [2014-11-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\npqtplugin5.dll [2014-11-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
FF SearchPlugin: C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\piwwtno3.default\searchplugins\bingp.xml [2015-01-20]
FF SearchPlugin: C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\piwwtno3.default\searchplugins\live-search.xml [2009-05-19]
FF Extension: Yahoo! Toolbar - C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\piwwtno3.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2) [2013-05-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-01-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Archivos de programa\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Archivos de programa\AVAST Software\Avast\WebRep\FF [2015-08-07]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF ExtraCheck: C:\Archivos de programa\mozilla firefox\defaults\pref\itms.js [2015-07-09]
Chrome:
=======
CHR Profile: C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-18]
CHR Extension: (Google Search) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-18]
CHR Extension: (Heap Note) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\hkpiejadkdojdbfgfocaoahhbepnlpph [2013-06-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-18]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Archivos de programa\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-07]
CHR HKLM\...\Chrome\Extension: [okkbcpjgdooahcefofhjdpacngfecaaa] - C:\Archivos de programa\Lyrics_Fan\126.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device; C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744 2015-01-19] (Apple Inc.)
S3 AresChatServer; C:\Archivos de programa\Ares\chatServer.exe [263168 2007-03-19] (Ares Development Group) [File not signed]
R2 avast! Antivirus; C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-07] (AVAST Software)
R2 Bonjour Service; C:\Archivos de programa\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd) [File not signed]
R2 DragonUpdater; C:\Archivos de programa\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
S3 fsssvc; C:\Archivos de programa\Windows Live\Family Safety\fsssvc.exe [704872 2010-04-28] (Microsoft Corporation)
S2 gupdate; C:\Archivos de programa\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
S3 gupdatem; C:\Archivos de programa\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
S2 gusvc; C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-12] (Google)
R3 iPod Service; C:\Archivos de programa\iPod\bin\iPodService.exe [540968 2015-02-13] (Apple Inc.)
S2 MBAMService; C:\Archivos de programa\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MDM; C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MozillaMaintenance; C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe [148136 2015-07-09] (Mozilla Foundation)
S3 odserv; C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE [443776 2007-08-24] (Microsoft Corporation)
S3 ose; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 SeaPort; C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [226656 2009-01-14] (Microsoft Corp.)
S2 SkypeUpdate; C:\Archivos de programa\Skype\Updater\Updater.exe [327296 2015-06-25] (Skype Technologies)
S3 TuneUp.Defrag; C:\WINDOWS\System32\TuneUpDefragService.exe [355584 2014-07-25] (TuneUp Software GmbH)
S3 WMPNetworkSvc; C:\Archivos de programa\Windows Media Player\WMPNetwk.exe [916480 2006-11-03] (Microsoft Corporation)
R2 YahooAUService; C:\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392 2008-11-09] (Yahoo! Inc.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AMBFilt; C:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-08-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-08-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-08-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-08-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-08-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-08-07] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-08-07] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-08-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-08-07] (AVAST Software)
S3 BrScnUsb; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [15263 2003-12-19] (Brother Industries Ltd.) [File not signed]
S3 BrSerIf; C:\WINDOWS\System32\Drivers\BrSerIf.sys [51712 2004-06-12] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\WINDOWS\System32\Drivers\BrUsbSer.sys [11648 2004-01-10] (Brother Industries Ltd.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MonFilt; C:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R2 thdudf; C:\WINDOWS\System32\DRIVERS\thdudf.sys [66944 2006-11-11] (TOSHIBA Corporation) [File not signed]
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1617408 2009-11-25] (VIA Technologies, Inc.)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 AsrCDDrv; \??\C:\WINDOWS\system32\Drivers\AsrCDDrv.sys [X]
S3 MREMP50; \??\C:\ARCHIV~1\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\ARCHIV~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\ARCHIV~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\ARCHIV~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\ARCHIV~1\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\ARCHIV~1\COMMON~1\Motive\MRESP50a64.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-10 11:34 - 2015-08-10 11:35 - 00000000 ____D C:\FRST
2015-08-09 15:28 - 2015-08-10 11:09 - 00000238 _____ C:\WINDOWS\Tasks\Notificación de inicio de sesión de fin de servicio de Microsoft Windows XP.job
2015-08-09 15:28 - 2015-08-09 20:51 - 00000232 _____ C:\WINDOWS\Tasks\Notificación mensual de fin de servicio de Microsoft Windows XP.job
2015-08-08 21:17 - 2015-08-08 21:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2922229$
2015-08-08 21:17 - 2015-08-08 21:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2916036$
2015-08-08 21:16 - 2015-08-08 21:17 - 00001321 _____ C:\WINDOWS\updspapi.log
2015-08-08 21:16 - 2015-08-08 21:16 - 00005750 _____ C:\WINDOWS\KB2934207.log
2015-08-08 21:16 - 2015-08-08 21:16 - 00004813 _____ C:\WINDOWS\KB2904266.log
2015-08-08 21:16 - 2015-08-08 21:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2934207$
2015-08-08 21:16 - 2015-08-08 21:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2930275$
2015-08-08 21:16 - 2015-08-08 21:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2929961$
2015-08-08 21:16 - 2015-08-08 21:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2015-08-08 21:16 - 2015-08-08 21:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2015-08-08 21:02 - 2015-08-08 21:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2015-08-08 21:02 - 2015-08-08 21:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2015-08-08 20:47 - 2015-08-08 20:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2015-08-08 20:46 - 2015-08-08 20:47 - 00004332 _____ C:\WINDOWS\KB2914368.log
2015-08-08 20:03 - 2015-08-08 21:17 - 00010730 _____ C:\WINDOWS\KB2922229.log
2015-08-08 20:03 - 2015-08-08 21:17 - 00010543 _____ C:\WINDOWS\KB2916036.log
2015-08-08 20:03 - 2014-02-26 18:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2015-08-08 20:03 - 2014-02-26 18:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2015-08-08 19:58 - 2015-08-08 21:16 - 00009999 _____ C:\WINDOWS\KB2898715.log
2015-08-08 19:58 - 2015-08-08 21:16 - 00009591 _____ C:\WINDOWS\KB2930275.log
2015-08-08 19:58 - 2015-08-08 21:16 - 00008676 _____ C:\WINDOWS\KB2929961.log
2015-08-08 19:54 - 2015-08-08 21:02 - 00008399 _____ C:\WINDOWS\KB2893294.log
2015-08-08 19:53 - 2015-08-08 21:02 - 00007810 _____ C:\WINDOWS\KB2892075.log
2015-08-08 18:45 - 2015-08-08 18:45 - 00004444 _____ C:\WINDOWS\system32\pid.PNF
2015-08-08 11:07 - 2015-08-08 11:07 - 00010282 _____ C:\WINDOWS\DPINST.LOG
2015-08-07 22:57 - 2015-08-07 22:59 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-07 22:57 - 2015-08-07 22:57 - 00000826 _____ C:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk
2015-08-07 22:57 - 2015-08-07 22:57 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes Anti-Malware
2015-08-07 22:56 - 2015-08-07 22:57 - 00000000 ____D C:\Archivos de programa\Malwarebytes Anti-Malware
2015-08-07 22:56 - 2015-06-18 08:41 - 00121560 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-07 22:56 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-07 22:45 - 2015-08-07 22:45 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\AVAST Software
2015-08-07 22:42 - 2015-08-08 21:17 - 00072716 _____ C:\WINDOWS\iis6.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00068011 _____ C:\WINDOWS\FaxSetup.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00032516 _____ C:\WINDOWS\ocgen.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00031037 _____ C:\WINDOWS\tsoc.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00022649 _____ C:\WINDOWS\comsetup.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00021100 _____ C:\WINDOWS\msmqinst.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00013663 _____ C:\WINDOWS\ntdtcsetup.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00011913 _____ C:\WINDOWS\netfxocm.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00004675 _____ C:\WINDOWS\MedCtrOC.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00003762 _____ C:\WINDOWS\ocmsn.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00003421 _____ C:\WINDOWS\tabletoc.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00003399 _____ C:\WINDOWS\msgsocm.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00001355 _____ C:\WINDOWS\imsins.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00001355 _____ C:\WINDOWS\imsins.BAK
2015-08-07 22:42 - 2015-08-07 22:42 - 00001752 _____ C:\Documents and Settings\All Users\Escritorio\Avast Free Antivirus.lnk
2015-08-07 22:42 - 2015-08-07 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\AVAST Software
2015-08-07 22:41 - 2015-08-10 11:15 - 00000392 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-08-07 22:41 - 2015-08-10 11:05 - 00025546 _____ C:\WINDOWS\setupapi.log
2015-08-07 22:41 - 2015-08-07 22:42 - 00013202 _____ C:\WINDOWS\Wdf01009Inst.log
2015-08-07 22:41 - 2015-08-07 22:41 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-07 22:41 - 2015-08-07 22:41 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-07 22:41 - 2015-08-07 22:41 - 00161472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-08-07 22:41 - 2015-08-07 22:41 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-08-07 22:41 - 2015-08-07 22:41 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-07 22:41 - 2015-08-07 22:41 - 00000000 _____ C:\WINDOWS\setupact.log
2015-08-07 22:41 - 2015-08-07 22:40 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-08-07 22:41 - 2015-08-07 22:40 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-07 22:41 - 2015-08-07 22:40 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-07 22:41 - 2015-08-07 22:40 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-08-07 22:41 - 2015-08-07 22:40 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-07 22:41 - 2015-08-07 22:40 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-07 22:40 - 2015-08-07 22:40 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-07 22:27 - 2015-08-07 22:27 - 00000000 ____D C:\Archivos de programa\AVAST Software
2015-08-07 16:36 - 2015-08-07 16:36 - 00000000 ____D C:\Archivos de programa\Seagate
2015-08-07 16:33 - 2015-08-07 16:33 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Accessories
2015-08-07 15:41 - 2015-08-07 15:41 - 00000232 _____ C:\Documents and Settings\Administrador\Mis documentos\CheckDiskGUI.txt
2015-08-06 08:39 - 2015-08-06 08:39 - 00002006 _____ C:\Documents and Settings\Administrador\Escritorio\HP Deskjet 1510 series (2).lnk
2015-08-06 08:37 - 2015-08-08 01:11 - 00000000 ____D C:\Documents and Settings\Administrador\Escritorio\Accesos directos de escritorio no usados
2015-08-06 08:09 - 2015-08-06 08:09 - 00000000 ____D C:\Documents and Settings\Administrador\Mis documentos\BitTorrent Edition Music Collection - April 2011
2015-08-05 15:08 - 2015-08-05 15:08 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\HashCalc
2015-08-05 15:08 - 2015-08-05 15:08 - 00000000 ____D C:\Archivos de programa\HashCalc
2015-08-04 16:46 - 2015-08-04 16:46 - 00000791 _____ C:\Documents and Settings\All Users\Escritorio\InfraRecorder.lnk
2015-08-04 16:46 - 2015-08-04 16:46 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\InfraRecorder
2015-08-04 16:46 - 2015-08-04 16:46 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\InfraRecorder
2015-08-04 16:46 - 2015-08-04 16:46 - 00000000 ____D C:\Archivos de programa\InfraRecorder
2015-08-04 16:23 - 2015-08-04 16:23 - 00000000 ____D C:\Documents and Settings\Administrador\Mis documentos\Ashampoo Burning Studio 14
2015-08-04 15:10 - 2015-08-06 13:52 - 00000000 ____D C:\Documents and Settings\Administrador\Mis documentos\Payments
2015-08-04 12:15 - 2015-08-04 12:15 - 00002717 _____ C:\Documents and Settings\Administrador\Menú Inicio\BitTorrent.lnk
2015-08-04 12:12 - 2015-08-10 11:34 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\BitTorrent
2015-08-02 17:36 - 2015-08-10 11:11 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\ViberPC
2015-08-02 17:36 - 2015-08-02 17:36 - 00000989 _____ C:\Documents and Settings\Administrador\Menú Inicio\Programas\Viber.lnk
2015-08-02 17:36 - 2015-08-02 17:36 - 00000983 _____ C:\Documents and Settings\Administrador\Escritorio\Viber.lnk
2015-08-02 17:35 - 2015-08-10 11:10 - 00000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber
2015-07-31 20:37 - 2015-08-10 11:07 - 00000526 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2015-07-31 20:37 - 2015-07-31 20:37 - 00000000 ___RD C:\Documents and Settings\Administrador\Mis documentos\HP Photo Creations
2015-07-31 20:29 - 2015-07-31 20:37 - 00002045 _____ C:\Documents and Settings\Administrador\Escritorio\HP Photo Creations.lnk
2015-07-31 20:29 - 2015-07-31 20:29 - 00000000 ____D C:\Documents and Settings\Administrador\Menú Inicio\Programas\HP
2015-07-31 20:28 - 2015-07-31 20:37 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\HP Photo Creations
2015-07-31 20:28 - 2015-07-31 20:28 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\Visan
2015-07-30 17:33 - 2015-07-30 17:33 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\Visan
2015-07-30 17:33 - 2015-07-30 17:33 - 00000000 ____D C:\Archivos de programa\Hewlett-Packard
2015-07-30 17:32 - 2015-08-09 17:32 - 00000470 _____ C:\WINDOWS\Tasks\At3.job
2015-07-30 17:32 - 2015-08-08 20:40 - 00000470 _____ C:\WINDOWS\Tasks\At2.job
2015-07-30 17:32 - 2015-08-08 14:00 - 00000470 _____ C:\WINDOWS\Tasks\At4.job
2015-07-30 17:32 - 2015-08-07 10:10 - 00000470 _____ C:\WINDOWS\Tasks\At1.job
2015-07-30 17:32 - 2015-07-31 20:29 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\HP
2015-07-30 17:32 - 2012-12-15 19:47 - 02525368 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\HPScanTRDrv_DJ1510.dll
2015-07-30 17:32 - 2012-12-15 19:47 - 00417464 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPWia1_DJ1510.dll
2015-07-30 17:31 - 2012-12-15 19:47 - 00536760 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkstsc111.dll
2015-07-30 17:31 - 2012-12-15 19:47 - 00271032 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkstsc111LM.dll
2015-07-30 17:31 - 2012-12-15 19:47 - 00222904 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkcoic111.dll
2015-07-30 17:31 - 2012-12-15 17:45 - 02220216 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkinsc111.exe
2015-07-30 17:29 - 2015-07-30 17:29 - 00000057 _____ C:\Documents and Settings\All Users\Datos de programa\Ament.ini
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio\Programas\Herramientas administrativas
2015-07-24 14:30 - 2015-08-08 23:14 - 00000918 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-24 09:40 - 2015-07-30 12:37 - 00002347 _____ C:\Documents and Settings\All Users\Menú Inicio\Programas\Adobe Reader X.lnk
2015-07-24 09:39 - 2015-07-30 12:35 - 00000000 ____D C:\Archivos de programa\Archivos comunes\Adobe
2015-07-19 01:22 - 2015-07-24 14:30 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-19 01:22 - 2015-07-24 14:30 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-10 11:31 - 2013-01-10 00:08 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\Skype
2015-08-10 11:20 - 2008-10-07 20:48 - 00000471 _____ C:\WINDOWS\wiadebug.log
2015-08-10 11:18 - 2008-11-17 22:09 - 00000298 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-08-10 11:11 - 2008-10-08 02:52 - 01436989 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-10 11:10 - 2009-11-01 17:31 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-10 11:09 - 2009-11-01 17:31 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-10 11:09 - 2008-10-08 03:19 - 00000548 _____ C:\WINDOWS\Tasks\Mantenimiento con 1 clic.job
2015-08-10 11:09 - 2008-10-08 02:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-10 11:09 - 2008-10-07 20:48 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-08-10 11:09 - 2001-08-24 05:00 - 00002278 _____ C:\WINDOWS\system32\wpa.dbl
2015-08-10 11:08 - 2008-10-08 02:57 - 00032608 _____ C:\WINDOWS\SchedLgU.Txt
2015-08-10 11:08 - 2008-10-08 02:57 - 00000192 ___SH C:\Documents and Settings\Administrador\ntuser.ini
2015-08-09 22:24 - 2008-10-07 20:46 - 00000000 ____D C:\Archivos de programa
2015-08-09 22:24 - 2008-10-07 20:45 - 00000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas
2015-08-09 22:24 - 2008-10-07 20:45 - 00000000 ____D C:\Documents and Settings\All Users\Escritorio
2015-08-09 21:46 - 2015-01-20 09:05 - 00000454 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2015-08-09 21:46 - 2015-01-20 09:05 - 00000454 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2015-08-09 15:34 - 2008-10-08 03:37 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-08-09 15:33 - 2015-01-20 09:05 - 00000454 _____ C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2015-08-09 15:18 - 2008-10-07 20:45 - 00317952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-08 23:41 - 2014-06-14 18:51 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\.ACEStream
2015-08-08 21:16 - 2013-12-03 22:31 - 00013068 _____ C:\WINDOWS\system32\TZLog.log
2015-08-08 21:14 - 2014-12-03 21:42 - 00478656 _____ C:\WINDOWS\system32\perfh0c0.dat
2015-08-08 21:14 - 2014-12-03 21:42 - 00075654 _____ C:\WINDOWS\system32\perfc0c0.dat
2015-08-08 21:14 - 2008-10-07 20:46 - 01350710 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-08 21:06 - 2014-10-31 13:37 - 00002307 _____ C:\Documents and Settings\All Users\Escritorio\Skype.lnk
2015-08-08 18:54 - 2008-10-08 02:57 - 00000000 __SHD C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet
2015-08-08 18:32 - 2008-10-08 02:57 - 00000000 ___RD C:\Documents and Settings\Administrador\Mis documentos
2015-08-08 18:22 - 2008-10-08 15:47 - 00002507 _____ C:\Documents and Settings\Administrador\Escritorio\Microsoft Office Word 2007.lnk
2015-08-08 16:10 - 2008-10-08 02:57 - 00000000 ___HD C:\Documents and Settings\Administrador\Configuración local\Datos de programa
2015-08-08 12:47 - 2009-01-29 17:51 - 00000972 _____ C:\WINDOWS\Tasks\Google Software Updater.job
2015-08-07 23:32 - 2008-10-07 20:45 - 00000000 ___HD C:\Documents and Settings\All Users\Datos de programa
2015-08-07 22:45 - 2008-10-08 02:57 - 00000000 ___HD C:\Documents and Settings\Administrador\Datos de programa
2015-08-07 22:42 - 2011-12-18 08:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-08-07 22:30 - 2009-01-31 23:42 - 00000000 ____D C:\Archivos de programa\SUPERAntiSpyware
2015-08-07 22:30 - 2008-10-07 20:45 - 00000000 ___RD C:\Documents and Settings\All Users\Menú Inicio
2015-08-07 22:27 - 2008-10-08 02:57 - 00000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio\Programas
2015-08-07 22:25 - 2008-10-07 20:45 - 00000000 ___RD C:\Documents and Settings\All Users\Documentos
2015-08-07 22:24 - 2013-05-24 09:15 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\AVAST Software
2015-08-07 19:35 - 2015-03-10 20:59 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\Package Cache
2015-08-07 19:19 - 2008-10-08 02:57 - 00000000 ____D C:\Documents and Settings\Administrador
2015-08-07 16:35 - 2008-10-08 02:57 - 00000000 ____D C:\Documents and Settings\Administrador\Escritorio
2015-08-07 15:47 - 2008-10-08 02:57 - 00000000 ___RD C:\Documents and Settings\Administrador\Mis documentos\Mis imágenes
2015-08-06 19:00 - 2009-08-29 22:55 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\HpUpdate
2015-08-06 13:17 - 2013-01-10 00:08 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\Skype
2015-08-04 22:30 - 2013-02-23 09:32 - 00973590 _____ C:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-S-1-5-21-1343024091-1425521274-725345543-500-0.dat
2015-08-04 22:30 - 2013-02-22 20:12 - 00237590 _____ C:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-System.dat
2015-08-04 20:13 - 2010-02-16 21:20 - 00001874 _____ C:\Documents and Settings\All Users\Escritorio\Google Chrome.lnk
2015-08-04 12:15 - 2008-10-08 02:57 - 00000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio
2015-08-03 22:10 - 2011-07-15 14:16 - 00001984 _____ C:\WINDOWS\system32\d3d9caps.dat
2015-08-03 21:06 - 2008-11-01 13:25 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-03 21:06 - 2008-10-08 03:27 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2015-08-03 08:33 - 2013-11-11 13:15 - 00000000 ____D C:\Archivos de programa\LG Electronics
2015-08-03 08:32 - 2013-12-26 22:49 - 00000806 _____ C:\Documents and Settings\All Users\Menú Inicio\LG PC Suite.Lnk
2015-08-03 08:32 - 2013-11-21 21:20 - 00000806 _____ C:\Documents and Settings\All Users\Escritorio\LG PC Suite.Lnk
2015-08-03 08:32 - 2013-11-11 13:16 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\LG PC Suite
2015-07-30 19:28 - 2014-11-07 12:52 - 00000000 ____D C:\FreeOCR
2015-07-30 19:21 - 2008-10-08 03:18 - 00000000 ____D C:\Archivos de programa\CyberLink
2015-07-30 19:21 - 2008-10-07 20:46 - 00000000 ____D C:\Archivos de programa\Archivos comunes
2015-07-30 17:58 - 2014-10-05 07:58 - 03399577 _____ C:\lxceunst.csv
2015-07-30 17:57 - 2012-05-23 13:57 - 00477662 _____ C:\lxcescan.log
2015-07-30 17:35 - 2008-10-08 02:57 - 00000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio\Programas\Inicio
2015-07-30 17:29 - 2008-10-09 19:51 - 00000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP
2015-07-30 17:29 - 2008-10-08 17:04 - 00000000 ____D C:\Archivos de programa\HP
2015-07-30 15:55 - 2009-06-02 14:15 - 00000000 ____D C:\Archivos de programa\Lx_cats
2015-07-30 13:57 - 2008-10-24 16:47 - 00000000 ___RD C:\Documents and Settings\Administrador\Mis documentos\Mis vídeos
2015-07-30 12:27 - 2009-02-27 20:05 - 00057856 _____ C:\Documents and Settings\Administrador\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-30 07:56 - 2008-10-08 03:16 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\Adobe
2015-07-29 22:14 - 2014-08-15 14:40 - 00000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Adobe
2015-07-29 22:14 - 2009-11-02 20:36 - 00000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Temp
2015-07-29 22:14 - 2008-10-08 18:12 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\Adobe
2015-07-29 22:13 - 2008-10-09 20:24 - 00000000 ____D C:\Documents and Settings\Administrador\Mis documentos\Mis archivos recibidos
2015-07-27 11:18 - 2008-10-08 02:56 - 00000000 __SHD C:\Documents and Settings\NetworkService\Configuración local\Archivos temporales de Internet
2015-07-26 18:05 - 2008-10-08 03:31 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2015-07-26 18:02 - 2008-10-08 02:57 - 00000000 __SHD C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet
2015-07-24 09:39 - 2008-10-08 03:16 - 00000000 ____D C:\Archivos de programa\Adobe
2015-07-19 00:48 - 2009-09-21 21:45 - 00000000 ____D C:\Documents and Settings\Administrador\Mis documentos\Descargas
2015-07-15 10:11 - 2013-05-24 09:22 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Google Drive
2015-07-11 14:50 - 2015-07-09 15:43 - 00000000 ____D C:\Archivos de programa\Mozilla Firefox
2015-07-11 14:50 - 2012-06-06 21:45 - 00000000 ____D C:\Archivos de programa\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2010-11-21 19:14 - 2010-11-21 19:14 - 0000036 ____H () C:\Documents and Settings\Administrador\Datos de programa\swk.ini
2009-02-27 20:05 - 2015-07-30 12:27 - 0057856 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-10-09 19:50 - 2008-10-09 19:50 - 0000142 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\fusioncache.dat
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
Some files in TEMP:
====================
C:\Documents and Settings\Administrador\Configuración local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-08-2015
Ran by Administrador (2015-08-10 11:36:19)
Running from C:\Documents and Settings\Administrador\Mis documentos\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1343024091-1425521274-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrador
Asistente de ayuda (S-1-5-21-1343024091-1425521274-725345543-1000 - Limited - Disabled)
ASPNET (S-1-5-21-1343024091-1425521274-725345543-1004 - Limited - Enabled)
Invitado (S-1-5-21-1343024091-1425521274-725345543-501 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1343024091-1425521274-725345543-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: PC Cleaner Pro (Disabled - Up to date) {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (Version: - Microsoft) Hidden
7art Astro Clock © 2008 by 7art-screensavers.com (HKLM\...\7art Astro Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com SoftWare Development Studio)
Ace Stream Media 2.2.5-next (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\AceStream) (Version: 2.2.5-next - Ace Stream Media) <==== ATTENTION
Actualización de seguridad para Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Actualización para Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Actualización para Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.0.303.433 - ALPS ELECTRIC CO., LTD.)
Apple Application Support (32 bits) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ares 2.0.9 (HKLM\...\Ares) (Version: 2.0.9-Build#3030 - Ares Development Group)
Ashampoo Burning Studio 14 (HKLM\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 8.09 (HKLM\...\Ashampoo Burning Studio 8_is1) (Version: 8.0.9 - ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software)
Barra de herramientas de Outlook de Windows Live (Windows Live Toolbar) (Version: 03.01.0072 - Microsoft Corporation) Hidden
Bejeweled Blitz (HKLM\...\Bejeweled Blitz) (Version: - PopCap Games)
BitTorrent (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\BitTorrent) (Version: 7.9.3.40761 - BitTorrent Inc.)
Bloqueador de ventanas emergentes (Windows Live Toolbar) (Version: 03.01.0072 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 43.3.3.185 - Comodo)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compresor WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Detector de suministros de Windows Live Toolbar (Windows Live Toolbar) (Version: 03.01.0073 - Microsoft Corporation) Hidden
Diner Dash 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115375127}) (Version: - Oberon Media)
DWG TrueView 2008 (HKLM\...\DWG TrueView 2008) (Version: 17.1.65.0 - )
DWG TrueView 2008 (Version: 17.1.65.0 - Autodesk) Hidden
Estudio para la mejora del producto HP Deskjet 1510 series (HKLM\...\{05D7F10A-A9BC-418F-911A-44E22A9B00F2}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Extensión de Windows Live Toolbar (Windows Live Toolbar) (Version: 03.01.0072 - Microsoft Corporation) Hidden
Facebook Plug-In (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Galería fotográfica de Windows Live (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Drive (HKLM\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
HashCalc 2.02 (HKLM\...\HashCalc_is1) (Version: - SlavaSoft Inc.)
HDView for Internet Explorer (HKLM\...\{FCC3BD6A-F118-475D-8748-7EE08EA0AF56}) (Version: 1.0.20 - Microsoft Research)
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Deskjet 1510 series Ayuda (HKLM\...\{6E20FBAA-BCB2-4429-A9A9-C8EED1254BE4}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 1510 series Software básico del dispositivo (HKLM\...\{0368A88C-B63A-44D5-ABD0-44EBE0F32777}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Photo Creations (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\HP Photo Creations) (Version: 1.0.0.18922 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
InfraRecorder (HKLM\...\InfraRecorder) (Version: - Christian Kindahl)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
InterActual Player (HKLM\...\InterActual Player) (Version: - )
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 5.7.0 (HKLM\...\KLiteCodecPack_is1) (Version: 5.7.0 - )
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Menús inteligentes (Windows Live Toolbar) (Version: 03.01.0072 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Spanish Language Pack (HKLM\...\{83169D43-4660-4347-BC95-E9D6E6BE65CE}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN (HKLM\...\{85AC0FFA-643D-3103-9310-7086ECB0C36C}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN (HKLM\...\{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0C0A-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM\...\STANDARD) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Student con Encarta Premium 2008 (HKLM\...\{08141881-FCA5-44A7-B863-D66037A16AAF}) (Version: 2008 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 es-ES) (HKLM\...\Mozilla Firefox 39.0 (x86 es-ES)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MP4 Player (HKLM\...\MP4 Player) (Version: - )
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Nero 8 Lite 8.1.1.3 (HKLM\...\Nero8Lite_is1) (Version: 8.1.1.3 - Updatepack.nl)
OneCare Advisor (Windows Live Toolbar) (Version: 03.00.2050 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - esn) (Version: - Microsoft Corporation)
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (HKLM\...\Microsoft .NET Framework 4 Client Profile ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PhotoFiltre (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\PhotoFiltre) (Version: - )
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Print Perfect Greeting Cards Deluxe (HKLM\...\{1A8727D8-90A5-4D4B-981F-7323875E8DD4}) (Version: 9.0.10 - Cosmi Corporation)
Puzzle Express (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}) (Version: - Oberon Media)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.13.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5519 - Realtek Semiconductor Corp.)
Reproductor de Windows Media 11 (HKLM\...\Windows Media Player) (Version: - )
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Shutterfly Express Uploader (HKLM\...\com.Shutterfly.ExpressUploader) (Version: 1.2.0.0 - Shutterfly, Inc.)
Shutterfly Express Uploader (Version: 1.2.0 - Shutterfly, Inc.) Hidden
Skype™ 7.7 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TuneUp Utilities 2008 (HKLM\...\{5888428E-699C-4E71-BF71-94EE06B497DA}) (Version: 7.0.8004 - TuneUp Software)
VIA Administrador de dispositivos de plataforma (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Viber (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Viber) (Version: 5.0.1.42 - Viber Media Inc)
VideoLAN VLC media player 0.8.6d (HKLM\...\VLC media player) (Version: 0.8.6d - VideoLAN Team)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp AudioPlayer (HKLM\...\{5643BB6D-14ED-4EF4-AB38-4F9CD208674C}) (Version: 5.3.5.1305 - Nullsoft, Inc.)
Windows Essentials Media Codec Pack 4.0 [32-Bit] (HKLM\...\Windows Essentials Media Codec Pack) (Version: 4.0 - Media Codec)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Live Asistente para el inicio de sesión (HKLM\...\{7593234B-2AEB-4FC9-B02D-C9B30D86084C}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Favorites para Windows Live Toolbar (HKLM\...\{DCE65B11-710D-4C54-9DE5-1A6A0BD2186B}) (Version: 03.01.0072 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden
XP Codec Pack (HKLM\...\XP Codec Pack) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Documents and Settings\Administrador\Datos de programa\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Archivos de programa\DWG TrueView 2008\DWGVIEWRficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{591E5416-DDC3-45E6-BE9D-C40D0B418F6E}\localserver32 -> C:\Archivos de programa\DWG TrueView 2008\DWGVIEWR.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Archivos de programa\DWG TrueView 2008\DWGVIEWR.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Documents and Settings\Administrador\Datos de programa\HP Photo Creations\RLPNUpload.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\Administrador\Datos de programa\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Documents and Settings\Administrador\Datos de programa\HP Photo Creations\ContentMan.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Documents and Settings\Administrador\Datos de programa\HP Photo Creations\RocketEngine.dll (Visan inc.)
==================== Restore Points =========================
30-07-2015 18:36:30 Punto de control del sistema
30-07-2015 19:20:41 Configurado PowerDVD
02-08-2015 20:00:52 Punto de control del sistema
03-08-2015 08:34:00 Install LG UNITED Drivers
04-08-2015 13:40:34 Punto de control del sistema
05-08-2015 17:35:57 Punto de control del sistema
07-08-2015 11:45:22 Punto de control del sistema
07-08-2015 16:33:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
07-08-2015 16:36:52 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
07-08-2015 22:27:41 avast! antivirus system restore point
07-08-2015 22:42:10 Installed Windows XP Wdf01009.
08-08-2015 11:07:44 Removed PC Connectivity Solution
08-08-2015 20:46:44 Software Distribution Service 3.0
09-08-2015 01:04:52 Software Distribution Service 3.0
09-08-2015 17:48:50 Software Distribution Service 3.0
09-08-2015 21:00:15 Software Distribution Service 3.0
09-08-2015 23:32:36 Software Distribution Service 3.0
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2001-08-24 05:00 - 2001-08-24 05:00 - 00000792 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Archivos de programa\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At2.job => C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At3.job => C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At4.job => C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Archivos de programa\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => 0x01050100EC03B8E5EEE8274D8F7B72A360228AA646009401000000003C000500200000000 014730F0000000003130400F000882100000000000000000000000000000000000045004300 3A005C004100720063006800690076006F0073002000640065002000700072006F006700720 061006D0061005C0043004F004D004F0044004F005C0043004F004D004F0044004F00200049 006E007400650072006E00650074002000530065006300750072006900740079005C0063006 600700063006F006E00660067002E00650078006500000038002D002D006C00610075006E00 630068005300630068006500640075006C00650020007B00300046004200370037003600370 034002D0037003900300035002D0034004600330034002D0041003300360032002D00430035 0041003900410032003600460038004300460039007D00000000001F0043004F004D004F004 4004F00200053006500630075007200690074007900200053006F006C007500740069006F00 6E007300200049006E0063002E0000000000000008000F13048000000000010030000000DF0 701001400000000000000090005000000000000000000000000000500000001000000000000 0000000000
Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Archivos de programa\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Archivos de programa\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Archivos de programa\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Archivos de programa\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Archivos de programa\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Documents and Settings\Administrador\Datos de programa\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\Mantenimiento con 1 clic.job => C:\Archivos de programa\TuneUp Utilities 2008\OneClickStarter.exe
Task: C:\WINDOWS\Tasks\Notificación de inicio de sesión de fin de servicio de Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Notificación mensual de fin de servicio de Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (Whitelisted) ==============
2015-08-07 22:40 - 2015-08-07 22:40 - 00102864 _____ () C:\Archivos de programa\AVAST Software\Avast\log.dll
2015-08-07 22:40 - 2015-08-07 22:40 - 00123976 _____ () C:\Archivos de programa\AVAST Software\Avast\JsonRpcServer.dll
2015-08-10 10:45 - 2015-08-10 10:45 - 02960384 _____ () C:\Archivos de programa\AVAST Software\Avast\defs\15081002\algo.dll
2009-06-02 14:15 - 2005-03-16 04:08 - 00032768 _____ () C:\WINDOWS\system32\LXPRMON.DLL
2015-03-11 13:20 - 2011-02-28 17:37 - 00180624 _____ () C:\WINDOWS\system32\Primomonnt.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\libxml2.dll
2015-08-07 22:40 - 2015-08-07 22:40 - 40540672 _____ () C:\Archivos de programa\AVAST Software\Avast\libcef.dll
2004-08-19 15:42 - 2008-04-14 07:48 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2007-05-23 13:01 - 2007-05-23 13:01 - 00269080 _____ () C:\Archivos de programa\Archivos comunes\Microsoft Shared\Reference 2008\ERSREGPR.DLL
2007-05-23 13:01 - 2007-05-23 13:01 - 00228120 _____ () C:\Archivos de programa\Archivos comunes\Microsoft Shared\Reference 2008\MSENCDAT.DLL
2007-05-23 13:01 - 2007-05-23 13:01 - 00178968 _____ () C:\Archivos de programa\Archivos comunes\Microsoft Shared\Reference 2008\ENCCONT.DLL
2007-05-23 13:01 - 2007-05-23 13:01 - 00351000 _____ () C:\Archivos de programa\Archivos comunes\Microsoft Shared\Reference 2008\MSENCXML.DLL
2007-05-23 13:00 - 2007-05-23 13:00 - 00068376 _____ () C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICTEIT.EBK
2015-08-02 17:35 - 2015-02-25 08:37 - 00776400 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\Viber.exe
2015-08-02 17:36 - 2015-02-25 08:36 - 49469440 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\libViber.dll
2015-08-02 17:36 - 2015-01-09 06:54 - 00769024 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\libGLESv2.dll
2015-08-02 17:36 - 2015-02-25 08:13 - 00104448 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\qfacebook.dll
2015-08-02 17:35 - 2015-02-25 08:13 - 00171008 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\exif.dll
2015-08-02 17:36 - 2014-06-30 02:11 - 00047104 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\libEGL.dll
2015-08-02 17:36 - 2014-08-20 10:13 - 00875008 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\platforms\qwindows.dll
2015-08-02 17:36 - 2014-06-30 02:17 - 00021504 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qgif.dll
2015-08-02 17:36 - 2014-06-30 02:17 - 00020992 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qico.dll
2015-08-02 17:36 - 2014-06-30 02:17 - 00204800 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qjpeg.dll
2015-08-02 17:36 - 2014-06-30 02:20 - 00218112 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qmng.dll
2015-08-02 17:36 - 2014-06-30 02:18 - 00015872 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qsvg.dll
2015-08-02 17:36 - 2014-06-30 02:20 - 00015360 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qtga.dll
2015-08-02 17:36 - 2014-06-30 02:21 - 00307712 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qtiff.dll
2015-08-02 17:36 - 2014-06-30 02:20 - 00014848 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qwbmp.dll
2015-08-02 17:36 - 2014-06-30 02:17 - 00635392 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\sqldrivers\qsqlite.dll
2015-08-02 17:36 - 2014-06-30 02:18 - 00026624 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\iconengines\qsvgicon.dll
2015-08-04 20:13 - 2015-07-31 01:19 - 16308040 _____ () C:\Archivos de programa\Google\Chrome\Application\44.0.2403.130\PepperFlash\pepflashplayer .dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Datos de programa\TEMP:0971B5CA
AlternateDataStreams: C:\Documents and Settings\All Users\Datos de programa\TEMP:C46995DA
AlternateDataStreams: C:\Documents and Settings\All Users\Datos de programa\TEMP:DCAF903C
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\microsoft.com -> hxxps://oas.support.microsoft.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1343024091-1425521274-725345543-500\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 190.157.8.33 - 181.48.0.231
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Inicio rápido de HP Photosmart Premier.lnk => C:\WINDOWS\pss\Inicio rápido de HP Photosmart Premier.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Start GeekBuddy.lnk => C:\WINDOWS\pss\Start GeekBuddy.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Status Monitor.lnk => C:\WINDOWS\pss\Status Monitor.lnkCommon Startup
MSCONFIG\startupreg: AceStream => C:\Documents and Settings\Administrador\Datos de programa\ACEStream\engine\ace_engine.exe
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE
MSCONFIG\startupreg: APSDaemon => "C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ares => "C:\Archivos de programa\Ares\Ares.exe" -h
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Archivos de programa\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: COMODO Internet Security => C:\Archivos de programa\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: ControlCenter2.0 => C:\Archivos de programa\Brother\ControlCenter2\brctrcen.exe /autorun
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: EzPrint => "C:\Archivos de programa\Lexmark 4300 Series\ezprint.exe"
MSCONFIG\startupreg: FaxCenterServer => "C:\Archivos de programa\Lexmark Fax Solutions\fm3032.exe" /s
MSCONFIG\startupreg: HDAudDeck => C:\Archivos de programa\VIA\VIAudioi\HDADeck\HDeck.exe 1
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IndexSearch => C:\Archivos de programa\ScanSoft\PaperPort\IndexSearch.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Archivos de programa\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: L08EXLRD_1088125 => "C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.EXE" -m
MSCONFIG\startupreg: L08EXLRD_6187593 => "C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.EXE" -m
MSCONFIG\startupreg: L08EXLRD_951531 => "C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.EXE" -m
MSCONFIG\startupreg: lxcemon.exe => "C:\Archivos de programa\Lexmark 4300 Series\lxcemon.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\ARCHIV~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MSMSGS => "C:\Archivos de programa\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: msnmsgr => "C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PaperPort PTD => C:\Archivos de programa\ScanSoft\PaperPort\pptd40nt.exe
MSCONFIG\startupreg: PC Suite Tray => "C:\Archivos de programa\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Archivos de programa\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: PlusService => C:\Archivos de programa\Yuna Software\Messenger Plus!\PlusService.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Archivos de programa\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RemoteControl8 => "C:\Archivos de programa\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: SetDefPrt => C:\Archivos de programa\Brother\Brmfl04a\BrStDvPt.exe
MSCONFIG\startupreg: Sonic PDF Print Dispatcher => D:\PROGRAMS\Sonic PDF\3.0\itSONPrnDisp.exe
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Archivos de programa\Archivos comunes\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: swg => C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSCONFIG\startupreg: TelefonicaTelecom_McciTrayApp => "C:\Archivos de programa\TelefonicaTelecom\McciTrayApp.exe"
MSCONFIG\startupreg: tvncontrol => "C:\Archivos de programa\Archivos comunes\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: UpdateFlow.TelefonicaTelecom => C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE file://C:\Archivos de programa\TelefonicaTelecom\OfflineUpdate\redirector.htm
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
DomainProfile\AuthorizedApplications: [C:\Archivos de programa\CyberLink\PowerDVD8\PowerDVD8.exe] => Enabled:CyberLink PowerDVD 8.0
DomainProfile\AuthorizedApplications: [C:\Archivos de programa\MSN Messenger\livecall.exe] => Enabled:Windows Live Messenger 8.1 (Phone)
DomainProfile\AuthorizedApplications: [C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
DomainProfile\AuthorizedApplications: [C:\Archivos de programa\Windows Live\Sync\WindowsLiveSync.exe] => Enabled:Windows Live Sync
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\CyberLink\PowerDVD8\PowerDVD8.exe] => Enabled:CyberLink PowerDVD 8.0
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Microsoft Office\Office12\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Ares\Ares.exe] => Enabled:Ares p2p for windows
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Messenger\msmsgs.exe] => Enabled:Windows Messenger
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\MSN Messenger\livecall.exe] => Enabled:Windows Live Messenger 8.1 (Phone)
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Google\Google Earth\plugin\geplugin.exe] => Enabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe] => Enabled:Media Player Classic - Home Cinema
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Google\Google Earth\client\googleearth.exe] => Enabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Windows Live\Sync\WindowsLiveSync.exe] => Enabled:Windows Live Sync
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe] => Enabled:Yahoo! Messenger
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\StreamTorrent 1.0\StreamTorrent.exe] => Enabled:StreamTorrent Media Player
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\iCall\iCall.exe] => Enabled:iCall
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\FrostWire 5\FrostWire.exe] => Enabled:FrostWire
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Free Online TV\vlc\vlc.exe] => Enabled:VLC media player
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Bonjour\mDNSResponder.exe] => Enabled:Servicio Bonjour
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dpvsetup.exe] => Enabled:Microsoft DirectPlay Voice Test
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\rundll32.exe] => Enabled:Ejecutar un archivo DLL como una aplicación
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrador\Datos de programa\ACEStream\engine\ace_engine.exe] => Enabled:AceStream
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Advanced Driver Updater\adu.exe] => Enabled:AdvancedDriverUpdater
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrador\Datos de programa\Spotify\spotify.exe] => Enabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Archivos de programa\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\USBSetup.exe] => :LocalSubNet:Enabled:Configuración del dispositivo HP (HP Deskjet 1510 series)
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe] => :LocalSubNet:Enabled:Comunicador de red HP COM (HP Deskjet 1510 series)
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrador\Datos de programa\BitTorrent\BitTorrent.exe] => Enabled:BitTorrent (Administrador)
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
==================== Faulty Device Manager Devices =============
Name: Concentrador USB genérico
Description: Concentrador USB genérico
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Concentrador USB genérico)
Service: usbhub
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/09/2015 03:39:20 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Transactions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
Error: (08/09/2015 03:39:20 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
Error: (08/09/2015 03:39:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
Error: (08/09/2015 03:39:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
Error: (08/09/2015 03:39:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
Error: (08/09/2015 03:39:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Runtime.Remoting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
Error: (08/09/2015 03:39:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Runtime.Remoting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
Error: (08/09/2015 03:39:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
Error: (08/09/2015 03:39:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
Error: (08/09/2015 03:39:17 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Windows.Input.Manipulations, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
System errors:
=============
Error: (08/10/2015 11:17:08 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Intervalo de espera (30000 ms.) para la respuesta de transacción del servicio avast! Antivirus.
Error: (08/10/2015 10:58:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Intervalo de espera (30000 ms.) para la respuesta de transacción del servicio avast! Antivirus.
Error: (08/08/2015 01:06:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El controlador de inicialización siguiente no se cargó correctamente:
IntelIde
Error: (08/08/2015 01:06:00 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1
Error: (07/30/2015 02:37:59 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Error: (07/30/2015 02:37:58 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Error: (07/30/2015 02:37:57 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Error: (07/30/2015 02:37:47 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Error: (07/30/2015 02:37:46 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Error: (07/30/2015 02:37:45 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Microsoft Office:
=========================
Error: (02/14/2010 07:41:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz
Percentage of memory in use: 48%
Total physical RAM: 3062.23 MB
Available physical RAM: 1580.11 MB
Total Virtual: 5406.57 MB
Available Virtual: 4018.55 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:39.16 GB) (Free:5.66 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:109.88 GB) (Free:89.2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: B334B7C0)
Partition 1: (Active) - (Size=39.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=109.9 GB) - (Type=OF Extended)
==================== End of log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-08-2015
Ran by Administrador (administrator) on USUARIO-061D4ED (10-08-2015 11:35:20)
Running from C:\Documents and Settings\Administrador\Mis documentos\Downloads
Loaded Profiles: Administrador (Available Profiles: Administrador)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: Español (alfabetización internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe
(brother Industries Ltd) C:\WINDOWS\system32\brsvc01a.exe
(brother Industries Ltd) C:\WINDOWS\system32\brss01a.exe
(Microsoft Corporation) C:\WINDOWS\system32\WgaTray.exe
(Apple Inc.) C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Archivos de programa\Bonjour\mDNSResponder.exe
(Comodo) C:\Archivos de programa\Comodo\Dragon\dragon_updater.exe
(Microsoft Corporation) C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Yahoo! Inc.) C:\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Apple Inc.) C:\Archivos de programa\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Archivos de programa\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Archivos de programa\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.EXE
() C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\Viber.exe
(BitTorrent Inc.) C:\DOCUME~1\ADMINI~1\DATOSD~1\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Apple Inc.) C:\Archivos de programa\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [APSDaemon] => C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Archivos de programa\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe [998104 2015-07-07] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Archivos de programa\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-07] (AVAST Software)
HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Run: [Skype] => C:\Archivos de programa\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Run: [L08EXLRD_34474125] => C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.EXE [351000 2007-05-23] (Microsoft Corporation)
HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Run: [Viber] => C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\Viber.exe [776400 2015-02-25] ()
HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Run: [BitTorrent] => C:\Documents and Settings\Administrador\Datos de programa\BitTorrent\BitTorrent.exe [1998952 2015-08-04] (BitTorrent Inc.)
Startup: C:\Documents and Settings\Administrador\Menú Inicio\Programas\Inicio\Supervisar alertas de tinta - HP Deskjet 1510 series.lnk [2015-07-30]
ShortcutTarget: Supervisar alertas de tinta - HP Deskjet 1510 series.lnk -> C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Archivos de programa\AVAST Software\Avast\ashShell.dll [2015-08-07] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2007-02-11] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Archivos de programa\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
GroupPolicyScripts: Group Policy detected <======= ATTENTION
CHR HKU\S-1-5-21-1343024091-1425521274-725345543-500\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-1343024091-1425521274-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.msn.com/
HKU\S-1-5-21-1343024091-1425521274-725345543-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://es.msn.com/
HKU\S-1-5-21-1343024091-1425521274-725345543-500\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.com/
HKU\S-1-5-21-1343024091-1425521274-725345543-500\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {04B09FAA-7168-4221-A49D-B55E5F7CE70A} URL = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
SearchScopes: HKLM -> {3CCD0BDC-3256-4361-94EE-DB53D6C0D2D8} URL = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
SearchScopes: HKLM -> {8038A243-3327-4075-BEC6-ADA5D19F7CC3} URL = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c
SearchScopes: HKLM -> {8659B4B3-9404-48D7-9EB8-7F806A0B4187} URL = http://video.yahoo.com/search/?p={searchTerms}&fr=yie7c
SearchScopes: HKLM -> {8D4D6C01-1587-464C-9E02-49FAEA92558D} URL = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c
SearchScopes: HKLM -> {DABF3F79-F5F7-4420-9D83-B29B83AC6535} URL = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {0093B600-CD2E-4309-836A-7AA5C307738B} URL = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {04B09FAA-7168-4221-A49D-B55E5F7CE70A} URL =
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {07F36C07-FF2F-4531-BE55-F26D1A235EA0} URL = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {1D0D52FD-C895-4676-982C-359D1F7DD1C1} URL = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {5073B6F2-AAA8-4100-9AC9-E28CA6EFCBDB} URL = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {B4B3DE88-662E-45C0-906F-0560D0412A35} URL = http://video.yahoo.com/search/?p={searchTerms}&fr=yie7c
SearchScopes: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> {CA5F7CB1-1981-48EC-BB1E-85778EA008C0} URL = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Archivos de programa\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Archivos de programa\Java\jre1.8.0_25\bin\ssv.dll [2015-01-20] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll [2015-08-07] (AVAST Software)
BHO: Windows Live Aplicación auxiliar de inicio de sesión -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Archivos de programa\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-10-12] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Archivos de programa\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-20] (Oracle Corporation)
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll [2010-04-16] (Microsoft Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll [2010-04-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
Toolbar: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll [2010-04-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1343024091-1425521274-725345543-500 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.facebook.com/fbplug...?1270785264281
DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://alynurincolombia.spaces.live....d/MsnPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jin...ndows-i586.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll [2006-10-26] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2007-08-28] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll [2010-04-16] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Archivos de programa\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 190.157.8.33 181.48.0.231
Tcpip\..\Interfaces\{AF3BBFFC-A8DF-4F1A-94AF-72DD00BDC9FF}: [DhcpNameServer] 190.157.8.33 181.48.0.231
Tcpip\..\Interfaces\{F52352A1-530D-4161-915E-59956314A755}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\piwwtno3.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.google.com.co
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-19] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Archivos de programa\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-20] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Archivos de programa\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Archivos de programa\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Archivos de programa\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Archivos de programa\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-10-12] (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Archivos de programa\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Archivos de programa\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\Administrador\Datos de programa\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Archivos de programa\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Archivos de programa\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Archivos de programa\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1343024091-1425521274-725345543-500: @acestream.net/acestreamplugin,version=2.2.5-next -> C:\Documents and Settings\Administrador\Datos de programa\ACEStream\player\npace_plugin.dll [2014-06-13] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-1343024091-1425521274-725345543-500: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\Administrador\Datos de programa\Facebook\npfbplugin_1_0_3.dll [2010-03-06] ( )
FF Plugin HKU\S-1-5-21-1343024091-1425521274-725345543-500: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-18] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\npqtplugin.dll [2014-11-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\npqtplugin2.dll [2014-11-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\npqtplugin3.dll [2014-11-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\npqtplugin4.dll [2014-11-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\npqtplugin5.dll [2014-11-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Archivos de programa\mozilla firefox\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
FF SearchPlugin: C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\piwwtno3.default\searchplugins\bingp.xml [2015-01-20]
FF SearchPlugin: C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\piwwtno3.default\searchplugins\live-search.xml [2009-05-19]
FF Extension: Yahoo! Toolbar - C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\piwwtno3.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2) [2013-05-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-01-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Archivos de programa\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Archivos de programa\AVAST Software\Avast\WebRep\FF [2015-08-07]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF ExtraCheck: C:\Archivos de programa\mozilla firefox\defaults\pref\itms.js [2015-07-09]
Chrome:
=======
CHR Profile: C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-18]
CHR Extension: (Google Search) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-18]
CHR Extension: (Heap Note) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\hkpiejadkdojdbfgfocaoahhbepnlpph [2013-06-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-18]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Archivos de programa\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-07]
CHR HKLM\...\Chrome\Extension: [okkbcpjgdooahcefofhjdpacngfecaaa] - C:\Archivos de programa\Lyrics_Fan\126.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device; C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744 2015-01-19] (Apple Inc.)
S3 AresChatServer; C:\Archivos de programa\Ares\chatServer.exe [263168 2007-03-19] (Ares Development Group) [File not signed]
R2 avast! Antivirus; C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-07] (AVAST Software)
R2 Bonjour Service; C:\Archivos de programa\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd) [File not signed]
R2 DragonUpdater; C:\Archivos de programa\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
S3 fsssvc; C:\Archivos de programa\Windows Live\Family Safety\fsssvc.exe [704872 2010-04-28] (Microsoft Corporation)
S2 gupdate; C:\Archivos de programa\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
S3 gupdatem; C:\Archivos de programa\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
S2 gusvc; C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-12] (Google)
R3 iPod Service; C:\Archivos de programa\iPod\bin\iPodService.exe [540968 2015-02-13] (Apple Inc.)
S2 MBAMService; C:\Archivos de programa\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MDM; C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MozillaMaintenance; C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe [148136 2015-07-09] (Mozilla Foundation)
S3 odserv; C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE [443776 2007-08-24] (Microsoft Corporation)
S3 ose; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 SeaPort; C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [226656 2009-01-14] (Microsoft Corp.)
S2 SkypeUpdate; C:\Archivos de programa\Skype\Updater\Updater.exe [327296 2015-06-25] (Skype Technologies)
S3 TuneUp.Defrag; C:\WINDOWS\System32\TuneUpDefragService.exe [355584 2014-07-25] (TuneUp Software GmbH)
S3 WMPNetworkSvc; C:\Archivos de programa\Windows Media Player\WMPNetwk.exe [916480 2006-11-03] (Microsoft Corporation)
R2 YahooAUService; C:\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392 2008-11-09] (Yahoo! Inc.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AMBFilt; C:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-08-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-08-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-08-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-08-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-08-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-08-07] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-08-07] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-08-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-08-07] (AVAST Software)
S3 BrScnUsb; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [15263 2003-12-19] (Brother Industries Ltd.) [File not signed]
S3 BrSerIf; C:\WINDOWS\System32\Drivers\BrSerIf.sys [51712 2004-06-12] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\WINDOWS\System32\Drivers\BrUsbSer.sys [11648 2004-01-10] (Brother Industries Ltd.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MonFilt; C:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R2 thdudf; C:\WINDOWS\System32\DRIVERS\thdudf.sys [66944 2006-11-11] (TOSHIBA Corporation) [File not signed]
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1617408 2009-11-25] (VIA Technologies, Inc.)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 AsrCDDrv; \??\C:\WINDOWS\system32\Drivers\AsrCDDrv.sys [X]
S3 MREMP50; \??\C:\ARCHIV~1\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\ARCHIV~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\ARCHIV~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\ARCHIV~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\ARCHIV~1\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\ARCHIV~1\COMMON~1\Motive\MRESP50a64.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-10 11:34 - 2015-08-10 11:35 - 00000000 ____D C:\FRST
2015-08-09 15:28 - 2015-08-10 11:09 - 00000238 _____ C:\WINDOWS\Tasks\Notificación de inicio de sesión de fin de servicio de Microsoft Windows XP.job
2015-08-09 15:28 - 2015-08-09 20:51 - 00000232 _____ C:\WINDOWS\Tasks\Notificación mensual de fin de servicio de Microsoft Windows XP.job
2015-08-08 21:17 - 2015-08-08 21:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2922229$
2015-08-08 21:17 - 2015-08-08 21:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2916036$
2015-08-08 21:16 - 2015-08-08 21:17 - 00001321 _____ C:\WINDOWS\updspapi.log
2015-08-08 21:16 - 2015-08-08 21:16 - 00005750 _____ C:\WINDOWS\KB2934207.log
2015-08-08 21:16 - 2015-08-08 21:16 - 00004813 _____ C:\WINDOWS\KB2904266.log
2015-08-08 21:16 - 2015-08-08 21:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2934207$
2015-08-08 21:16 - 2015-08-08 21:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2930275$
2015-08-08 21:16 - 2015-08-08 21:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2929961$
2015-08-08 21:16 - 2015-08-08 21:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2015-08-08 21:16 - 2015-08-08 21:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2015-08-08 21:02 - 2015-08-08 21:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2015-08-08 21:02 - 2015-08-08 21:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2015-08-08 20:47 - 2015-08-08 20:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2015-08-08 20:46 - 2015-08-08 20:47 - 00004332 _____ C:\WINDOWS\KB2914368.log
2015-08-08 20:03 - 2015-08-08 21:17 - 00010730 _____ C:\WINDOWS\KB2922229.log
2015-08-08 20:03 - 2015-08-08 21:17 - 00010543 _____ C:\WINDOWS\KB2916036.log
2015-08-08 20:03 - 2014-02-26 18:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2015-08-08 20:03 - 2014-02-26 18:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2015-08-08 19:58 - 2015-08-08 21:16 - 00009999 _____ C:\WINDOWS\KB2898715.log
2015-08-08 19:58 - 2015-08-08 21:16 - 00009591 _____ C:\WINDOWS\KB2930275.log
2015-08-08 19:58 - 2015-08-08 21:16 - 00008676 _____ C:\WINDOWS\KB2929961.log
2015-08-08 19:54 - 2015-08-08 21:02 - 00008399 _____ C:\WINDOWS\KB2893294.log
2015-08-08 19:53 - 2015-08-08 21:02 - 00007810 _____ C:\WINDOWS\KB2892075.log
2015-08-08 18:45 - 2015-08-08 18:45 - 00004444 _____ C:\WINDOWS\system32\pid.PNF
2015-08-08 11:07 - 2015-08-08 11:07 - 00010282 _____ C:\WINDOWS\DPINST.LOG
2015-08-07 22:57 - 2015-08-07 22:59 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-07 22:57 - 2015-08-07 22:57 - 00000826 _____ C:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk
2015-08-07 22:57 - 2015-08-07 22:57 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes Anti-Malware
2015-08-07 22:56 - 2015-08-07 22:57 - 00000000 ____D C:\Archivos de programa\Malwarebytes Anti-Malware
2015-08-07 22:56 - 2015-06-18 08:41 - 00121560 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-07 22:56 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-07 22:45 - 2015-08-07 22:45 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\AVAST Software
2015-08-07 22:42 - 2015-08-08 21:17 - 00072716 _____ C:\WINDOWS\iis6.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00068011 _____ C:\WINDOWS\FaxSetup.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00032516 _____ C:\WINDOWS\ocgen.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00031037 _____ C:\WINDOWS\tsoc.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00022649 _____ C:\WINDOWS\comsetup.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00021100 _____ C:\WINDOWS\msmqinst.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00013663 _____ C:\WINDOWS\ntdtcsetup.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00011913 _____ C:\WINDOWS\netfxocm.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00004675 _____ C:\WINDOWS\MedCtrOC.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00003762 _____ C:\WINDOWS\ocmsn.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00003421 _____ C:\WINDOWS\tabletoc.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00003399 _____ C:\WINDOWS\msgsocm.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00001355 _____ C:\WINDOWS\imsins.log
2015-08-07 22:42 - 2015-08-08 21:17 - 00001355 _____ C:\WINDOWS\imsins.BAK
2015-08-07 22:42 - 2015-08-07 22:42 - 00001752 _____ C:\Documents and Settings\All Users\Escritorio\Avast Free Antivirus.lnk
2015-08-07 22:42 - 2015-08-07 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\AVAST Software
2015-08-07 22:41 - 2015-08-10 11:15 - 00000392 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-08-07 22:41 - 2015-08-10 11:05 - 00025546 _____ C:\WINDOWS\setupapi.log
2015-08-07 22:41 - 2015-08-07 22:42 - 00013202 _____ C:\WINDOWS\Wdf01009Inst.log
2015-08-07 22:41 - 2015-08-07 22:41 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-07 22:41 - 2015-08-07 22:41 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-07 22:41 - 2015-08-07 22:41 - 00161472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-08-07 22:41 - 2015-08-07 22:41 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-08-07 22:41 - 2015-08-07 22:41 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-07 22:41 - 2015-08-07 22:41 - 00000000 _____ C:\WINDOWS\setupact.log
2015-08-07 22:41 - 2015-08-07 22:40 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-08-07 22:41 - 2015-08-07 22:40 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-07 22:41 - 2015-08-07 22:40 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-07 22:41 - 2015-08-07 22:40 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-08-07 22:41 - 2015-08-07 22:40 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-07 22:41 - 2015-08-07 22:40 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-07 22:40 - 2015-08-07 22:40 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-07 22:27 - 2015-08-07 22:27 - 00000000 ____D C:\Archivos de programa\AVAST Software
2015-08-07 16:36 - 2015-08-07 16:36 - 00000000 ____D C:\Archivos de programa\Seagate
2015-08-07 16:33 - 2015-08-07 16:33 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Accessories
2015-08-07 15:41 - 2015-08-07 15:41 - 00000232 _____ C:\Documents and Settings\Administrador\Mis documentos\CheckDiskGUI.txt
2015-08-06 08:39 - 2015-08-06 08:39 - 00002006 _____ C:\Documents and Settings\Administrador\Escritorio\HP Deskjet 1510 series (2).lnk
2015-08-06 08:37 - 2015-08-08 01:11 - 00000000 ____D C:\Documents and Settings\Administrador\Escritorio\Accesos directos de escritorio no usados
2015-08-06 08:09 - 2015-08-06 08:09 - 00000000 ____D C:\Documents and Settings\Administrador\Mis documentos\BitTorrent Edition Music Collection - April 2011
2015-08-05 15:08 - 2015-08-05 15:08 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\HashCalc
2015-08-05 15:08 - 2015-08-05 15:08 - 00000000 ____D C:\Archivos de programa\HashCalc
2015-08-04 16:46 - 2015-08-04 16:46 - 00000791 _____ C:\Documents and Settings\All Users\Escritorio\InfraRecorder.lnk
2015-08-04 16:46 - 2015-08-04 16:46 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\InfraRecorder
2015-08-04 16:46 - 2015-08-04 16:46 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\InfraRecorder
2015-08-04 16:46 - 2015-08-04 16:46 - 00000000 ____D C:\Archivos de programa\InfraRecorder
2015-08-04 16:23 - 2015-08-04 16:23 - 00000000 ____D C:\Documents and Settings\Administrador\Mis documentos\Ashampoo Burning Studio 14
2015-08-04 15:10 - 2015-08-06 13:52 - 00000000 ____D C:\Documents and Settings\Administrador\Mis documentos\Payments
2015-08-04 12:15 - 2015-08-04 12:15 - 00002717 _____ C:\Documents and Settings\Administrador\Menú Inicio\BitTorrent.lnk
2015-08-04 12:12 - 2015-08-10 11:34 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\BitTorrent
2015-08-02 17:36 - 2015-08-10 11:11 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\ViberPC
2015-08-02 17:36 - 2015-08-02 17:36 - 00000989 _____ C:\Documents and Settings\Administrador\Menú Inicio\Programas\Viber.lnk
2015-08-02 17:36 - 2015-08-02 17:36 - 00000983 _____ C:\Documents and Settings\Administrador\Escritorio\Viber.lnk
2015-08-02 17:35 - 2015-08-10 11:10 - 00000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber
2015-07-31 20:37 - 2015-08-10 11:07 - 00000526 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2015-07-31 20:37 - 2015-07-31 20:37 - 00000000 ___RD C:\Documents and Settings\Administrador\Mis documentos\HP Photo Creations
2015-07-31 20:29 - 2015-07-31 20:37 - 00002045 _____ C:\Documents and Settings\Administrador\Escritorio\HP Photo Creations.lnk
2015-07-31 20:29 - 2015-07-31 20:29 - 00000000 ____D C:\Documents and Settings\Administrador\Menú Inicio\Programas\HP
2015-07-31 20:28 - 2015-07-31 20:37 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\HP Photo Creations
2015-07-31 20:28 - 2015-07-31 20:28 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\Visan
2015-07-30 17:33 - 2015-07-30 17:33 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\Visan
2015-07-30 17:33 - 2015-07-30 17:33 - 00000000 ____D C:\Archivos de programa\Hewlett-Packard
2015-07-30 17:32 - 2015-08-09 17:32 - 00000470 _____ C:\WINDOWS\Tasks\At3.job
2015-07-30 17:32 - 2015-08-08 20:40 - 00000470 _____ C:\WINDOWS\Tasks\At2.job
2015-07-30 17:32 - 2015-08-08 14:00 - 00000470 _____ C:\WINDOWS\Tasks\At4.job
2015-07-30 17:32 - 2015-08-07 10:10 - 00000470 _____ C:\WINDOWS\Tasks\At1.job
2015-07-30 17:32 - 2015-07-31 20:29 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\HP
2015-07-30 17:32 - 2012-12-15 19:47 - 02525368 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\HPScanTRDrv_DJ1510.dll
2015-07-30 17:32 - 2012-12-15 19:47 - 00417464 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPWia1_DJ1510.dll
2015-07-30 17:31 - 2012-12-15 19:47 - 00536760 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkstsc111.dll
2015-07-30 17:31 - 2012-12-15 19:47 - 00271032 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkstsc111LM.dll
2015-07-30 17:31 - 2012-12-15 19:47 - 00222904 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkcoic111.dll
2015-07-30 17:31 - 2012-12-15 17:45 - 02220216 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkinsc111.exe
2015-07-30 17:29 - 2015-07-30 17:29 - 00000057 _____ C:\Documents and Settings\All Users\Datos de programa\Ament.ini
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio\Programas\Herramientas administrativas
2015-07-24 14:30 - 2015-08-08 23:14 - 00000918 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-24 09:40 - 2015-07-30 12:37 - 00002347 _____ C:\Documents and Settings\All Users\Menú Inicio\Programas\Adobe Reader X.lnk
2015-07-24 09:39 - 2015-07-30 12:35 - 00000000 ____D C:\Archivos de programa\Archivos comunes\Adobe
2015-07-19 01:22 - 2015-07-24 14:30 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-19 01:22 - 2015-07-24 14:30 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-10 11:31 - 2013-01-10 00:08 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\Skype
2015-08-10 11:20 - 2008-10-07 20:48 - 00000471 _____ C:\WINDOWS\wiadebug.log
2015-08-10 11:18 - 2008-11-17 22:09 - 00000298 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-08-10 11:11 - 2008-10-08 02:52 - 01436989 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-10 11:10 - 2009-11-01 17:31 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-10 11:09 - 2009-11-01 17:31 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-10 11:09 - 2008-10-08 03:19 - 00000548 _____ C:\WINDOWS\Tasks\Mantenimiento con 1 clic.job
2015-08-10 11:09 - 2008-10-08 02:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-10 11:09 - 2008-10-07 20:48 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-08-10 11:09 - 2001-08-24 05:00 - 00002278 _____ C:\WINDOWS\system32\wpa.dbl
2015-08-10 11:08 - 2008-10-08 02:57 - 00032608 _____ C:\WINDOWS\SchedLgU.Txt
2015-08-10 11:08 - 2008-10-08 02:57 - 00000192 ___SH C:\Documents and Settings\Administrador\ntuser.ini
2015-08-09 22:24 - 2008-10-07 20:46 - 00000000 ____D C:\Archivos de programa
2015-08-09 22:24 - 2008-10-07 20:45 - 00000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas
2015-08-09 22:24 - 2008-10-07 20:45 - 00000000 ____D C:\Documents and Settings\All Users\Escritorio
2015-08-09 21:46 - 2015-01-20 09:05 - 00000454 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2015-08-09 21:46 - 2015-01-20 09:05 - 00000454 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2015-08-09 15:34 - 2008-10-08 03:37 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-08-09 15:33 - 2015-01-20 09:05 - 00000454 _____ C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2015-08-09 15:18 - 2008-10-07 20:45 - 00317952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-08 23:41 - 2014-06-14 18:51 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\.ACEStream
2015-08-08 21:16 - 2013-12-03 22:31 - 00013068 _____ C:\WINDOWS\system32\TZLog.log
2015-08-08 21:14 - 2014-12-03 21:42 - 00478656 _____ C:\WINDOWS\system32\perfh0c0.dat
2015-08-08 21:14 - 2014-12-03 21:42 - 00075654 _____ C:\WINDOWS\system32\perfc0c0.dat
2015-08-08 21:14 - 2008-10-07 20:46 - 01350710 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-08 21:06 - 2014-10-31 13:37 - 00002307 _____ C:\Documents and Settings\All Users\Escritorio\Skype.lnk
2015-08-08 18:54 - 2008-10-08 02:57 - 00000000 __SHD C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet
2015-08-08 18:32 - 2008-10-08 02:57 - 00000000 ___RD C:\Documents and Settings\Administrador\Mis documentos
2015-08-08 18:22 - 2008-10-08 15:47 - 00002507 _____ C:\Documents and Settings\Administrador\Escritorio\Microsoft Office Word 2007.lnk
2015-08-08 16:10 - 2008-10-08 02:57 - 00000000 ___HD C:\Documents and Settings\Administrador\Configuración local\Datos de programa
2015-08-08 12:47 - 2009-01-29 17:51 - 00000972 _____ C:\WINDOWS\Tasks\Google Software Updater.job
2015-08-07 23:32 - 2008-10-07 20:45 - 00000000 ___HD C:\Documents and Settings\All Users\Datos de programa
2015-08-07 22:45 - 2008-10-08 02:57 - 00000000 ___HD C:\Documents and Settings\Administrador\Datos de programa
2015-08-07 22:42 - 2011-12-18 08:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-08-07 22:30 - 2009-01-31 23:42 - 00000000 ____D C:\Archivos de programa\SUPERAntiSpyware
2015-08-07 22:30 - 2008-10-07 20:45 - 00000000 ___RD C:\Documents and Settings\All Users\Menú Inicio
2015-08-07 22:27 - 2008-10-08 02:57 - 00000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio\Programas
2015-08-07 22:25 - 2008-10-07 20:45 - 00000000 ___RD C:\Documents and Settings\All Users\Documentos
2015-08-07 22:24 - 2013-05-24 09:15 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\AVAST Software
2015-08-07 19:35 - 2015-03-10 20:59 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\Package Cache
2015-08-07 19:19 - 2008-10-08 02:57 - 00000000 ____D C:\Documents and Settings\Administrador
2015-08-07 16:35 - 2008-10-08 02:57 - 00000000 ____D C:\Documents and Settings\Administrador\Escritorio
2015-08-07 15:47 - 2008-10-08 02:57 - 00000000 ___RD C:\Documents and Settings\Administrador\Mis documentos\Mis imágenes
2015-08-06 19:00 - 2009-08-29 22:55 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\HpUpdate
2015-08-06 13:17 - 2013-01-10 00:08 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\Skype
2015-08-04 22:30 - 2013-02-23 09:32 - 00973590 _____ C:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-S-1-5-21-1343024091-1425521274-725345543-500-0.dat
2015-08-04 22:30 - 2013-02-22 20:12 - 00237590 _____ C:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-System.dat
2015-08-04 20:13 - 2010-02-16 21:20 - 00001874 _____ C:\Documents and Settings\All Users\Escritorio\Google Chrome.lnk
2015-08-04 12:15 - 2008-10-08 02:57 - 00000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio
2015-08-03 22:10 - 2011-07-15 14:16 - 00001984 _____ C:\WINDOWS\system32\d3d9caps.dat
2015-08-03 21:06 - 2008-11-01 13:25 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-03 21:06 - 2008-10-08 03:27 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2015-08-03 08:33 - 2013-11-11 13:15 - 00000000 ____D C:\Archivos de programa\LG Electronics
2015-08-03 08:32 - 2013-12-26 22:49 - 00000806 _____ C:\Documents and Settings\All Users\Menú Inicio\LG PC Suite.Lnk
2015-08-03 08:32 - 2013-11-21 21:20 - 00000806 _____ C:\Documents and Settings\All Users\Escritorio\LG PC Suite.Lnk
2015-08-03 08:32 - 2013-11-11 13:16 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\LG PC Suite
2015-07-30 19:28 - 2014-11-07 12:52 - 00000000 ____D C:\FreeOCR
2015-07-30 19:21 - 2008-10-08 03:18 - 00000000 ____D C:\Archivos de programa\CyberLink
2015-07-30 19:21 - 2008-10-07 20:46 - 00000000 ____D C:\Archivos de programa\Archivos comunes
2015-07-30 17:58 - 2014-10-05 07:58 - 03399577 _____ C:\lxceunst.csv
2015-07-30 17:57 - 2012-05-23 13:57 - 00477662 _____ C:\lxcescan.log
2015-07-30 17:35 - 2008-10-08 02:57 - 00000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio\Programas\Inicio
2015-07-30 17:29 - 2008-10-09 19:51 - 00000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP
2015-07-30 17:29 - 2008-10-08 17:04 - 00000000 ____D C:\Archivos de programa\HP
2015-07-30 15:55 - 2009-06-02 14:15 - 00000000 ____D C:\Archivos de programa\Lx_cats
2015-07-30 13:57 - 2008-10-24 16:47 - 00000000 ___RD C:\Documents and Settings\Administrador\Mis documentos\Mis vídeos
2015-07-30 12:27 - 2009-02-27 20:05 - 00057856 _____ C:\Documents and Settings\Administrador\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-30 07:56 - 2008-10-08 03:16 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\Adobe
2015-07-29 22:14 - 2014-08-15 14:40 - 00000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Adobe
2015-07-29 22:14 - 2009-11-02 20:36 - 00000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Temp
2015-07-29 22:14 - 2008-10-08 18:12 - 00000000 ____D C:\Documents and Settings\Administrador\Datos de programa\Adobe
2015-07-29 22:13 - 2008-10-09 20:24 - 00000000 ____D C:\Documents and Settings\Administrador\Mis documentos\Mis archivos recibidos
2015-07-27 11:18 - 2008-10-08 02:56 - 00000000 __SHD C:\Documents and Settings\NetworkService\Configuración local\Archivos temporales de Internet
2015-07-26 18:05 - 2008-10-08 03:31 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2015-07-26 18:02 - 2008-10-08 02:57 - 00000000 __SHD C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet
2015-07-24 09:39 - 2008-10-08 03:16 - 00000000 ____D C:\Archivos de programa\Adobe
2015-07-19 00:48 - 2009-09-21 21:45 - 00000000 ____D C:\Documents and Settings\Administrador\Mis documentos\Descargas
2015-07-15 10:11 - 2013-05-24 09:22 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Google Drive
2015-07-11 14:50 - 2015-07-09 15:43 - 00000000 ____D C:\Archivos de programa\Mozilla Firefox
2015-07-11 14:50 - 2012-06-06 21:45 - 00000000 ____D C:\Archivos de programa\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2010-11-21 19:14 - 2010-11-21 19:14 - 0000036 ____H () C:\Documents and Settings\Administrador\Datos de programa\swk.ini
2009-02-27 20:05 - 2015-07-30 12:27 - 0057856 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-10-09 19:50 - 2008-10-09 19:50 - 0000142 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\fusioncache.dat
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
Some files in TEMP:
====================
C:\Documents and Settings\Administrador\Configuración local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-08-2015
Ran by Administrador (2015-08-10 11:36:19)
Running from C:\Documents and Settings\Administrador\Mis documentos\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1343024091-1425521274-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrador
Asistente de ayuda (S-1-5-21-1343024091-1425521274-725345543-1000 - Limited - Disabled)
ASPNET (S-1-5-21-1343024091-1425521274-725345543-1004 - Limited - Enabled)
Invitado (S-1-5-21-1343024091-1425521274-725345543-501 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1343024091-1425521274-725345543-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: PC Cleaner Pro (Disabled - Up to date) {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (Version: - Microsoft) Hidden
7art Astro Clock © 2008 by 7art-screensavers.com (HKLM\...\7art Astro Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com SoftWare Development Studio)
Ace Stream Media 2.2.5-next (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\AceStream) (Version: 2.2.5-next - Ace Stream Media) <==== ATTENTION
Actualización de seguridad para Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Actualización para Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Actualización para Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.0.303.433 - ALPS ELECTRIC CO., LTD.)
Apple Application Support (32 bits) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ares 2.0.9 (HKLM\...\Ares) (Version: 2.0.9-Build#3030 - Ares Development Group)
Ashampoo Burning Studio 14 (HKLM\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 8.09 (HKLM\...\Ashampoo Burning Studio 8_is1) (Version: 8.0.9 - ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software)
Barra de herramientas de Outlook de Windows Live (Windows Live Toolbar) (Version: 03.01.0072 - Microsoft Corporation) Hidden
Bejeweled Blitz (HKLM\...\Bejeweled Blitz) (Version: - PopCap Games)
BitTorrent (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\BitTorrent) (Version: 7.9.3.40761 - BitTorrent Inc.)
Bloqueador de ventanas emergentes (Windows Live Toolbar) (Version: 03.01.0072 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 43.3.3.185 - Comodo)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compresor WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Detector de suministros de Windows Live Toolbar (Windows Live Toolbar) (Version: 03.01.0073 - Microsoft Corporation) Hidden
Diner Dash 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115375127}) (Version: - Oberon Media)
DWG TrueView 2008 (HKLM\...\DWG TrueView 2008) (Version: 17.1.65.0 - )
DWG TrueView 2008 (Version: 17.1.65.0 - Autodesk) Hidden
Estudio para la mejora del producto HP Deskjet 1510 series (HKLM\...\{05D7F10A-A9BC-418F-911A-44E22A9B00F2}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Extensión de Windows Live Toolbar (Windows Live Toolbar) (Version: 03.01.0072 - Microsoft Corporation) Hidden
Facebook Plug-In (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Galería fotográfica de Windows Live (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Drive (HKLM\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
HashCalc 2.02 (HKLM\...\HashCalc_is1) (Version: - SlavaSoft Inc.)
HDView for Internet Explorer (HKLM\...\{FCC3BD6A-F118-475D-8748-7EE08EA0AF56}) (Version: 1.0.20 - Microsoft Research)
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Deskjet 1510 series Ayuda (HKLM\...\{6E20FBAA-BCB2-4429-A9A9-C8EED1254BE4}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 1510 series Software básico del dispositivo (HKLM\...\{0368A88C-B63A-44D5-ABD0-44EBE0F32777}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Photo Creations (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\HP Photo Creations) (Version: 1.0.0.18922 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
InfraRecorder (HKLM\...\InfraRecorder) (Version: - Christian Kindahl)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
InterActual Player (HKLM\...\InterActual Player) (Version: - )
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 5.7.0 (HKLM\...\KLiteCodecPack_is1) (Version: 5.7.0 - )
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Menús inteligentes (Windows Live Toolbar) (Version: 03.01.0072 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Spanish Language Pack (HKLM\...\{83169D43-4660-4347-BC95-E9D6E6BE65CE}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN (HKLM\...\{85AC0FFA-643D-3103-9310-7086ECB0C36C}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN (HKLM\...\{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0C0A-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM\...\STANDARD) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Student con Encarta Premium 2008 (HKLM\...\{08141881-FCA5-44A7-B863-D66037A16AAF}) (Version: 2008 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 es-ES) (HKLM\...\Mozilla Firefox 39.0 (x86 es-ES)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MP4 Player (HKLM\...\MP4 Player) (Version: - )
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Nero 8 Lite 8.1.1.3 (HKLM\...\Nero8Lite_is1) (Version: 8.1.1.3 - Updatepack.nl)
OneCare Advisor (Windows Live Toolbar) (Version: 03.00.2050 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - esn) (Version: - Microsoft Corporation)
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (HKLM\...\Microsoft .NET Framework 4 Client Profile ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PhotoFiltre (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\PhotoFiltre) (Version: - )
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Print Perfect Greeting Cards Deluxe (HKLM\...\{1A8727D8-90A5-4D4B-981F-7323875E8DD4}) (Version: 9.0.10 - Cosmi Corporation)
Puzzle Express (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}) (Version: - Oberon Media)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.13.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5519 - Realtek Semiconductor Corp.)
Reproductor de Windows Media 11 (HKLM\...\Windows Media Player) (Version: - )
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Shutterfly Express Uploader (HKLM\...\com.Shutterfly.ExpressUploader) (Version: 1.2.0.0 - Shutterfly, Inc.)
Shutterfly Express Uploader (Version: 1.2.0 - Shutterfly, Inc.) Hidden
Skype™ 7.7 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TuneUp Utilities 2008 (HKLM\...\{5888428E-699C-4E71-BF71-94EE06B497DA}) (Version: 7.0.8004 - TuneUp Software)
VIA Administrador de dispositivos de plataforma (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Viber (HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\Viber) (Version: 5.0.1.42 - Viber Media Inc)
VideoLAN VLC media player 0.8.6d (HKLM\...\VLC media player) (Version: 0.8.6d - VideoLAN Team)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp AudioPlayer (HKLM\...\{5643BB6D-14ED-4EF4-AB38-4F9CD208674C}) (Version: 5.3.5.1305 - Nullsoft, Inc.)
Windows Essentials Media Codec Pack 4.0 [32-Bit] (HKLM\...\Windows Essentials Media Codec Pack) (Version: 4.0 - Media Codec)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Live Asistente para el inicio de sesión (HKLM\...\{7593234B-2AEB-4FC9-B02D-C9B30D86084C}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Favorites para Windows Live Toolbar (HKLM\...\{DCE65B11-710D-4C54-9DE5-1A6A0BD2186B}) (Version: 03.01.0072 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden
XP Codec Pack (HKLM\...\XP Codec Pack) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Documents and Settings\Administrador\Datos de programa\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Archivos de programa\DWG TrueView 2008\DWGVIEWRficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{591E5416-DDC3-45E6-BE9D-C40D0B418F6E}\localserver32 -> C:\Archivos de programa\DWG TrueView 2008\DWGVIEWR.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Archivos de programa\DWG TrueView 2008\DWGVIEWR.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Documents and Settings\Administrador\Datos de programa\HP Photo Creations\RLPNUpload.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\Administrador\Datos de programa\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Documents and Settings\Administrador\Datos de programa\HP Photo Creations\ContentMan.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-1343024091-1425521274-725345543-500_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Documents and Settings\Administrador\Datos de programa\HP Photo Creations\RocketEngine.dll (Visan inc.)
==================== Restore Points =========================
30-07-2015 18:36:30 Punto de control del sistema
30-07-2015 19:20:41 Configurado PowerDVD
02-08-2015 20:00:52 Punto de control del sistema
03-08-2015 08:34:00 Install LG UNITED Drivers
04-08-2015 13:40:34 Punto de control del sistema
05-08-2015 17:35:57 Punto de control del sistema
07-08-2015 11:45:22 Punto de control del sistema
07-08-2015 16:33:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
07-08-2015 16:36:52 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
07-08-2015 22:27:41 avast! antivirus system restore point
07-08-2015 22:42:10 Installed Windows XP Wdf01009.
08-08-2015 11:07:44 Removed PC Connectivity Solution
08-08-2015 20:46:44 Software Distribution Service 3.0
09-08-2015 01:04:52 Software Distribution Service 3.0
09-08-2015 17:48:50 Software Distribution Service 3.0
09-08-2015 21:00:15 Software Distribution Service 3.0
09-08-2015 23:32:36 Software Distribution Service 3.0
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2001-08-24 05:00 - 2001-08-24 05:00 - 00000792 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Archivos de programa\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At2.job => C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At3.job => C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At4.job => C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Archivos de programa\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => 0x01050100EC03B8E5EEE8274D8F7B72A360228AA646009401000000003C000500200000000 014730F0000000003130400F000882100000000000000000000000000000000000045004300 3A005C004100720063006800690076006F0073002000640065002000700072006F006700720 061006D0061005C0043004F004D004F0044004F005C0043004F004D004F0044004F00200049 006E007400650072006E00650074002000530065006300750072006900740079005C0063006 600700063006F006E00660067002E00650078006500000038002D002D006C00610075006E00 630068005300630068006500640075006C00650020007B00300046004200370037003600370 034002D0037003900300035002D0034004600330034002D0041003300360032002D00430035 0041003900410032003600460038004300460039007D00000000001F0043004F004D004F004 4004F00200053006500630075007200690074007900200053006F006C007500740069006F00 6E007300200049006E0063002E0000000000000008000F13048000000000010030000000DF0 701001400000000000000090005000000000000000000000000000500000001000000000000 0000000000
Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Archivos de programa\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Archivos de programa\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Archivos de programa\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Archivos de programa\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Archivos de programa\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Documents and Settings\Administrador\Datos de programa\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\Mantenimiento con 1 clic.job => C:\Archivos de programa\TuneUp Utilities 2008\OneClickStarter.exe
Task: C:\WINDOWS\Tasks\Notificación de inicio de sesión de fin de servicio de Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Notificación mensual de fin de servicio de Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (Whitelisted) ==============
2015-08-07 22:40 - 2015-08-07 22:40 - 00102864 _____ () C:\Archivos de programa\AVAST Software\Avast\log.dll
2015-08-07 22:40 - 2015-08-07 22:40 - 00123976 _____ () C:\Archivos de programa\AVAST Software\Avast\JsonRpcServer.dll
2015-08-10 10:45 - 2015-08-10 10:45 - 02960384 _____ () C:\Archivos de programa\AVAST Software\Avast\defs\15081002\algo.dll
2009-06-02 14:15 - 2005-03-16 04:08 - 00032768 _____ () C:\WINDOWS\system32\LXPRMON.DLL
2015-03-11 13:20 - 2011-02-28 17:37 - 00180624 _____ () C:\WINDOWS\system32\Primomonnt.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\libxml2.dll
2015-08-07 22:40 - 2015-08-07 22:40 - 40540672 _____ () C:\Archivos de programa\AVAST Software\Avast\libcef.dll
2004-08-19 15:42 - 2008-04-14 07:48 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2007-05-23 13:01 - 2007-05-23 13:01 - 00269080 _____ () C:\Archivos de programa\Archivos comunes\Microsoft Shared\Reference 2008\ERSREGPR.DLL
2007-05-23 13:01 - 2007-05-23 13:01 - 00228120 _____ () C:\Archivos de programa\Archivos comunes\Microsoft Shared\Reference 2008\MSENCDAT.DLL
2007-05-23 13:01 - 2007-05-23 13:01 - 00178968 _____ () C:\Archivos de programa\Archivos comunes\Microsoft Shared\Reference 2008\ENCCONT.DLL
2007-05-23 13:01 - 2007-05-23 13:01 - 00351000 _____ () C:\Archivos de programa\Archivos comunes\Microsoft Shared\Reference 2008\MSENCXML.DLL
2007-05-23 13:00 - 2007-05-23 13:00 - 00068376 _____ () C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICTEIT.EBK
2015-08-02 17:35 - 2015-02-25 08:37 - 00776400 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\Viber.exe
2015-08-02 17:36 - 2015-02-25 08:36 - 49469440 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\libViber.dll
2015-08-02 17:36 - 2015-01-09 06:54 - 00769024 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\libGLESv2.dll
2015-08-02 17:36 - 2015-02-25 08:13 - 00104448 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\qfacebook.dll
2015-08-02 17:35 - 2015-02-25 08:13 - 00171008 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\exif.dll
2015-08-02 17:36 - 2014-06-30 02:11 - 00047104 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\libEGL.dll
2015-08-02 17:36 - 2014-08-20 10:13 - 00875008 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\platforms\qwindows.dll
2015-08-02 17:36 - 2014-06-30 02:17 - 00021504 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qgif.dll
2015-08-02 17:36 - 2014-06-30 02:17 - 00020992 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qico.dll
2015-08-02 17:36 - 2014-06-30 02:17 - 00204800 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qjpeg.dll
2015-08-02 17:36 - 2014-06-30 02:20 - 00218112 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qmng.dll
2015-08-02 17:36 - 2014-06-30 02:18 - 00015872 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qsvg.dll
2015-08-02 17:36 - 2014-06-30 02:20 - 00015360 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qtga.dll
2015-08-02 17:36 - 2014-06-30 02:21 - 00307712 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qtiff.dll
2015-08-02 17:36 - 2014-06-30 02:20 - 00014848 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\imageformats\qwbmp.dll
2015-08-02 17:36 - 2014-06-30 02:17 - 00635392 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\sqldrivers\qsqlite.dll
2015-08-02 17:36 - 2014-06-30 02:18 - 00026624 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Viber\5.0.1.42\iconengines\qsvgicon.dll
2015-08-04 20:13 - 2015-07-31 01:19 - 16308040 _____ () C:\Archivos de programa\Google\Chrome\Application\44.0.2403.130\PepperFlash\pepflashplayer .dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Datos de programa\TEMP:0971B5CA
AlternateDataStreams: C:\Documents and Settings\All Users\Datos de programa\TEMP:C46995DA
AlternateDataStreams: C:\Documents and Settings\All Users\Datos de programa\TEMP:DCAF903C
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1343024091-1425521274-725345543-500\...\microsoft.com -> hxxps://oas.support.microsoft.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1343024091-1425521274-725345543-500\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 190.157.8.33 - 181.48.0.231
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Inicio rápido de HP Photosmart Premier.lnk => C:\WINDOWS\pss\Inicio rápido de HP Photosmart Premier.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Start GeekBuddy.lnk => C:\WINDOWS\pss\Start GeekBuddy.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Status Monitor.lnk => C:\WINDOWS\pss\Status Monitor.lnkCommon Startup
MSCONFIG\startupreg: AceStream => C:\Documents and Settings\Administrador\Datos de programa\ACEStream\engine\ace_engine.exe
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE
MSCONFIG\startupreg: APSDaemon => "C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ares => "C:\Archivos de programa\Ares\Ares.exe" -h
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Archivos de programa\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: COMODO Internet Security => C:\Archivos de programa\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: ControlCenter2.0 => C:\Archivos de programa\Brother\ControlCenter2\brctrcen.exe /autorun
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: EzPrint => "C:\Archivos de programa\Lexmark 4300 Series\ezprint.exe"
MSCONFIG\startupreg: FaxCenterServer => "C:\Archivos de programa\Lexmark Fax Solutions\fm3032.exe" /s
MSCONFIG\startupreg: HDAudDeck => C:\Archivos de programa\VIA\VIAudioi\HDADeck\HDeck.exe 1
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IndexSearch => C:\Archivos de programa\ScanSoft\PaperPort\IndexSearch.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Archivos de programa\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: L08EXLRD_1088125 => "C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.EXE" -m
MSCONFIG\startupreg: L08EXLRD_6187593 => "C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.EXE" -m
MSCONFIG\startupreg: L08EXLRD_951531 => "C:\Archivos de programa\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.EXE" -m
MSCONFIG\startupreg: lxcemon.exe => "C:\Archivos de programa\Lexmark 4300 Series\lxcemon.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\ARCHIV~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MSMSGS => "C:\Archivos de programa\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: msnmsgr => "C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PaperPort PTD => C:\Archivos de programa\ScanSoft\PaperPort\pptd40nt.exe
MSCONFIG\startupreg: PC Suite Tray => "C:\Archivos de programa\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Archivos de programa\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: PlusService => C:\Archivos de programa\Yuna Software\Messenger Plus!\PlusService.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Archivos de programa\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RemoteControl8 => "C:\Archivos de programa\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: SetDefPrt => C:\Archivos de programa\Brother\Brmfl04a\BrStDvPt.exe
MSCONFIG\startupreg: Sonic PDF Print Dispatcher => D:\PROGRAMS\Sonic PDF\3.0\itSONPrnDisp.exe
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Archivos de programa\Archivos comunes\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: swg => C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSCONFIG\startupreg: TelefonicaTelecom_McciTrayApp => "C:\Archivos de programa\TelefonicaTelecom\McciTrayApp.exe"
MSCONFIG\startupreg: tvncontrol => "C:\Archivos de programa\Archivos comunes\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: UpdateFlow.TelefonicaTelecom => C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE file://C:\Archivos de programa\TelefonicaTelecom\OfflineUpdate\redirector.htm
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
DomainProfile\AuthorizedApplications: [C:\Archivos de programa\CyberLink\PowerDVD8\PowerDVD8.exe] => Enabled:CyberLink PowerDVD 8.0
DomainProfile\AuthorizedApplications: [C:\Archivos de programa\MSN Messenger\livecall.exe] => Enabled:Windows Live Messenger 8.1 (Phone)
DomainProfile\AuthorizedApplications: [C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
DomainProfile\AuthorizedApplications: [C:\Archivos de programa\Windows Live\Sync\WindowsLiveSync.exe] => Enabled:Windows Live Sync
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\CyberLink\PowerDVD8\PowerDVD8.exe] => Enabled:CyberLink PowerDVD 8.0
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Microsoft Office\Office12\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Ares\Ares.exe] => Enabled:Ares p2p for windows
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Messenger\msmsgs.exe] => Enabled:Windows Messenger
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\MSN Messenger\livecall.exe] => Enabled:Windows Live Messenger 8.1 (Phone)
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Google\Google Earth\plugin\geplugin.exe] => Enabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe] => Enabled:Media Player Classic - Home Cinema
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Google\Google Earth\client\googleearth.exe] => Enabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Windows Live\Sync\WindowsLiveSync.exe] => Enabled:Windows Live Sync
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe] => Enabled:Yahoo! Messenger
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\StreamTorrent 1.0\StreamTorrent.exe] => Enabled:StreamTorrent Media Player
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\iCall\iCall.exe] => Enabled:iCall
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\FrostWire 5\FrostWire.exe] => Enabled:FrostWire
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Free Online TV\vlc\vlc.exe] => Enabled:VLC media player
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Bonjour\mDNSResponder.exe] => Enabled:Servicio Bonjour
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dpvsetup.exe] => Enabled:Microsoft DirectPlay Voice Test
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\rundll32.exe] => Enabled:Ejecutar un archivo DLL como una aplicación
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrador\Datos de programa\ACEStream\engine\ace_engine.exe] => Enabled:AceStream
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Advanced Driver Updater\adu.exe] => Enabled:AdvancedDriverUpdater
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrador\Datos de programa\Spotify\spotify.exe] => Enabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Archivos de programa\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\USBSetup.exe] => :LocalSubNet:Enabled:Configuración del dispositivo HP (HP Deskjet 1510 series)
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe] => :LocalSubNet:Enabled:Comunicador de red HP COM (HP Deskjet 1510 series)
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrador\Datos de programa\BitTorrent\BitTorrent.exe] => Enabled:BitTorrent (Administrador)
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
==================== Faulty Device Manager Devices =============
Name: Concentrador USB genérico
Description: Concentrador USB genérico
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Concentrador USB genérico)
Service: usbhub
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/09/2015 03:39:20 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Transactions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
Error: (08/09/2015 03:39:20 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
Error: (08/09/2015 03:39:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
Error: (08/09/2015 03:39:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
Error: (08/09/2015 03:39:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
Error: (08/09/2015 03:39:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Runtime.Remoting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
Error: (08/09/2015 03:39:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Runtime.Remoting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
Error: (08/09/2015 03:39:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
Error: (08/09/2015 03:39:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
Error: (08/09/2015 03:39:17 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Windows.Input.Manipulations, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
System errors:
=============
Error: (08/10/2015 11:17:08 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Intervalo de espera (30000 ms.) para la respuesta de transacción del servicio avast! Antivirus.
Error: (08/10/2015 10:58:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Intervalo de espera (30000 ms.) para la respuesta de transacción del servicio avast! Antivirus.
Error: (08/08/2015 01:06:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El controlador de inicialización siguiente no se cargó correctamente:
IntelIde
Error: (08/08/2015 01:06:00 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1
Error: (07/30/2015 02:37:59 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Error: (07/30/2015 02:37:58 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Error: (07/30/2015 02:37:57 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Error: (07/30/2015 02:37:47 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Error: (07/30/2015 02:37:46 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Error: (07/30/2015 02:37:45 PM) (Source: 0) (EventID: 11) (User: )
Description: \Device\Harddisk6\D
Microsoft Office:
=========================
Error: (02/14/2010 07:41:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz
Percentage of memory in use: 48%
Total physical RAM: 3062.23 MB
Available physical RAM: 1580.11 MB
Total Virtual: 5406.57 MB
Available Virtual: 4018.55 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:39.16 GB) (Free:5.66 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:109.88 GB) (Free:89.2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: B334B7C0)
Partition 1: (Active) - (Size=39.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=109.9 GB) - (Type=OF Extended)
==================== End of log ============================
↧
Radio Adverts Randomly Come On
Hello! I am somewhat experienced in removal but this one has me lost and annoyed. Randomly about once a day, while the internet browser is open, we get a loud person talking to us through the computer (no pop ups, just sound) and it's actually from 98.1 The Wolf, it's the morning person. I would personally like to punch this person :)
Nonetheless, I have used Malwarebytes, MB Anti-rootkit, TDSS Killer and ADW Cleaner. Nothing comes up, it said it got rid of something with ADW Cleaner but I don't quite understand that program or to find the log. I've also done some other logs and have looked through them but I have not a clue where it could be hiding...this is one persistent little bugger. So I ask for your assistance!
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz, Intel64 Family 6 Model 15 Stepping 11
Processor Count: 2
RAM: 6013 Mb
Graphics Card: NVIDIA GeForce 9500 GT, 512 Mb
Hard Drives: C: Total - 244095 MB, Free - 197616 MB;
Motherboard: Dell Inc., 0GM819
Antivirus: avast! Antivirus, Updated and Enabled
Nonetheless, I have used Malwarebytes, MB Anti-rootkit, TDSS Killer and ADW Cleaner. Nothing comes up, it said it got rid of something with ADW Cleaner but I don't quite understand that program or to find the log. I've also done some other logs and have looked through them but I have not a clue where it could be hiding...this is one persistent little bugger. So I ask for your assistance!
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz, Intel64 Family 6 Model 15 Stepping 11
Processor Count: 2
RAM: 6013 Mb
Graphics Card: NVIDIA GeForce 9500 GT, 512 Mb
Hard Drives: C: Total - 244095 MB, Free - 197616 MB;
Motherboard: Dell Inc., 0GM819
Antivirus: avast! Antivirus, Updated and Enabled
↧
update.exe failure
This is driving me zanny!! I am using Windows 7 on a Dell desktop computer about 4 years old. Every working fine except I keep getting a pop-up on my computer saying update.exe 0x752de5a8 failed. I haven't a clue what update.exe 0x752de5a8 is - other than Google saying it is NOT Windows related and that it could be a virus. I am using Avira Antivirus Pro and it does not detect anything. Further reading indicated it could be a hidden file in the C:\Program Files\Common files - which I could not find. I have been trying to kill this popup for last 2 weeks - but it is very persistent. Any help would be VERY MUCH appreciated!!!
↧
↧
computer still affected after complete HD wipe
My Asus model cm6870 gets heavy use from the family. At some time I believe it had acquired a virus. The computer started to run extremely slow. Running programs, opening folders and even task manager would never open and if they did they would become not responsive. I had Norton 360 and Hitman which would find some malware and supposedly removed it yet the problem still persists. Eventually the HD completely crashed and the computer would only boot to the insert boot device and press any key screen. Since i had backed up my files on an external HD I wiped the Asus HD with DBAN and reinstalled Windows 7. The computer seemed to be fine at first but soon went back to the same result. I wiped it again and this time downloaded nothing but updated drivers (from the manufactures website) and still the problem persists. I would run a TSG Sysinfo but the computer is basically unusable at this point. Can a virus affect a computer beyond the hard drive or is the computer simply breaking down?
specs:
asus cm 6870
windows 7 64bit
intel i7 processor
16 mb RAM
Thank you in advance to anyone with any info on this.
specs:
asus cm 6870
windows 7 64bit
intel i7 processor
16 mb RAM
Thank you in advance to anyone with any info on this.
↧
HELP! i think i have a RAT installed
Hey there guys, i recently got a new computer from a guy. i know for a fact that he uses RAT tools at home and i am a little worried he might have ratted me. i ran an avast full scan and found a bunch of php shell stuff... i know enough about this stuff to know that someone is having a peek...... so any help in this are would be most appreciated.. and if it helps i know he uses dark-comet.
picture of the scan provided here![]()
![]()
upload gambar
picture of the scan provided here
upload gambar
↧
Autoclicks on Windows 7
Hi everyone I just have a quick question.
So I have a PC in my living room and I hear like auto mouse clicking sounds, but its not actually clicking anything, but all I hear is clicking sounds. Its not all the time. I am not sure if its a malware or anything. I have tried Malwarebytes and antivirus and even reinstalling windows(BTW its a win 7).
So any suggestions on fixing it?
So I have a PC in my living room and I hear like auto mouse clicking sounds, but its not actually clicking anything, but all I hear is clicking sounds. Its not all the time. I am not sure if its a malware or anything. I have tried Malwarebytes and antivirus and even reinstalling windows(BTW its a win 7).
So any suggestions on fixing it?
↧
More Pages to Explore .....
