Jump to content

mb5

Members
  • Posts

    18
  • Joined

  • Last visited

Reputation

0 Neutral
  1. mbar log: Malwarebytes Anti-Rootkit BETA 1.08.2.1001 www.malwarebytes.org Database version: v2014.12.22.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 PL :: PL-0 [administrator] 22/12/2014 02:26:15 mbar-log-2014-12-22 (02-26-15).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 459853 Time elapsed: 26 minute(s), 6 second(s) [aborted] Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end)
  2. mbar enter in the loop too, but it does not detect that folders as malware. i stopped the scan because i think it will never end logs --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.08.2.1001 © Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 8.0.6001.18702 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, K:\ DRIVE_FIXED CPU speed: 2.599000 GHz Memory total: 3085348864, free: 2071044096 Downloaded database version: v2014.12.22.01 Downloaded database version: v2014.12.14.01 Downloaded database version: v2014.12.06.01 Initializing... ====================== ------------ Kernel report ------------ 12/22/2014 02:25:17 ------------ Loaded modules ----------- \WINDOWS\system32\ntkrnlpa.exe \WINDOWS\system32\hal.dll \WINDOWS\system32\KDCOM.DLL \WINDOWS\system32\BOOTVID.dll ACPI.sys \WINDOWS\System32\DRIVERS\WMILIB.SYS pci.sys isapnp.sys pciide.sys \WINDOWS\system32\DRIVERS\PCIIDEX.SYS MountMgr.sys ftdisk.sys dmload.sys dmio.sys PartMgr.sys VolSnap.sys atapi.sys disk.sys \WINDOWS\system32\DRIVERS\CLASSPNP.SYS fltMgr.sys KSecDD.sys WudfPf.sys ati2mtag.sys \WINDOWS\system32\DRIVERS\VIDEOPRT.SYS Ntfs.sys NDIS.sys processr.sys Mup.sys srv.sys \WINDOWS\system32\DRIVERS\TDI.SYS mssmbios.sys aswVmm.sys aswRvrt.sys \SystemRoot\system32\DRIVERS\tunmp.sys \SystemRoot\system32\DRIVERS\Rtenicxp.sys \SystemRoot\system32\DRIVERS\usbohci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\imapi.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\system32\DRIVERS\redbook.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\cwrwdm.sys \SystemRoot\system32\DRIVERS\portcls.sys \SystemRoot\system32\DRIVERS\drmk.sys \SystemRoot\system32\DRIVERS\serial.sys \SystemRoot\system32\DRIVERS\serenum.sys \SystemRoot\system32\DRIVERS\parport.sys \SystemRoot\system32\DRIVERS\i8042prt.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\audstub.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\psched.sys \SystemRoot\system32\DRIVERS\msgpc.sys \SystemRoot\system32\DRIVERS\ptilink.sys \SystemRoot\system32\DRIVERS\raspti.sys \SystemRoot\system32\DRIVERS\rdpdr.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\update.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\gameenum.sys \SystemRoot\system32\drivers\aswSP.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\usbprint.sys \SystemRoot\System32\Drivers\Fs_Rec.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\Drivers\mnmdd.SYS \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\rasacd.sys \SystemRoot\system32\DRIVERS\ipsec.sys \SystemRoot\system32\DRIVERS\tcpip.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\system32\drivers\aswTdi.sys \SystemRoot\system32\DRIVERS\ipnat.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\tcpip6.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\drivers\aswRdr.sys \SystemRoot\system32\DRIVERS\Ip6Fw.sys \SystemRoot\System32\drivers\ws2ifsl.sys \SystemRoot\System32\drivers\afd.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\System32\Drivers\Fips.SYS \SystemRoot\system32\drivers\aswSnx.sys \SystemRoot\System32\Drivers\Cdfs.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\watchdog.sys \SystemRoot\System32\drivers\dxg.sys \SystemRoot\System32\drivers\dxgthk.sys \SystemRoot\System32\ati2dvag.dll \SystemRoot\System32\ati2cqag.dll \SystemRoot\System32\atikvmag.dll \SystemRoot\System32\atiok3x2.dll \SystemRoot\System32\ati3duag.dll \SystemRoot\System32\ativvaxx.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\aswMonFlt.sys \SystemRoot\system32\DRIVERS\AegisP.sys \SystemRoot\system32\DRIVERS\netbt.sys \SystemRoot\system32\DRIVERS\mrxdav.sys \SystemRoot\System32\Drivers\ParVdm.SYS \SystemRoot\system32\drivers\wdmaud.sys \SystemRoot\system32\drivers\sysaudio.sys \SystemRoot\system32\drivers\aswHwid.sys \SystemRoot\System32\Drivers\HTTP.sys \SystemRoot\system32\DRIVERS\sr.sys \??\K:\WINDOWS\system32\drivers\mbamchameleon.sys \??\K:\WINDOWS\system32\drivers\MBAMSwissArmy.sys \WINDOWS\system32\ntdll.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk4\DR15 Upper Device Object: 0xffffffff8a8a8040 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000082\ Lower Device Object: 0xffffffff8a8adea0 Lower Device Driver Name: \Driver\usbstor\ <<<1>>> Upper Device Name: \Device\Harddisk3\DR14 Upper Device Object: 0xffffffff8a8acab8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000081\ Lower Device Object: 0xffffffff8a91db38 Lower Device Driver Name: \Driver\usbstor\ <<<1>>> Upper Device Name: \Device\Harddisk2\DR13 Upper Device Object: 0xffffffff8a8bc580 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000080\ Lower Device Object: 0xffffffff8a8a8ea0 Lower Device Driver Name: \Driver\usbstor\ <<<1>>> Upper Device Name: \Device\Harddisk1\DR12 Upper Device Object: 0xffffffff8a8e2ab8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007f\ Lower Device Object: 0xffffffff8a8d7ea0 Lower Device Driver Name: \Driver\usbstor\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff8af32ab8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP0T1L0-3\ Lower Device Object: 0xffffffff8af9f940 Lower Device Driver Name: \Driver\atapi\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff8af32ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8af75b60, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff8af32ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff8afa23d8, DeviceName: \Device\00000071\, DriverName: \Driver\ACPI\ DevicePointer: 0xffffffff8af9f940, DeviceName: \Device\Ide\IdeDeviceP0T1L0-3\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: K: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: K: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: K:\WINDOWS\SYSTEM32\drivers... Done! Drive 0 This is a System drive Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 15551555 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 234385345 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 234385408 Numsec = 57163776 Partition 2 type is Extended with LBA (0xf) Partition is NOT ACTIVE. Partition starts at LBA: 298037941 Numsec = 190352715 Partition 3 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 291551232 Numsec = 6486016 Disk Size: 250059350016 bytes Sector size: 512 bytes Done! Physical Sector Size: 0 Drive: 1, DevicePointer: 0xffffffff8a8e2ab8, DeviceName: \Device\Harddisk1\DR12\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8a8ab8e8, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff8a8e2ab8, DeviceName: \Device\Harddisk1\DR12\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff8a8d7ea0, DeviceName: \Device\0000007f\, DriverName: \Driver\usbstor\ ------------ End ---------- Physical Sector Size: 0 Drive: 2, DevicePointer: 0xffffffff8a8bc580, DeviceName: \Device\Harddisk2\DR13\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8a8ab6c0, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff8a8bc580, DeviceName: \Device\Harddisk2\DR13\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff8a8a8ea0, DeviceName: \Device\00000080\, DriverName: \Driver\usbstor\ ------------ End ---------- Physical Sector Size: 0 Drive: 3, DevicePointer: 0xffffffff8a8acab8, DeviceName: \Device\Harddisk3\DR14\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8a8ab498, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff8a8acab8, DeviceName: \Device\Harddisk3\DR14\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff8a91db38, DeviceName: \Device\00000081\, DriverName: \Driver\usbstor\ ------------ End ---------- Physical Sector Size: 0 Drive: 4, DevicePointer: 0xffffffff8a8a8040, DeviceName: \Device\Harddisk4\DR15\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8a8ac880, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff8a8a8040, DeviceName: \Device\Harddisk4\DR15\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff8a8adea0, DeviceName: \Device\00000082\, DriverName: \Driver\usbstor\ ------------ End ---------- <<<2>>> <<<3>>> Volume: E: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scan Interrupted Scan was aborted. ======================================= Removal queue found; removal started Removing K:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam... Removing K:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam... Removing K:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam... Removal finished
  3. frst: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-12-2014 Ran by PL (administrator) on PL-0 on 20-12-2014 17:18:35 Running from C:\Descargas\jdownloader Loaded Profile: PL (Available profiles: PL & Administrador) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Español (alfabetización internacional) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) E:\AVAST Software\Avast\AvastSvc.exe (AVAST Software) E:\AVAST Software\Avast\avastui.exe (Microsoft Corporation) K:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation) K:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) K:\WINDOWS\system32\msiexec.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => E:\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-11] (AVAST Software) Winlogon\Notify\AtiExtEvent: K:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-19\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\MountPoints2: {76ac22d0-70c9-11e4-aa5c-001fc6b3eb40} - K:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL start.exe HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\MountPoints2: {8dc164b0-ce1d-11e0-ade5-806d6172696f} - M:\tools\start.cmd HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\MountPoints2: {96f32764-68f6-11e4-aa37-001fc6b3eb40} - I:\LGAutoRun.exe HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\MountPoints2: {9f069fba-720e-11e2-9989-001fc6b3eb40} - O:\Setup.exe HKU\S-1-5-18\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1 Startup: K:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\SystemExplorerDisabled () Startup: K:\Documents and Settings\PL\Menú Inicio\Programas\Inicio\SystemExplorerDisabled () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\AVAST Software\Avast\ashShell.dll (AVAST Software) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?ocid=iehp HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01 HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - E:\Internet Explorer\iexplore.exe SearchScopes: HKLM -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1757981266-1788223648-725345543-1003 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1757981266-1788223648-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.iminent.com/?appId=F208C310-7BE2-4FCD-B99A-6079B105F5D0&ref=toolbox&q={searchTerms} SearchScopes: HKU\S-1-5-21-1757981266-1788223648-725345543-1003 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?} SearchScopes: HKU\S-1-5-21-1757981266-1788223648-725345543-1003 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1757981266-1788223648-725345543-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab Handler: AutorunsDisabled\ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - No File Handler: AutorunsDisabled\skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\archivos comunes\Skype\Skype4COM.dll (Skype Technologies) Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{074AD9D2-8506-43FE-A004-63ABBB0E1E01}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF ProfilePath: K:\Documents and Settings\PL\Datos de programa\Mozilla\Firefox\Profiles\exyssdja.default FF SelectedSearchEngine: webssearches FF Homepage: https://www.google.com.ar/ FF Plugin: @adobe.com/FlashPlayer -> K:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> E:\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> E:\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> E:\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> E:\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> E:\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> K:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> E:\Archivos comunes\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll No File FF Plugin: @videolan.org/vlc,version=2.1.0 -> E:\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> E:\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> E:\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> E:\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: E:\\mozilla firefox\browser\searchplugins\creativecommons.xml FF SearchPlugin: E:\\mozilla firefox\browser\searchplugins\mercadolibre-ar.xml FF Extension: Ghostery - K:\Documents and Settings\PL\Datos de programa\Mozilla\Firefox\Profiles\exyssdja.default\Extensions\firefox@ghostery.com.xpi [2014-05-30] FF Extension: FlashGot - K:\Documents and Settings\PL\Datos de programa\Mozilla\Firefox\Profiles\exyssdja.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-11-18] FF Extension: Adblock Plus - K:\Documents and Settings\PL\Datos de programa\Mozilla\Firefox\Profiles\exyssdja.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-30] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - K:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - K:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-10-04] FF StartMenuInternet: FIREFOX.EXE - E:\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: K:\Documents and Settings\PL\Configuración local\Datos de programa\Google\Chrome\User Data\Default CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path CHR HKLM\...\Chrome\Extension: [hahpjplbmicfkmoccokbjejahjjpnena] - No Path ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 6to4; K:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation) S4 ATI Smart; K:\WINDOWS\system32\ati2sgag.exe [593920 2007-08-21] () [File not signed] R2 avast! Antivirus; E:\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-12] (AVAST Software) S4 BootlogService; E:\Greatis\BootLog XP\BootLogService.exe [65248 2009-12-04] (Greatis Software ©) S3 DragonUpdater; E:\comodo\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] () S4 IDriverT; E:\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] S4 JavaQuickStarterService; E:\Java\jre7\bin\jqs.exe [182696 2014-10-28] (Oracle Corporation) S3 Microsoft SharePoint Workspace Audit Service; E:\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation) S3 MozillaMaintenance; E:\Mozilla Maintenance Service\maintenanceservice.exe [114800 2014-12-09] (Mozilla Foundation) R2 Net Driver HPZ12; K:\WINDOWS\system32\HPZinw12.dll [44032 2010-01-18] (Hewlett-Packard) [File not signed] S3 ose; E:\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation) S3 osppsvc; E:\Archivos comunes\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation) R2 Pml Driver HPZ12; K:\WINDOWS\system32\HPZipm12.dll [53760 2010-01-18] (Hewlett-Packard) [File not signed] S3 PSI_SVC_2; e:\Archivos comunes\Protexis\License Service\PsiService_2.exe [189728 2010-03-10] (Protexis Inc.) S3 SbieSvc; E:\\Sandboxie\SbieSvc.exe [134664 2014-10-14] (Sandboxie Holdings, LLC) S3 SystemExplorerHelpService; E:\System Explorer\service\SystemExplorerService.exe [566496 2014-12-02] (Mister Group) S4 ekrn; No ImagePath S3 globalUpdate; No ImagePath S3 globalUpdatem; No ImagePath S4 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AegisP; K:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2014-04-29] (Cisco Systems, Inc.) [File not signed] S3 andnetadb; K:\WINDOWS\System32\Drivers\lgandnetadb.sys [25856 2014-05-27] (Google Inc) S3 AndNetDiag; K:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [24064 2014-07-07] (LG Electronics Inc.) S3 ANDNetModem; K:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [28672 2014-07-07] (LG Electronics Inc.) S3 andnetndis; K:\WINDOWS\System32\DRIVERS\lgandnetndis.sys [70784 2014-05-28] (LG Electronics Inc.) R2 aswHwid; K:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-12] () R2 aswMonFlt; K:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-12] (AVAST Software) R1 aswRdr; K:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-12] (AVAST Software) R0 aswRvrt; K:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-12] () R1 aswSnx; K:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-21] (AVAST Software) R1 aswSP; K:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-20] (AVAST Software) R1 aswTdi; K:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-12] (AVAST Software) R0 aswVmm; K:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-12] () S3 blackberryncm; K:\WINDOWS\System32\DRIVERS\blackberryncm.sys [19456 2014-04-15] (BlackBerry) [File not signed] S3 CCDECODE; K:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R3 cwrwdm; K:\WINDOWS\System32\DRIVERS\cwrwdm.sys [48640 2008-04-13] (Crystal Semiconductor Corp.) S3 epmntdrv; K:\WINDOWS\system32\epmntdrv.sys [13896 2012-12-21] () [File not signed] S3 EuGdiDrv; K:\WINDOWS\system32\EuGdiDrv.sys [9160 2012-12-21] () [File not signed] S3 FTDIBUS; K:\WINDOWS\System32\drivers\ftdibus.sys [65896 2013-07-25] (FTDI Ltd.) R3 gameenum; K:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation) S3 ggsomc; K:\WINDOWS\System32\DRIVERS\ggsomc.sys [26328 2014-07-21] (Sony Mobile Communications) S3 HPZid412; K:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP) S3 HPZipr12; K:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP) S3 HPZius12; K:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP) S3 ISODrive; E:\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.) S3 mr8980; K:\WINDOWS\System32\DRIVERS\mr8980.sys [105856 2010-06-16] (Mars Semiconductor Corp.) [File not signed] S3 NdisIP; K:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 NPF; K:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.) S3 rimvndis; K:\WINDOWS\System32\Drivers\rimvndis.sys [12800 2014-06-23] (Research in Motion Limited) S3 SbieDrv; E:\Sandboxie\SbieDrv.sys [161288 2014-10-14] (Sandboxie Holdings, LLC) S3 tap0901; K:\WINDOWS\System32\DRIVERS\tap0901.sys [33608 2014-04-09] (The OpenVPN Project) R1 Tcpip6; K:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) S0 bcaqicn; No ImagePath S3 catchme; \??\K:\DOCUME~1\PL\CONFIG~1\Temp\catchme.sys [X] S3 dgderdrv; No ImagePath U5 Inport; K:\Windows\System32\Drivers\Inport.sys [13568 2001-08-22] (Microsoft Corporation) S3 RimUsb; System32\Drivers\RimUsb.sys [X] U5 UnlockerDriver5; E:\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 VBoxNetFlt; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-19 18:52 - 2014-12-19 18:58 - 00000000 ___SD () K:\ComboFix 2014-12-19 17:26 - 2008-04-14 00:16 - 00010880 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\ndisip.sys 2014-12-19 17:26 - 2008-04-14 00:16 - 00010880 _____ (Microsoft Corporation) K:\WINDOWS\system32\Drivers\NdisIP.sys 2014-12-19 17:26 - 2008-04-14 00:09 - 00005504 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\mstee.sys 2014-12-19 17:26 - 2008-04-14 00:09 - 00005504 _____ (Microsoft Corporation) K:\WINDOWS\system32\Drivers\MSTEE.sys 2014-12-19 17:25 - 2008-04-14 07:49 - 00091648 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\kswdmcap.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00091648 _____ (Microsoft Corporation) K:\WINDOWS\system32\kswdmcap.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00061952 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\kstvtune.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00061952 _____ (Microsoft Corporation) K:\WINDOWS\system32\kstvtune.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00043008 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\ksxbar.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00043008 _____ (Microsoft Corporation) K:\WINDOWS\system32\ksxbar.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00028672 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\vidcap.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00028672 _____ (Microsoft Corporation) K:\WINDOWS\system32\vidcap.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00020992 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\dshowext.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00020992 _____ (Microsoft Corporation) K:\WINDOWS\system32\dshowext.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00016384 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\ipsink.ax 2014-12-19 17:25 - 2008-04-14 07:49 - 00016384 _____ (Microsoft Corporation) K:\WINDOWS\system32\ipsink.ax 2014-12-19 17:25 - 2008-04-14 07:48 - 00054784 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\vfwwdm32.dll 2014-12-19 17:25 - 2008-04-14 07:48 - 00054784 _____ (Microsoft Corporation) K:\WINDOWS\system32\vfwwdm32.dll 2014-12-19 17:25 - 2008-04-14 00:16 - 00085248 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\nabtsfec.sys 2014-12-19 17:25 - 2008-04-14 00:16 - 00085248 _____ (Microsoft Corporation) K:\WINDOWS\system32\Drivers\NABTSFEC.sys 2014-12-19 17:25 - 2008-04-14 00:16 - 00019200 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\wstcodec.sys 2014-12-19 17:25 - 2008-04-14 00:16 - 00019200 _____ (Microsoft Corporation) K:\WINDOWS\system32\Drivers\WSTCODEC.SYS 2014-12-19 17:25 - 2008-04-14 00:16 - 00017024 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\ccdecode.sys 2014-12-19 17:25 - 2008-04-14 00:16 - 00017024 _____ (Microsoft Corporation) K:\WINDOWS\system32\Drivers\CCDECODE.sys 2014-12-19 17:25 - 2008-04-14 00:16 - 00015232 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\streamip.sys 2014-12-19 17:25 - 2008-04-14 00:16 - 00015232 _____ (Microsoft Corporation) K:\WINDOWS\system32\Drivers\StreamIP.sys 2014-12-19 17:25 - 2008-04-14 00:16 - 00011136 ____C (Microsoft Corporation) K:\WINDOWS\system32\dllcache\slip.sys 2014-12-19 17:25 - 2008-04-14 00:16 - 00011136 _____ (Microsoft Corporation) K:\WINDOWS\system32\Drivers\SLIP.sys 2014-12-19 16:33 - 2014-12-20 17:15 - 00000000 ____D () E:\\WirelessCamera 2014-12-19 16:32 - 2014-12-19 16:32 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\{E6BF9DB9-56B3-4120-9684-3033236CF414} 2014-12-16 21:55 - 2014-12-16 21:57 - 01964981 _____ () K:\Documents and Settings\PL\Escritorio\Tic en el Aula.pptx 2014-12-16 11:04 - 2012-11-29 11:21 - 00000216 _____ () K:\Boot.bak 2014-12-16 11:04 - 2004-08-03 23:00 - 00260272 __RSH () K:\cmldr 2014-12-16 10:14 - 2011-06-26 03:45 - 00256000 _____ () K:\WINDOWS\PEV.exe 2014-12-16 10:14 - 2010-11-07 14:20 - 00208896 _____ () K:\WINDOWS\MBR.exe 2014-12-16 10:14 - 2009-04-20 01:56 - 00060416 _____ (NirSoft) K:\WINDOWS\NIRCMD.exe 2014-12-16 10:14 - 2000-08-30 21:00 - 00518144 _____ (SteelWerX) K:\WINDOWS\SWREG.exe 2014-12-16 10:14 - 2000-08-30 21:00 - 00406528 _____ (SteelWerX) K:\WINDOWS\SWSC.exe 2014-12-16 10:14 - 2000-08-30 21:00 - 00212480 _____ (SteelWerX) K:\WINDOWS\SWXCACLS.exe 2014-12-16 10:14 - 2000-08-30 21:00 - 00098816 _____ () K:\WINDOWS\sed.exe 2014-12-16 10:14 - 2000-08-30 21:00 - 00080412 _____ () K:\WINDOWS\grep.exe 2014-12-16 10:14 - 2000-08-30 21:00 - 00068096 _____ () K:\WINDOWS\zip.exe 2014-12-15 09:16 - 2014-12-15 09:19 - 09502980 _____ () K:\Documents and Settings\PL\Escritorio\videoplayback.mp4 2014-12-15 02:25 - 2014-12-15 02:26 - 00000000 ____D () K:\Qoobox 2014-12-15 02:25 - 2014-12-15 02:25 - 00000000 ____D () K:\WINDOWS\erdnt 2014-12-09 19:47 - 2014-12-09 19:47 - 00000000 ____D () E:\\Mozilla Firefox 2014-12-09 12:48 - 2014-12-09 14:27 - 00000000 ____D () K:\Documents and Settings\All Users\Datos de programa\TEMP 2014-12-07 17:39 - 2014-12-20 17:18 - 00000000 ____D () K:\FRST 2014-12-07 16:21 - 2014-12-19 18:40 - 00114904 _____ (Malwarebytes Corporation) K:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-12-07 16:21 - 2014-12-07 16:21 - 00000565 _____ () K:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk 2014-12-07 16:21 - 2014-12-07 16:21 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes Anti-Malware 2014-12-07 16:20 - 2014-12-07 16:21 - 00000000 ____D () E:\\Malwarebytes Anti-Malware 2014-12-07 16:20 - 2014-12-07 16:20 - 00000000 ____D () K:\Documents and Settings\All Users\Datos de programa\Malwarebytes 2014-12-07 16:20 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) K:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-12-07 16:20 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) K:\WINDOWS\system32\Drivers\mbam.sys 2014-12-06 03:07 - 2014-12-16 10:03 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\LGMobile Support Tool 2014-12-06 02:55 - 2014-07-07 11:06 - 00028672 _____ (LG Electronics Inc.) K:\WINDOWS\system32\Drivers\lgandnetmodem.sys 2014-12-06 02:55 - 2014-07-07 11:05 - 00024064 _____ (LG Electronics Inc.) K:\WINDOWS\system32\Drivers\lgandnetdiag.sys 2014-12-06 02:55 - 2014-05-28 13:51 - 00070784 _____ (LG Electronics Inc.) K:\WINDOWS\system32\Drivers\lgandnetndis.sys 2014-12-06 02:55 - 2014-05-27 06:40 - 00025856 _____ (Google Inc) K:\WINDOWS\system32\Drivers\lgandnetadb.sys 2014-12-05 17:07 - 2014-12-20 17:16 - 00184712 _____ () K:\WINDOWS\DPINST.LOG 2014-12-01 22:02 - 2014-12-11 22:05 - 00009436 _____ () K:\Documents and Settings\PL\Escritorio\DevolverBarra.jpeg 2014-11-27 13:01 - 2014-11-27 13:01 - 00000000 ____H () K:\WINDOWS\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf 2014-11-22 10:38 - 2014-11-22 10:38 - 00000000 __RHD () K:\MSOCache 2014-11-20 23:57 - 2014-12-17 16:22 - 00012311 _____ () K:\WINDOWS\setupact.log 2014-11-20 23:57 - 2014-11-20 23:57 - 00000000 ____H () K:\WINDOWS\system32\Drivers\Msft_Kernel_blackberryncm_01007.Wdf 2014-11-20 23:57 - 2014-11-20 23:57 - 00000000 _____ () K:\WINDOWS\setuperr.log 2014-11-20 23:56 - 2014-12-05 17:05 - 00000000 ____D () K:\WINDOWS\LastGood 2014-11-20 23:56 - 2014-04-15 10:51 - 00019456 _____ (BlackBerry) K:\WINDOWS\system32\Drivers\blackberryncm.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-20 17:17 - 2011-08-24 07:10 - 01407703 _____ () K:\WINDOWS\WindowsUpdate.log 2014-12-20 17:16 - 2011-09-01 00:24 - 00000000 ___HD () E:\\InstallShield Installation Information 2014-12-20 17:15 - 2013-11-14 14:15 - 00000000 __SHD () E:\\Config.Msi 2014-12-20 17:15 - 2011-08-24 03:00 - 00000000 ___RD () K:\Documents and Settings\All Users\Menú Inicio\Programas 2014-12-20 17:15 - 2011-08-24 03:00 - 00000000 ____D () K:\Documents and Settings\All Users\Escritorio 2014-12-20 17:03 - 2014-11-05 13:24 - 00000336 ____H () K:\WINDOWS\Tasks\avast! Emergency Update.job 2014-12-20 17:03 - 2012-05-30 03:58 - 00000374 _____ () K:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-12-20 17:02 - 2014-02-17 05:51 - 00000159 _____ () K:\WINDOWS\wiadebug.log 2014-12-20 17:02 - 2014-02-17 05:51 - 00000050 _____ () K:\WINDOWS\wiaservc.log 2014-12-20 17:02 - 2011-08-24 07:14 - 00000006 ____H () K:\WINDOWS\Tasks\SA.DAT 2014-12-20 09:12 - 2011-08-24 07:15 - 00000192 ___SH () K:\Documents and Settings\PL\ntuser.ini 2014-12-19 19:00 - 2014-11-18 13:56 - 00206980 _____ () K:\WINDOWS\setupapi.log 2014-12-19 18:55 - 2011-08-24 07:15 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa 2014-12-19 18:52 - 2011-11-27 18:17 - 00032070 _____ () K:\WINDOWS\Tasks\SCHEDLGU.TXT 2014-12-19 18:23 - 2014-09-10 11:53 - 00000838 _____ () K:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-12-19 18:06 - 2013-10-05 16:42 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\vlc 2014-12-19 17:22 - 2011-08-24 07:15 - 00000000 ____D () K:\Documents and Settings\PL 2014-12-19 16:33 - 2011-08-24 08:53 - 00000000 ____D () E:\\DIFX 2014-12-18 05:08 - 2011-08-24 07:15 - 00000000 ___HD () K:\Documents and Settings\PL\Configuración local\Datos de programa 2014-12-17 23:41 - 2011-08-24 10:09 - 00000000 ____D () E:\\JDownloader 2014-12-17 16:13 - 2012-08-13 03:51 - 00701616 _____ (Adobe Systems Incorporated) K:\WINDOWS\system32\FlashPlayerApp.exe 2014-12-17 16:13 - 2012-08-13 03:51 - 00071344 _____ (Adobe Systems Incorporated) K:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-12-17 16:00 - 2014-11-03 22:20 - 00000000 ____D () K:\Documents and Settings\PL\Configuración local\Datos de programa\Adobe 2014-12-16 22:01 - 2011-08-24 07:15 - 00000000 ____D () K:\Documents and Settings\PL\Escritorio 2014-12-16 21:50 - 2014-03-15 23:43 - 00112128 ___SH () K:\Documents and Settings\PL\Escritorio\Thumbs.db 2014-12-16 11:04 - 2012-11-29 02:09 - 00000328 __RSH () K:\boot.ini 2014-12-16 10:14 - 2011-11-28 16:58 - 00000000 ____D () K:\Documents and Settings\Administrador 2014-12-15 08:50 - 2011-08-24 03:00 - 00000000 __SHD () E:\\System Volume Information 2014-12-15 08:49 - 2011-08-24 07:09 - 00000000 ____D () K:\WINDOWS\system32\Restore 2014-12-11 23:47 - 2013-09-10 01:02 - 00065536 _____ () K:\WINDOWS\system32\config\OAlerts.evt 2014-12-09 23:46 - 2013-09-10 00:47 - 00000000 ____D () K:\Documents and Settings\All Users\Datos de programa\Microsoft Help 2014-12-09 23:41 - 2013-08-08 23:30 - 00000000 ____D () K:\WINDOWS\system32\MRT 2014-12-09 23:37 - 2011-08-29 02:24 - 109818608 _____ (Microsoft Corporation) K:\WINDOWS\system32\MRT.exe 2014-12-09 21:27 - 2014-05-30 01:46 - 00000000 ____D () E:\\Mozilla Maintenance Service 2014-12-09 12:48 - 2011-08-24 03:00 - 00000000 __RHD () K:\Documents and Settings\All Users\Datos de programa 2014-12-08 01:08 - 2012-06-30 23:08 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\MediaMonkey 2014-12-07 18:36 - 2011-08-24 03:00 - 00000000 ___RD () K:\Documents and Settings\All Users\Documentos 2014-12-07 18:33 - 2014-03-24 23:52 - 00008704 ___SH () K:\WINDOWS\system32\Thumbs.db 2014-12-07 18:31 - 2014-04-18 02:14 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\PhotoScape 2014-12-07 18:29 - 2011-08-24 07:15 - 00000000 __SHD () K:\Documents and Settings\PL\Configuración local\Archivos temporales de Internet 2014-12-07 18:28 - 2014-03-24 23:51 - 00014848 ___SH () K:\WINDOWS\Thumbs.db 2014-12-07 16:05 - 2001-08-24 13:00 - 00002262 _____ () K:\WINDOWS\system32\wpa.dbl 2014-12-07 15:26 - 2014-02-10 14:26 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\System Explorer 2014-12-07 15:26 - 2011-08-24 21:50 - 00000000 ____D () E:\\System Explorer 2014-12-06 18:54 - 2013-05-22 02:45 - 00002318 _____ () K:\WINDOWS\Sandboxie.ini 2014-12-06 17:01 - 2014-11-19 14:24 - 00000000 ____D () E:\\Physion 2014-12-06 02:55 - 2014-11-10 16:58 - 00000000 ____D () E:\\LG Electronics 2014-12-05 17:09 - 2011-08-24 03:01 - 02834488 _____ () K:\WINDOWS\system32\PerfStringBackup.INI 2014-11-30 23:40 - 2013-08-17 23:11 - 00002275 _____ () K:\Documents and Settings\All Users\Escritorio\CorelDRAW X6.lnk 2014-11-27 15:11 - 2012-02-10 23:52 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\Winamp 2014-11-21 23:52 - 2014-11-05 13:24 - 00787800 _____ (AVAST Software) K:\WINDOWS\system32\Drivers\aswsnx.sys 2014-11-21 12:47 - 2014-11-14 15:25 - 00000000 ____D () E:\Archivos comunes\XCPCSync.OEM 2014-11-21 12:45 - 2014-11-14 15:25 - 00000000 ____D () E:\Archivos comunes\Research In Motion 2014-11-21 01:31 - 2012-04-04 22:01 - 03084486 _____ () K:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-S-1-5-21-1757981266-1788223648-725345543-1003-0.dat 2014-11-21 01:31 - 2012-04-04 22:01 - 00387766 _____ () K:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-System.dat 2014-11-20 23:58 - 2014-11-14 15:34 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\XCPCSync.OEM 2014-11-20 23:57 - 2014-11-19 12:51 - 00000000 ____D () E:\\Algodoo 2014-11-20 13:40 - 2014-11-05 13:24 - 00423784 _____ (AVAST Software) K:\WINDOWS\system32\Drivers\aswsp.sys Some content of TEMP: ==================== K:\Documents and Settings\PL\Configuración local\Temp\BlackBerryDeviceManager.exe K:\Documents and Settings\PL\Configuración local\Temp\BlackBerryLauncher.exe K:\Documents and Settings\PL\Configuración local\Temp\Foxit Reader Updater.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) K:\WINDOWS\explorer.exe => File is digitally signed K:\WINDOWS\system32\winlogon.exe => File is digitally signed K:\WINDOWS\system32\svchost.exe => File is digitally signed K:\WINDOWS\system32\services.exe => File is digitally signed K:\WINDOWS\system32\User32.dll => File is digitally signed K:\WINDOWS\system32\userinit.exe => File is digitally signed K:\WINDOWS\system32\rpcss.dll => File is digitally signed K:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================
  4. checkresults: mbam-check result log version: 2.1.1.1001 ======================================== User Account type: Administrator OS: Windows XP Service Pack 3 Service Pack 3 32 bit Operating System Current Version and Build: 5.1.2600.0 OS Product Info: Professional Malwarebytes Anti-Malware: 2.0.4.1028 Installed On: 2014/12/07 Malware Database: 0000.00.00.00 Rootkit Database: 0000.00.00.00 Remediation Database: 0000.00.00.00 IP Database: 0000.00.00.00 Domain Database: 0000.00.00.00 License: Free Malware Protection: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector Malicious Website Protection: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMWebAccessControl Chameleon: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon Log Created: 2014/12/20 17:20:00 Compatibility Flag Settings: ================================= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers E:\Foxit Software\Foxit Reader\Foxit Reader.exeREG_SZ EnableNXShowUI K:\WINDOWS\system32\services.exeREG_SZ EnableNXShowUI e:\Corel\CorelDRAW Graphics Suite X6\Programs\CorelDrw.exeREG_SZ DISABLECICERO E:\Winamp\winamp.exe REG_SZ EnableNXShowUI C:\uli\impresoras\reset\RESET_EPSON_TX430W.exeREG_SZ EnableNXShowUI C:\uli\softcrackin\RDG Packer Detector v0.7.2 Rev2 2014\RDG Packer Detector v0.7.2 Rev2 2014\RDG Packer Detector v0.7.2.exeREG_SZ DisableNXShowUI C:\ADCDA2\ADBCD.exe REG_SZ DisableNXShowUI HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers E:\Rovio Entertainment Ltd\Angry Birds\AngryBirds.exeREG_SZ HIGHDPIAWARE Malwarebytes Anti-Malware Shell Extension Block Check: ====================================================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked MBAM Startup Entries: ===================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Malwarebytes Anti-Malware Service and Driver Status: ======================================================= --------------Driver File Info:-------------- K:\WINDOWS\system32\drivers\mbam.sys File Size: 23256 BYTES FileVersion: 0.1.15.0 MD5: [a3f4391dfdf2f9e9fe4ead193265a5ad] K:\WINDOWS\system32\drivers\mbamswissarmy.sys File Size: 114904 BYTES FileVersion: 0.2.13.0 MD5: [8e2e9ccd873abf180f48bcaeeebe347d] K:\WINDOWS\system32\drivers\mbamchameleon.sys File Size: 54360 BYTES FileVersion: 1.1.4.0 MD5: [ffb32e70d735146f5630dc7a96b6e1a8] --------------MBAMProtector:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A --------------MBAMService:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMService WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A --------------MBAMScheduler:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A --------------MBAMChameleon:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A --------------MBAMWebAccessControl:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MbamWebAccessControl WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A Required Dependencies: ====================== --------------fltmgr:-------------- Type: 2 State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_EXIT_CODE: 0 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr Type REG_DWORD 2 Start REG_DWORD 0 ErrorControl REG_DWORD 1 Tag REG_DWORD 4 ImagePath REG_EXPAND_SZ system32\DRIVERS\fltMgr.sys DisplayName REG_SZ FltMgr Group REG_SZ FSFilter Infrastructure Description REG_SZ Controlador del administrador de filtros del sistema de archivos AttachWhenLoaded REG_DWORD 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Security Security REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum 0 REG_SZ Root\LEGACY_FLTMGR\0000 Count REG_DWORD 1 NextInstance REG_DWORD 1 K:\WINDOWS\system32\drivers\fltmgr.sys File Size: 129792 BYTES FileVersion: 5.1.2600.5512 MD5: [b2cf4b0786f8212cb92ed2b50c6db6b0] K:\WINDOWS\system32\comctl32.ocx File Size: 609824 BYTES FileVersion: 6.0.81.5 MD5: [e2bed335446b7321ff38a138b3962e8a] K:\WINDOWS\system32\mscomctl.ocx File Size: 1070232 BYTES FileVersion: 6.1.98.39 MD5: [766f501b61c22723536af696a74133d4] K:\WINDOWS\system32\olepro32.dll File Size: 84992 BYTES FileVersion: 5.1.2600.5512 MD5: [f71cb6064dfc10dfb767b537bfa33d61] MBAM Registry Settings and License Info: ======================================== --------------Settings:-------------- Advanced: AutomaticQuarantine: true AutostartProtection: true LimitedMode: false StartSilentMode: false StartupDelay: 0 ApplicationState: First-Run-After-Installation: false General: DaysUntilNotifyExpiration: 5 Language: en RightClickAccess: false SilentErrors: false Logging: ExportLog: true Notification: ProtectionTray: DisplayMilliseconds: 7000 ScanHistory: Duration_Complete: 4425 Duration_Driver: 15196 Duration_Filesystem: 604 Duration_Heuristics: 8000 Duration_Loading: 0 Duration_MasterBootRecord: 169 Duration_Memory: 40000 Duration_PreScan: 75551 Duration_Registry: 8913 Duration_Sector: 0 Duration_Startup: 20454 ItemCount_Complete: 450207 ItemCount_Driver: 301 ItemCount_Filesystem: 37589 ItemCount_Heuristics: 108509 ItemCount_Loading: 0 ItemCount_MasterBootRecord: 1 ItemCount_Memory: 2797 ItemCount_PreScan: 75500 ItemCount_Registry: 350 ItemCount_Sector: 0 ItemCount_Startup: 1523 LastScanDateEpoch: 1419025246062 LastScanType: 3 (Hyper Scan) Update: LastUpdate: 2014-12-07T19:30:18 NotifyInstallReady: true NotifyOutdatedDatabase: 7 ProxyPassword: ProxyPort: 0 ProxyServer: ProxyUsername: UseProxy: false UseProxyAuthentication: false --------------Account:-------------- Account Status: Free Expiration Time: Activation Time: Trial Used: false --------------Access Policies:-------------- Scheduler Queue: ================ Pending File Rename Operations: ================================ If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation. MBAMProtector Registry Values: ============================== MBAMService Registry Values: ============================ MBAMScheduler Registry Values: ============================== Terminal Services Status for (null) entries in PM logs and GetUserToken errors: =============================================================================== --------------TERMService:-------------- Type: 32 State: 4 (The service is running.) (State is stopped) WIN32_EXIT_CODE: 0 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 TermService Start is set to: 3 (Manual Startup) Proxy Status: No proxy is Set Proxy Override: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ ProxyOverride REG_SZ <local> LAN Settings: ============= No Settings are Set <--NOT DETECTING SETTING AUTOMATICALLY SystemPartition: ================ HKEY_LOCAL_MACHINE\SYSTEM\Setup\ SystemPartition REG_SZ \Device\HarddiskVolume10 Balloon Tips Status: ==================== Disabled <--BALLOON TOOLTIPS ARE DISABLED! Time Format Settings: ===================== Should be: h:mm:ss tt AM PM : Currently: REG_SZ HH:mm:ss REG_SZ a.m. REG_SZ p.m. REG_SZ : Language and Regional Settings: =============================== ACP: Language is English (United States) MACCP: Language is English (United States) OEMCP: 850 Please refer to this link for details: Here Startup Folders for Error_Expanding_Variables Check: ==================================================== All Users Startup Folder Exists. Current User's startup Folder Exists. Context Menu Entries: ===================== List of MBAM Related Directories: ================================= E:\Malwarebytes Anti-Malware\ 7z.dll File Size: 920888 BYTES FileVersion: 9.20.0.0 MD5: [067f8fee78dc960d6fc36d1d071913e8] changes.txt File Size: 100 BYTES FileVersion: N/A MD5: [a4b1260d5fa0045146288698a3db62f0] license.rtf File Size: 39478 BYTES FileVersion: N/A MD5: [8627b31943a534aad30d154c2b2c1aaf] master.conf File Size: 1258 BYTES FileVersion: N/A MD5: [9702ca5e82d3756c6d8af34a2ababaea] mbam.dll File Size: 579896 BYTES FileVersion: 1.0.16.0 MD5: [9605659224814baf5dc0b2c37a70b83c] mbam.exe File Size: 7229752 BYTES FileVersion: 1.0.1.711 MD5: [3c13f26a4766752314a5413038bd86b4] mbamcore.dll File Size: 1829176 BYTES FileVersion: 1.1.20.0 MD5: [b5de1455392f8aea137a79a539536086] mbamdor.exe File Size: 54072 BYTES FileVersion: 1.0.1.0 MD5: [7bda05509585396989e523bede832e9b] mbamext.dll File Size: 261432 BYTES FileVersion: 3.0.6.0 MD5: [fe89671d870acac23afc9becd4a0137d] mbampt.exe File Size: 39736 BYTES FileVersion: 1.0.0.0 MD5: [6c6ced3ffd1b24b39ecdd7416694324d] mbamscheduler.exe File Size: 1871160 BYTES FileVersion: 3.1.1.0 MD5: [0bb29de40c9d9529793dcdb59a43cf5b] mbamservice.exe File Size: 969016 BYTES FileVersion: 3.0.8.1 MD5: [5f82d8188b370b0cf185d4ae2b9b4a0e] mbamsrv.dll File Size: 4463928 BYTES FileVersion: 1.2.0.0 MD5: [5da6de166e1ca56638e931bfe631de53] msvcp100.dll File Size: 421688 BYTES FileVersion: 10.0.40219.325 MD5: [e7a36dc43b2757bdad7f1ba934234834] msvcr100.dll File Size: 774456 BYTES FileVersion: 10.0.40219.325 MD5: [cf5858509b748fe5cefe63d29289f7f3] QtCore4.dll File Size: 2732856 BYTES FileVersion: 4.8.4.0 MD5: [82373bfed2c741677e22dccb16f29960] QtGui4.dll File Size: 8575288 BYTES FileVersion: 4.8.4.0 MD5: [2c0fc2279552ff45ec0d7d9b113f8b92] QtNetwork4.dll File Size: 909112 BYTES FileVersion: 4.8.4.0 MD5: [454b9f0364d41afa69690baebda01217] unins000.dat File Size: 25334 BYTES FileVersion: N/A MD5: [0132c0b2cca385be6ce981df32dd8fe2] unins000.exe File Size: 719743 BYTES FileVersion: 51.52.0.0 MD5: [d4cfadd772f339da3ca93afcc11c8d70] E:\Malwarebytes Anti-Malware\\accessible qtaccessiblewidgets4.dll File Size: 198968 BYTES FileVersion: 4.8.4.0 MD5: [9dc9f70942de132a762c974e7ee3bed6] E:\Malwarebytes Anti-Malware\\Chameleon E:\Malwarebytes Anti-Malware\\Chameleon\Windows chameleon.chm File Size: 235882 BYTES FileVersion: N/A MD5: [c4190b71f037714aa77aba294434ba5b] firefox.com File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] firefox.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] firefox.pif File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] firefox.scr File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] iexplore.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] mbam-chameleon.com File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] mbam-chameleon.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] mbam-chameleon.pif File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] mbam-chameleon.scr File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] mbam-killer.exe File Size: 1188664 BYTES FileVersion: 3.0.2.0 MD5: [d6d202229b5cd31085d744f5b5bcf2e3] rundll32.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] svchost.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] windows.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] winlogon.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] E:\Malwarebytes Anti-Malware\\imageformats qgif4.dll File Size: 32568 BYTES FileVersion: 4.8.4.0 MD5: [a99351607fe64cf112d7284b738e0b6a] E:\Malwarebytes Anti-Malware\\Languages lang_ar.qm File Size: 139423 BYTES FileVersion: N/A MD5: [9771d098e918204a99fa0068f431e6ba] lang_bg.qm File Size: 147865 BYTES FileVersion: N/A MD5: [d250b37179f313e58267f7946e0522d4] lang_ca.qm File Size: 149256 BYTES FileVersion: N/A MD5: [0cc2735ee2f231ea5d964c323ca73e08] lang_cs.qm File Size: 142601 BYTES FileVersion: N/A MD5: [8426f7126d2851a1e6ca1f1f7e45d2ec] lang_da.qm File Size: 143131 BYTES FileVersion: N/A MD5: [6fe13d4a5a44a3390bf9940404eeb6c7] lang_de.qm File Size: 151959 BYTES FileVersion: N/A MD5: [9517c7c9865b5641c5c250c84b51a6d1] lang_el.qm File Size: 152327 BYTES FileVersion: N/A MD5: [4cd483236d99cf40e9d8cf534bac05e7] lang_en.qm File Size: 137689 BYTES FileVersion: N/A MD5: [d34a8afc30bb472c443f7f088513ff04] lang_es.qm File Size: 149211 BYTES FileVersion: N/A MD5: [1ee5f6535d02c94812e54e3ed65de6ac] lang_et.qm File Size: 141939 BYTES FileVersion: N/A MD5: [f6faee4a33654bb27dcf2f9d4cf955ef] lang_fi.qm File Size: 145730 BYTES FileVersion: N/A MD5: [9f4ff431ec70747591ef0e0eaf3ed2cb] lang_fr.qm File Size: 153965 BYTES FileVersion: N/A MD5: [8dd69dd62ee617dc3ca4f25ab2c70af8] lang_he.qm File Size: 134117 BYTES FileVersion: N/A MD5: [3ad149f1778e6e8f8f89ecfe67a1e62e] lang_hu.qm File Size: 147806 BYTES FileVersion: N/A MD5: [7c3ae4dde80fa8759968b218a03a7a73] lang_id.qm File Size: 145710 BYTES FileVersion: N/A MD5: [c2a0325d9dfb5c5fce7a4832837896e7] lang_it.qm File Size: 148249 BYTES FileVersion: N/A MD5: [4766a519a653d8e6f6ad32094a2a059b] lang_ja.qm File Size: 122782 BYTES FileVersion: N/A MD5: [339134f906b770b833653682264bdc23] lang_ko.qm File Size: 119240 BYTES FileVersion: N/A MD5: [5042df441910dfe9f6a55d3c005b00c7] lang_lt.qm File Size: 146950 BYTES FileVersion: N/A MD5: [5c0fca31ff0a6d2b3f6d1722940a2dc6] lang_lv.qm File Size: 146072 BYTES FileVersion: N/A MD5: [8623ed6977cd81c0d520f5fd84788d93] lang_nl.qm File Size: 147725 BYTES FileVersion: N/A MD5: [1b391d5599be4724018624a27014eb75] lang_no.qm File Size: 144153 BYTES FileVersion: N/A MD5: [2d53348f8e74f26f065e0c83e8fff7fe] lang_pl.qm File Size: 147483 BYTES FileVersion: N/A MD5: [ce39bae20f8a2b42f93f2f5a5c6dd63e] lang_pt_BR.qm File Size: 146906 BYTES FileVersion: N/A MD5: [b337c75fa23ba36176719d54c0269560] lang_pt_PT.qm File Size: 144956 BYTES FileVersion: N/A MD5: [b41016907930a96a11aadb348fd9a1b6] lang_ro.qm File Size: 146821 BYTES FileVersion: N/A MD5: [69c447559268a873808d5ae48b425ad9] lang_ru.qm File Size: 148179 BYTES FileVersion: N/A MD5: [51d4d0c155de54f24b09be7040a7ff15] lang_sk.qm File Size: 144330 BYTES FileVersion: N/A MD5: [3a00a97315c24e6820f8939920ef14b4] lang_sl.qm File Size: 144582 BYTES FileVersion: N/A MD5: [47db99ccdd98936e6a38957321c71317] lang_sv.qm File Size: 145435 BYTES FileVersion: N/A MD5: [a2b33c0364aad3e9d7daafdd4f286ee1] lang_th.qm File Size: 137957 BYTES FileVersion: N/A MD5: [6a24ece552172d805cd428853255d294] lang_tr.qm File Size: 144262 BYTES FileVersion: N/A MD5: [18b7fec7611c038780ee77044e523f70] lang_vi.qm File Size: 144480 BYTES FileVersion: N/A MD5: [708062759498e791186bbe64b7246d0c] E:\Malwarebytes Anti-Malware\\Plugins fixdamage.exe File Size: 821560 BYTES FileVersion: 1.1.0.1010 MD5: [a8181ce03e9624f2c4606af3984e345e] K:\Documents and Settings\PL\Datos de programa\Malwarebytes\Malwarebytes Anti-Malware K:\Documents and Settings\PL\Start Menu\Programs\Malwarebytes Anti-Malware K:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware Malware Exclusions: =================== Unable to access exclusion information: Error code 20001Web Exclusions: ================ Unable to access exclusion information: Error code 20001Quarantined Items: =================== Unable to access quarantine information: Error code 20001=============================================================== END OF FILE
  5. additions: Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-12-2014 Ran by PL at 2014-12-20 17:19:22 Running from C:\Descargas\jdownloader Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: ESET NOD32 Antivirus 7.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden 7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - ) Actualización de seguridad para Windows Internet Explorer 7 (KB2544521) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2559049) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2586448) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2618444) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2647516) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows XP (KB2510581) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB2544521) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB2559049) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden Actualización para Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation) Actualización para Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation) Actualización para Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden Analizador de MSXML 6.0 (HKLM\...\{624810C7-02AA-4964-8A2F-AA07251259BF}) (Version: 6.00.3883.15 - Microsoft Corporation) Angry Birds (HKLM\...\{EB8D8402-5741-4CBA-A292-1E530E1A6F13}) (Version: 4.0.0 - Rovio Entertainment Ltd.) ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach) ATI - Utilidad de desinstalación de software (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - ) ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0210.2338 - ) ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.411-070821a1-055477C-Asus - ) ATI Parental Control & Encoder (Version: 3.0 - Nombre de su organización) Hidden Auslogics Registry Cleaner (HKLM\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 3.4.1.0 - Auslogics Labs Pty Ltd) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software) BlackBerry Link (Version: 1.2.3.56 - BlackBerry Ltd.) Hidden BootLog XP (HKLM\...\BootLog XP_is1) (Version: 2.10 - Greatis Software) BurnAware Free 7.1 (HKLM\...\BurnAware Free_is1) (Version: - Burnaware) ccc-core-preinstall (Version: 2010.0210.2339.42455 - ATI) Hidden ccc-core-static (Version: 2010.0210.2339.42455 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform) Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO) CorelDRAW Graphics Suite X6 - Capture (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Common (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Connect (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Draw (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - ES (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Filters (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - FontNav (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Redist (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VBA (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VSTA (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 (Version: 16.1 - Corel Corporation) Hidden Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - ) Crocodile Technology 607 (ES) (HKLM\...\{B0EA5655-6C96-4B50-8199-D87B30590718}) (Version: 1.00.0607 - Ì) Debugging Tools for Windows (x86) (HKLM\...\{1CD0C3C5-809D-4CFC-904A-1B67C6243637}) (Version: 6.9.3.113 - Microsoft Corporation) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Desinstalador de impresoras EPSON Stylus TX200 Series (HKLM\...\EPSON Stylus TX200 Series) (Version: - SEIKO EPSON Corporation) Digimoto 5 (HKLM\...\{EDA3A982-B8ED-407E-9BF4-0E94EBA35ED3}) (Version: 5.0.22 - PerformanceScan) DJ_AIO_05_F4400_Software_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden DJ_SF_03_D1500_Software_Min (Version: 100.0.239.000 - Hewlett-Packard) Hidden Dyno-Scan for Windows 10.0.1 (HKLM\...\{7576E0E7-AEFC-4F47-A388-F91B5640CE4F}) (Version: 10.0.1 - Auterra) EaseUS Partition Master 9.2.1 Home Edition (HKLM\...\EaseUS Partition Master Home Edition_is1) (Version: - EaseUS) EasyBCD 2.2 (HKLM\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies) EPSON Scan (HKLM\...\EPSON Scanner) (Version: - ) FileAlyzer 2 (HKLM\...\{29D3773E-54F4-23C2-D523-236A4453B845}_is1) (Version: 2.0.5.57 - Safer Networking Limited) FL Studio 11 (HKLM\...\FL Studio 11) (Version: - Image-Line) FlowStone FL 3.0 (HKLM\...\FlowStone) (Version: - ) Football Manager 2014 (HKLM\...\{68772D7A-4184-47A5-BFB9-BF74C1B09413}) (Version: 1.0.0 - Sega) FORScan versión 2.1.19.beta (HKLM\...\{63310483-6490-44CD-B351-8F66C2923070}_is1) (Version: 2.1.19.beta - Verysoft LLC) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation) FreeFileSync 6.7 (HKLM\...\FreeFileSync) (Version: 6.7 - Zenju) Hard Disk Low Level Format Tool 2.36 build 1181 (HKLM\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU) HP Deskjet D1500 Printer Driver 10.0 Rel .3 (HKLM\...\{167F938F-5AD3-40e2-B05D-2B7C6F0FDE48}) (Version: 10.0 - HP) HP Deskjet F4400 Printer Driver 14.0 Rel. 5 (HKLM\...\{A800FCC9-8E1E-4D84-9CED-47870701FDE1}) (Version: 14.0 - HP) IDA Demo v6.6 (HKLM\...\IDA Demo_is1) (Version: - Hex-Rays SA) IDA Pro Free v5.0 (HKLM\...\IDA Pro Free_is1) (Version: - Hex-Rays SA) IHMC CmapTools v5.04.01 (HKLM\...\IHMC CmapTools v5.04.01) (Version: 5.0.4.1 - Institute for Human & Machine Cognition) IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version: - Image-Line) ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.2.0 - LIGHTNING UK!) Iminent (HKLM\...\IMBoosterARP) (Version: 7.5.3.1 - Iminent) <==== ATTENTION inSSIDer (HKLM\...\{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}) (Version: 2.1.5 - MetaGeek) Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Java SE Development Kit 7 Update 21 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle) LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics) Lyrics Plugin for Winamp (HKLM\...\{75E9A522-65D2-4200-A95F-C3EF89703263}) (Version: 0.4 - Lyrics Plugin) Malwarebytes Anti-Malware versión 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) MediaMonkey 4.0 (HKLM\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - ) Microsoft .NET Framework 1.1 Spanish Language Pack (HKLM\...\{83169D43-4660-4347-BC95-E9D6E6BE65CE}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN (HKLM\...\{85AC0FFA-643D-3103-9310-7086ECB0C36C}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN (HKLM\...\{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - ) Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - ) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft) Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft) Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft) Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation) MinGW-Get version 0.5-beta-20120426-1 (HKLM\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW) Mozilla Firefox 34.0.5 (x86 es-AR) (HKLM\...\Mozilla Firefox 34.0.5 (x86 es-AR)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) NetBeans IDE 7.3 (HKLM\...\nbi-nb-base-7.3.0.0.201302132200) (Version: 7.3 - NetBeans.org) Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - ) Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team) OBD II logger (HKLM\...\ST6UNST #1) (Version: - ) Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC) Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTLE8023xp) Net (01/07/2014 5.824.0107.2014) (HKLM\...\56F4336CA4BBFC7D3B030BFB3CC552C3C190512D) (Version: 01/07/2014 5.824.0107.2014 - Realtek Semiconductor Corp.) Paquete de idioma de Microsoft .NET Framework 2.0 - ESN (HKLM\...\Microsoft .NET Framework 2.0 Language Pack - ESN) (Version: - Microsoft Corporation) Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - esn) (Version: - Microsoft Corporation) Paquete de idioma para español de Microsoft .NET Framework 3.0 (HKLM\...\Microsoft .NET Framework 3.0 Spanish Language Pack) (Version: - Microsoft Corporation) Paquete de proveedor base de servicios de cifrado para tarjetas inteligentes de Microsoft (HKLM\...\KB909520) (Version: - Microsoft Corporation) PCMSCAN (HKLM\...\{979B748C-6095-4A5A-BC7B-C15E720529D6}) (Version: 2.4.12 - Palmer Performance Engineering) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Physion (HKLM\...\B969B390-AC77-49F7-B928-C5147A6008C0) (Version: 1.01 - Dimitris Xanthopoulos) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PokerStars.net (HKLM\...\PokerStars.net) (Version: - PokerStars.net) Pro Evolution Soccer 2009 (HKLM\...\{A8DB611A-D80E-450D-85F6-3ACDD164BE31}) (Version: 1.00.0000 - KONAMI) ProScan (HKLM\...\{3AB16E9C-C582-4BF0-A76C-37B18ED78B72}) (Version: 5.9 - Gore Research) REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Reproductor de Windows Media 11 (HKLM\...\Windows Media Player) (Version: - ) Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation) Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC) Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden ScanMaster-ELM 2.1.104.771 DEMO (HKLM\...\ScanMaster-ELM - DEMO_is1) (Version: 2.1.104.771 - WGSoft.de) ScanMaster-ELM 4.3.0.2095 DEMO (HKLM\...\{76E1EA66-989B-475A-92AF-F950B49E711E}_is1) (Version: 4.3.0.2095 - WGSoft.de) ScanXL Professional (HKLM\...\{2BE87846-415C-4098-A6AE-226931D1C01A}) (Version: 3.5.1 - Palmer Performance Engineering) Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skins (Version: 2010.0210.2339.42455 - ATI) Hidden Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - ) SSC Service Utility v4.30 (HKLM\...\SSC Service Utility_is1) (Version: - SSC Localization Group) Super Mario 64 (Español) (HKLM\...\Super Mario 64_is1) (Version: - Nintendo™) System Explorer 6.1.0 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH) Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden UltraISO Premium V9.52 (HKLM\...\UltraISO_is1) (Version: - ) VirtualDJ Home FREE (HKLM\...\{5E1375CB-6792-4464-8715-CC3EC83D48FA}) (Version: 7.0.5 - Atomix Productions) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Winamp (HKLM\...\Winamp) (Version: 5.621 - Nullsoft, Inc) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Updates Downloader (HKLM\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation) WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) Wireshark 1.10.8 (32-bit) (HKLM\...\Wireshark) (Version: 1.10.8 - The Wireshark developer community, http://www.wireshark.org) Wondershare PDF Editor OCR (HKLM\...\{408133BA-3665-4EF5-9DC4-E6A475DA8119}_is1) (Version: 3.6.0.9 - Wondershare Software Co.,Ltd.) Wondershare PDF Editor(Build 3.7.1) (HKLM\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.7.1.5 - Wondershare Software Co.,Ltd.) Xirrus Wi-Fi Inspector (HKLM\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus) XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 15-12-2014 08:49:56 Punto de control del sistema 17-12-2014 15:50:46 Punto de control del sistema 18-12-2014 16:39:29 Punto de control del sistema 19-12-2014 16:32:34 Installed WUSBCamera 20-12-2014 17:15:04 Removed WirelessCamera 20-12-2014 17:15:51 Configured WUSBCamera ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2001-08-24 13:00 - 2012-12-06 20:16 - 00000736 ____A K:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: K:\WINDOWS\Tasks\Adobe Flash Player Updater.job => K:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: K:\WINDOWS\Tasks\avast! Emergency Update.job => E:\AVAST Software\Avast\AvastEmUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-12-20 17:04 - 2014-12-20 17:04 - 02908160 _____ () E:\AVAST Software\Avast\defs\14122000\algo.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () E:\archivos comunes\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-05-12 06:49 - 2014-05-12 06:49 - 00260608 _____ () E:\Notepad++\NppShell_06.dll 2014-11-05 13:24 - 2014-11-12 13:40 - 38562088 _____ () E:\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: K:\WINDOWS\system32\autochk.exe:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\autochk.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\eventquery.vbs:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\eventquery.vbs:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\faultrep.dll:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\faultrep.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\keyboard.sys:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\keyboard.sys:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\schedsvc.dll:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\schedsvc.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\Ver canales.scf:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\Ver canales.scf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\wdmaud.drv:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\wdmaud.drv:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\Documents and Settings\All Users\Datos de programa\TEMP:1AAB2E68 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: mobilegeni daemon => ========================= Accounts: ========================== Administrador (S-1-5-21-1757981266-1788223648-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrador.PL-0 ASPNET (S-1-5-21-1757981266-1788223648-725345543-1052 - Limited - Enabled) Invitado (S-1-5-21-1757981266-1788223648-725345543-501 - Limited - Disabled) PL (S-1-5-21-1757981266-1788223648-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\PL ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/06/2014 02:58:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: lgflashtool2014.exe, versión: 1.0.0.1, módulo con error: msvcr100.dll, versión 10.0.30319.1, dirección de error 0x00002424. Procesando suceso específico de medio para [lgflashtool2014.exe!ws!] Error: (11/19/2014 02:31:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: physion.exe, versión: 0.0.0.0, módulo con error: physion.exe, versión 0.0.0.0, dirección de error 0x000bbeef. Procesando suceso específico de medio para [physion.exe!ws!] Error: (11/19/2014 02:15:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: algodoo.exe, versión: 0.0.0.0, módulo con error: atioglxx.dll, versión 6.14.10.6847, dirección de error 0x0026808e. Procesando suceso específico de medio para [algodoo.exe!ws!] Error: (11/19/2014 01:57:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: algodoo.exe, versión: 0.0.0.0, módulo con error: atioglxx.dll, versión 6.14.10.6847, dirección de error 0x0026808e. Procesando suceso específico de medio para [algodoo.exe!ws!] Error: (11/18/2014 01:58:22 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. Error: (11/18/2014 01:25:53 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. Error: (11/18/2014 01:23:58 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. System errors: ============= Error: (12/20/2014 01:46:38 AM) (Source: Dhcp) (EventID: 1002) (User: ) Description: La concesión de la dirección IP 192.168.2.100 para la tarjeta de red con la dirección de red 001FC6B3EB40 ha sido denegada por el servidor DHCP 192.168.2.1 (el servidor DHCP envió un mensaje DHCPNACK). Error: (12/19/2014 08:52:28 AM) (Source: WPDMTPDriver) (EventID: 15300) (User: ) Description: MTP WPD Driver has failed to start. Error 0x8007001f. Error: (12/16/2014 11:10:15 AM) (Source: ipnathlp) (EventID: 31012) (User: ) Description: El agente proxy de DNS encontró un error mientras obtenía la lista local de los servidores de resolución de nombres. Algunos servidores DNS o WINS pueden quedar inaccesibles para clientes de la red local. Los datos son el código de error. Error: (12/16/2014 11:10:14 AM) (Source: ipnathlp) (EventID: 31012) (User: ) Description: El agente proxy de DNS encontró un error mientras obtenía la lista local de los servidores de resolución de nombres. Algunos servidores DNS o WINS pueden quedar inaccesibles para clientes de la red local. Los datos son el código de error. Error: (12/16/2014 11:10:14 AM) (Source: ipnathlp) (EventID: 31012) (User: ) Description: El agente proxy de DNS encontró un error mientras obtenía la lista local de los servidores de resolución de nombres. Algunos servidores DNS o WINS pueden quedar inaccesibles para clientes de la red local. Los datos son el código de error. Error: (12/16/2014 11:10:13 AM) (Source: ipnathlp) (EventID: 31012) (User: ) Description: El agente proxy de DNS encontró un error mientras obtenía la lista local de los servidores de resolución de nombres. Algunos servidores DNS o WINS pueden quedar inaccesibles para clientes de la red local. Los datos son el código de error. Error: (12/16/2014 11:10:13 AM) (Source: ipnathlp) (EventID: 31012) (User: ) Description: El agente proxy de DNS encontró un error mientras obtenía la lista local de los servidores de resolución de nombres. Algunos servidores DNS o WINS pueden quedar inaccesibles para clientes de la red local. Los datos son el código de error. Error: (12/16/2014 11:10:13 AM) (Source: ipnathlp) (EventID: 31012) (User: ) Description: El agente proxy de DNS encontró un error mientras obtenía la lista local de los servidores de resolución de nombres. Algunos servidores DNS o WINS pueden quedar inaccesibles para clientes de la red local. Los datos son el código de error. Error: (12/16/2014 10:57:01 AM) (Source: ipnathlp) (EventID: 31012) (User: ) Description: El agente proxy de DNS encontró un error mientras obtenía la lista local de los servidores de resolución de nombres. Algunos servidores DNS o WINS pueden quedar inaccesibles para clientes de la red local. Los datos son el código de error. Error: (12/16/2014 10:56:52 AM) (Source: ipnathlp) (EventID: 31012) (User: ) Description: El agente proxy de DNS encontró un error mientras obtenía la lista local de los servidores de resolución de nombres. Algunos servidores DNS o WINS pueden quedar inaccesibles para clientes de la red local. Los datos son el código de error. Microsoft Office Sessions: ========================= Error: (12/06/2014 02:58:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: lgflashtool2014.exe1.0.0.1msvcr100.dll10.0.30319.100002424 Error: (11/19/2014 02:31:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: physion.exe0.0.0.0physion.exe0.0.0.0000bbeef Error: (11/19/2014 02:15:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: algodoo.exe0.0.0.0atioglxx.dll6.14.10.68470026808e Error: (11/19/2014 01:57:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: algodoo.exe0.0.0.0atioglxx.dll6.14.10.68470026808e Error: (11/18/2014 01:58:22 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL Error: (11/18/2014 01:25:53 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL Error: (11/18/2014 01:23:58 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL ==================== Memory info =========================== Processor: AMD Athlon 64 X2 Dual Core Processor 5000+ Percentage of memory in use: 19% Total physical RAM: 2942.42 MB Available physical RAM: 2364.73 MB Total Pagefile: 2980.17 MB Available Pagefile: 2636.64 MB Total Virtual: 2047.88 MB Available Virtual: 1928.62 MB ==================== Drives ================================ Drive c: (mis documentos) (Fixed) (Total:111.76 GB) (Free:2.79 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: (paginacion) (Fixed) (Total:0.93 GB) (Free:0.73 GB) NTFS Drive e: (Archivos de programa) (Fixed) (Total:24.02 GB) (Free:12.61 GB) NTFS Drive f: (Archivos 9GB) (Fixed) (Total:5.18 GB) (Free:2.14 GB) NTFS Drive g: (vacia) (Fixed) (Total:3.09 GB) (Free:0.95 GB) NTFS Drive k: (xp) (Fixed) (Total:27.26 GB) (Free:12.34 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 15551555) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=27.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=90.8 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=3.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  6. chkdsk fixed some problems but malwarebytes still goes paranoic and combofix still stuck after stage 8 Comprobando el sistema de archivos en E: El tipo del sistema de archivos es NTFS. Chkdsk no puede ejecutarse ya que el volumen está siendo usado por otro proceso. Chkdsk puede ejecutarse si se desmonta previamente este volumen. TODOS LOS IDENTIFICADORES ABIERTOS A ESTE VOLUMEN NO SERÁN VÁLIDOS. ¿Desea forzar el desmontaje de este volumen? (S/N) Volumen desmontado. Todos los identificadores abiertos a este volumen no son válidos ahora. La etiqueta de volumen es Archivos de programa. Limpiar incoherencias sin importancia en la unidad. Liberando 34 entradas de índice no usadas del índice $SII del archivo 0x9. Liberando 34 entradas de índice no usadas del índice $SDH del archivo 0x9. Liberando 34 descriptores de seguridad no usados. CHKDSK está comprobando el diario USN... Se ha completado la comprobación del diario USN. CHKDSK está comprobando los datos de archivo (etapa 4 de 5)... Comprobación de datos de archivo terminada. CHKDSK está comprobando el espacio disponible (etapa 5 de 5)... La comprobación de espacio libre se ha completado. CHKDSK ha encontrado espacio libre marcado como asignado en el mapa de bits del volumen. Windows ha hecho algunas correciones en el sistema de archivos. 25188348 KB de espacio total en disco. 11581368 KB en 84292 archivos. 33136 KB en 7126 índices. 0 KB en sectores defectuosos. 184800 KB en uso por el sistema. El archivo de registro ha ocupado 65536 kilobytes. 13389044 KB disponibles en disco. 4096 bytes en cada unidad de asignación. 6297087 unidades de asignación en disco en total. 3347261 unidades de asignación disponibles en disco.
  7. combofix stuck after completed stage 8, with no cpu neither disk usage
  8. frst.txt Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2014 01 Ran by PL at 2014-12-11 15:50:28 Running from C:\Descargas\jdownloader Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: ESET NOD32 Antivirus 7.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden 7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - ) Actualización de seguridad para Windows Internet Explorer 7 (KB2544521) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2559049) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2586448) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2618444) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2647516) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows XP (KB2510581) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB2544521) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB2559049) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden Actualización para Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation) Actualización para Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation) Actualización para Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden Analizador de MSXML 6.0 (HKLM\...\{624810C7-02AA-4964-8A2F-AA07251259BF}) (Version: 6.00.3883.15 - Microsoft Corporation) Angry Birds (HKLM\...\{EB8D8402-5741-4CBA-A292-1E530E1A6F13}) (Version: 4.0.0 - Rovio Entertainment Ltd.) ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach) ATI - Utilidad de desinstalación de software (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - ) ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0210.2338 - ) ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.411-070821a1-055477C-Asus - ) ATI Parental Control & Encoder (Version: 3.0 - Nombre de su organización) Hidden Auslogics Registry Cleaner (HKLM\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 3.4.1.0 - Auslogics Labs Pty Ltd) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software) BlackBerry Link (Version: 1.2.3.56 - BlackBerry Ltd.) Hidden BootLog XP (HKLM\...\BootLog XP_is1) (Version: 2.10 - Greatis Software) BurnAware Free 7.1 (HKLM\...\BurnAware Free_is1) (Version: - Burnaware) ccc-core-preinstall (Version: 2010.0210.2339.42455 - ATI) Hidden ccc-core-static (Version: 2010.0210.2339.42455 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform) Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO) CorelDRAW Graphics Suite X6 - Capture (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Common (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Connect (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Draw (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - ES (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Filters (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - FontNav (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Redist (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VBA (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VSTA (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 (Version: 16.1 - Corel Corporation) Hidden Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - ) Crocodile Technology 607 (ES) (HKLM\...\{B0EA5655-6C96-4B50-8199-D87B30590718}) (Version: 1.00.0607 - Ì) Debugging Tools for Windows (x86) (HKLM\...\{1CD0C3C5-809D-4CFC-904A-1B67C6243637}) (Version: 6.9.3.113 - Microsoft Corporation) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Desinstalador de impresoras EPSON Stylus TX200 Series (HKLM\...\EPSON Stylus TX200 Series) (Version: - SEIKO EPSON Corporation) Digimoto 5 (HKLM\...\{EDA3A982-B8ED-407E-9BF4-0E94EBA35ED3}) (Version: 5.0.22 - PerformanceScan) DJ_AIO_05_F4400_Software_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden DJ_SF_03_D1500_Software_Min (Version: 100.0.239.000 - Hewlett-Packard) Hidden Dyno-Scan for Windows 10.0.1 (HKLM\...\{7576E0E7-AEFC-4F47-A388-F91B5640CE4F}) (Version: 10.0.1 - Auterra) EaseUS Partition Master 9.2.1 Home Edition (HKLM\...\EaseUS Partition Master Home Edition_is1) (Version: - EaseUS) EasyBCD 2.2 (HKLM\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies) EPSON Scan (HKLM\...\EPSON Scanner) (Version: - ) FileAlyzer 2 (HKLM\...\{29D3773E-54F4-23C2-D523-236A4453B845}_is1) (Version: 2.0.5.57 - Safer Networking Limited) FL Studio 11 (HKLM\...\FL Studio 11) (Version: - Image-Line) FlowStone FL 3.0 (HKLM\...\FlowStone) (Version: - ) Football Manager 2014 (HKLM\...\{68772D7A-4184-47A5-BFB9-BF74C1B09413}) (Version: 1.0.0 - Sega) FORScan versión 2.1.19.beta (HKLM\...\{63310483-6490-44CD-B351-8F66C2923070}_is1) (Version: 2.1.19.beta - Verysoft LLC) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation) FreeFileSync 6.7 (HKLM\...\FreeFileSync) (Version: 6.7 - Zenju) Hard Disk Low Level Format Tool 2.36 build 1181 (HKLM\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU) HP Deskjet D1500 Printer Driver 10.0 Rel .3 (HKLM\...\{167F938F-5AD3-40e2-B05D-2B7C6F0FDE48}) (Version: 10.0 - HP) HP Deskjet F4400 Printer Driver 14.0 Rel. 5 (HKLM\...\{A800FCC9-8E1E-4D84-9CED-47870701FDE1}) (Version: 14.0 - HP) IDA Demo v6.6 (HKLM\...\IDA Demo_is1) (Version: - Hex-Rays SA) IDA Pro Free v5.0 (HKLM\...\IDA Pro Free_is1) (Version: - Hex-Rays SA) IHMC CmapTools v5.04.01 (HKLM\...\IHMC CmapTools v5.04.01) (Version: 5.0.4.1 - Institute for Human & Machine Cognition) IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version: - Image-Line) ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.2.0 - LIGHTNING UK!) Iminent (HKLM\...\IMBoosterARP) (Version: 7.5.3.1 - Iminent) <==== ATTENTION inSSIDer (HKLM\...\{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}) (Version: 2.1.5 - MetaGeek) Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Java SE Development Kit 7 Update 21 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle) LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics) Lyrics Plugin for Winamp (HKLM\...\{75E9A522-65D2-4200-A95F-C3EF89703263}) (Version: 0.4 - Lyrics Plugin) Malwarebytes Anti-Malware versión 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) MediaMonkey 4.0 (HKLM\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - ) Microsoft .NET Framework 1.1 Spanish Language Pack (HKLM\...\{83169D43-4660-4347-BC95-E9D6E6BE65CE}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN (HKLM\...\{85AC0FFA-643D-3103-9310-7086ECB0C36C}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN (HKLM\...\{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - ) Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - ) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft) Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft) Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft) Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation) MinGW-Get version 0.5-beta-20120426-1 (HKLM\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW) Mozilla Firefox 34.0.5 (x86 es-AR) (HKLM\...\Mozilla Firefox 34.0.5 (x86 es-AR)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) NetBeans IDE 7.3 (HKLM\...\nbi-nb-base-7.3.0.0.201302132200) (Version: 7.3 - NetBeans.org) Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - ) Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team) OBD II logger (HKLM\...\ST6UNST #1) (Version: - ) Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC) Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTLE8023xp) Net (01/07/2014 5.824.0107.2014) (HKLM\...\56F4336CA4BBFC7D3B030BFB3CC552C3C190512D) (Version: 01/07/2014 5.824.0107.2014 - Realtek Semiconductor Corp.) Paquete de idioma de Microsoft .NET Framework 2.0 - ESN (HKLM\...\Microsoft .NET Framework 2.0 Language Pack - ESN) (Version: - Microsoft Corporation) Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - esn) (Version: - Microsoft Corporation) Paquete de idioma para español de Microsoft .NET Framework 3.0 (HKLM\...\Microsoft .NET Framework 3.0 Spanish Language Pack) (Version: - Microsoft Corporation) Paquete de proveedor base de servicios de cifrado para tarjetas inteligentes de Microsoft (HKLM\...\KB909520) (Version: - Microsoft Corporation) PCMSCAN (HKLM\...\{979B748C-6095-4A5A-BC7B-C15E720529D6}) (Version: 2.4.12 - Palmer Performance Engineering) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Physion (HKLM\...\B969B390-AC77-49F7-B928-C5147A6008C0) (Version: 1.01 - Dimitris Xanthopoulos) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PokerStars.net (HKLM\...\PokerStars.net) (Version: - PokerStars.net) Pro Evolution Soccer 2009 (HKLM\...\{A8DB611A-D80E-450D-85F6-3ACDD164BE31}) (Version: 1.00.0000 - KONAMI) ProScan (HKLM\...\{3AB16E9C-C582-4BF0-A76C-37B18ED78B72}) (Version: 5.9 - Gore Research) REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Reproductor de Windows Media 11 (HKLM\...\Windows Media Player) (Version: - ) Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation) Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC) Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden ScanMaster-ELM 2.1.104.771 DEMO (HKLM\...\ScanMaster-ELM - DEMO_is1) (Version: 2.1.104.771 - WGSoft.de) ScanMaster-ELM 4.3.0.2095 DEMO (HKLM\...\{76E1EA66-989B-475A-92AF-F950B49E711E}_is1) (Version: 4.3.0.2095 - WGSoft.de) ScanXL Professional (HKLM\...\{2BE87846-415C-4098-A6AE-226931D1C01A}) (Version: 3.5.1 - Palmer Performance Engineering) Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skins (Version: 2010.0210.2339.42455 - ATI) Hidden Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - ) SSC Service Utility v4.30 (HKLM\...\SSC Service Utility_is1) (Version: - SSC Localization Group) Super Mario 64 (Español) (HKLM\...\Super Mario 64_is1) (Version: - Nintendo™) System Explorer 6.1.0 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH) Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden UltraISO Premium V9.52 (HKLM\...\UltraISO_is1) (Version: - ) VirtualDJ Home FREE (HKLM\...\{5E1375CB-6792-4464-8715-CC3EC83D48FA}) (Version: 7.0.5 - Atomix Productions) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Winamp (HKLM\...\Winamp) (Version: 5.621 - Nullsoft, Inc) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Updates Downloader (HKLM\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation) WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) Wireshark 1.10.8 (32-bit) (HKLM\...\Wireshark) (Version: 1.10.8 - The Wireshark developer community, http://www.wireshark.org) Wondershare PDF Editor OCR (HKLM\...\{408133BA-3665-4EF5-9DC4-E6A475DA8119}_is1) (Version: 3.6.0.9 - Wondershare Software Co.,Ltd.) Wondershare PDF Editor(Build 3.7.1) (HKLM\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.7.1.5 - Wondershare Software Co.,Ltd.) Xirrus Wi-Fi Inspector (HKLM\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus) XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2001-08-24 13:00 - 2012-12-06 20:16 - 00000736 ____A K:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: K:\WINDOWS\Tasks\Adobe Flash Player Updater.job => K:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: K:\WINDOWS\Tasks\avast! Emergency Update.job => E:\AVAST Software\Avast\AvastEmUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-12-11 08:45 - 2014-12-11 08:45 - 02905600 _____ () E:\AVAST Software\Avast\defs\14121100\algo.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () E:\archivos comunes\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-05 13:24 - 2014-11-12 13:40 - 38562088 _____ () E:\AVAST Software\Avast\libcef.dll 2014-12-09 19:47 - 2014-12-09 19:47 - 03758192 _____ () E:\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: K:\WINDOWS\system32\autochk.exe:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\autochk.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\eventquery.vbs:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\eventquery.vbs:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\faultrep.dll:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\faultrep.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\keyboard.sys:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\keyboard.sys:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\schedsvc.dll:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\schedsvc.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\Ver canales.scf:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\Ver canales.scf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\wdmaud.drv:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\wdmaud.drv:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\Documents and Settings\All Users\Datos de programa\TEMP:1AAB2E68 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: mobilegeni daemon => ========================= Accounts: ========================== Administrador (S-1-5-21-1757981266-1788223648-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrador.PL-0 ASPNET (S-1-5-21-1757981266-1788223648-725345543-1052 - Limited - Enabled) Invitado (S-1-5-21-1757981266-1788223648-725345543-501 - Limited - Disabled) PL (S-1-5-21-1757981266-1788223648-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\PL ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/06/2014 02:58:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: lgflashtool2014.exe, versión: 1.0.0.1, módulo con error: msvcr100.dll, versión 10.0.30319.1, dirección de error 0x00002424. Procesando suceso específico de medio para [lgflashtool2014.exe!ws!] Error: (11/19/2014 02:31:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: physion.exe, versión: 0.0.0.0, módulo con error: physion.exe, versión 0.0.0.0, dirección de error 0x000bbeef. Procesando suceso específico de medio para [physion.exe!ws!] Error: (11/19/2014 02:15:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: algodoo.exe, versión: 0.0.0.0, módulo con error: atioglxx.dll, versión 6.14.10.6847, dirección de error 0x0026808e. Procesando suceso específico de medio para [algodoo.exe!ws!] Error: (11/19/2014 01:57:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: algodoo.exe, versión: 0.0.0.0, módulo con error: atioglxx.dll, versión 6.14.10.6847, dirección de error 0x0026808e. Procesando suceso específico de medio para [algodoo.exe!ws!] Error: (11/18/2014 01:58:22 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. Error: (11/18/2014 01:25:53 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. Error: (11/18/2014 01:23:58 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. System errors: ============= Error: (12/10/2014 06:51:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Intervalo de espera (30000 ms.) para la respuesta de transacción del servicio avast! Antivirus. Error: (12/09/2014 03:29:58 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:57 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:57 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:56 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:56 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:55 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:55 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:54 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:54 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Microsoft Office Sessions: ========================= Error: (12/06/2014 02:58:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: lgflashtool2014.exe1.0.0.1msvcr100.dll10.0.30319.100002424 Error: (11/19/2014 02:31:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: physion.exe0.0.0.0physion.exe0.0.0.0000bbeef Error: (11/19/2014 02:15:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: algodoo.exe0.0.0.0atioglxx.dll6.14.10.68470026808e Error: (11/19/2014 01:57:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: algodoo.exe0.0.0.0atioglxx.dll6.14.10.68470026808e Error: (11/18/2014 01:58:22 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL Error: (11/18/2014 01:25:53 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL Error: (11/18/2014 01:23:58 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL ==================== Memory info =========================== Processor: AMD Athlon 64 X2 Dual Core Processor 5000+ Percentage of memory in use: 31% Total physical RAM: 2942.42 MB Available physical RAM: 2017.49 MB Total Pagefile: 2980.17 MB Available Pagefile: 2270.89 MB Total Virtual: 2047.88 MB Available Virtual: 1929.23 MB ==================== Drives ================================ Drive c: (mis documentos) (Fixed) (Total:111.76 GB) (Free:0.72 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: (paginacion) (Fixed) (Total:0.93 GB) (Free:0.73 GB) NTFS Drive e: (Archivos de programa) (Fixed) (Total:24.02 GB) (Free:13.31 GB) NTFS Drive f: (Archivos 9GB) (Fixed) (Total:5.18 GB) (Free:2.14 GB) NTFS Drive g: (vacia) (Fixed) (Total:3.09 GB) (Free:0.95 GB) NTFS Drive i: (ULI) (Removable) (Total:7.25 GB) (Free:1.51 GB) FAT32 Drive k: (xp) (Fixed) (Total:27.26 GB) (Free:12.8 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 15551555) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=27.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=90.8 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=3.1 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (Size: 7.3 GB) (Disk ID: 47EEE80B) Partition 1: (Active) - (Size=7.3 GB) - (Type=0B) ==================== End Of Log ============================
  9. addition.txt Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2014 01 Ran by PL at 2014-12-11 15:50:28 Running from C:\Descargas\jdownloader Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: ESET NOD32 Antivirus 7.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden 7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - ) Actualización de seguridad para Windows Internet Explorer 7 (KB2544521) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2559049) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2586448) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2618444) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2647516) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows XP (KB2510581) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB2544521) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB2559049) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden Actualización para Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation) Actualización para Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation) Actualización para Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden Analizador de MSXML 6.0 (HKLM\...\{624810C7-02AA-4964-8A2F-AA07251259BF}) (Version: 6.00.3883.15 - Microsoft Corporation) Angry Birds (HKLM\...\{EB8D8402-5741-4CBA-A292-1E530E1A6F13}) (Version: 4.0.0 - Rovio Entertainment Ltd.) ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach) ATI - Utilidad de desinstalación de software (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - ) ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0210.2338 - ) ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.411-070821a1-055477C-Asus - ) ATI Parental Control & Encoder (Version: 3.0 - Nombre de su organización) Hidden Auslogics Registry Cleaner (HKLM\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 3.4.1.0 - Auslogics Labs Pty Ltd) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software) BlackBerry Link (Version: 1.2.3.56 - BlackBerry Ltd.) Hidden BootLog XP (HKLM\...\BootLog XP_is1) (Version: 2.10 - Greatis Software) BurnAware Free 7.1 (HKLM\...\BurnAware Free_is1) (Version: - Burnaware) ccc-core-preinstall (Version: 2010.0210.2339.42455 - ATI) Hidden ccc-core-static (Version: 2010.0210.2339.42455 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform) Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO) CorelDRAW Graphics Suite X6 - Capture (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Common (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Connect (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Draw (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - ES (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Filters (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - FontNav (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Redist (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VBA (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VSTA (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 (Version: 16.1 - Corel Corporation) Hidden Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - ) Crocodile Technology 607 (ES) (HKLM\...\{B0EA5655-6C96-4B50-8199-D87B30590718}) (Version: 1.00.0607 - Ì) Debugging Tools for Windows (x86) (HKLM\...\{1CD0C3C5-809D-4CFC-904A-1B67C6243637}) (Version: 6.9.3.113 - Microsoft Corporation) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Desinstalador de impresoras EPSON Stylus TX200 Series (HKLM\...\EPSON Stylus TX200 Series) (Version: - SEIKO EPSON Corporation) Digimoto 5 (HKLM\...\{EDA3A982-B8ED-407E-9BF4-0E94EBA35ED3}) (Version: 5.0.22 - PerformanceScan) DJ_AIO_05_F4400_Software_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden DJ_SF_03_D1500_Software_Min (Version: 100.0.239.000 - Hewlett-Packard) Hidden Dyno-Scan for Windows 10.0.1 (HKLM\...\{7576E0E7-AEFC-4F47-A388-F91B5640CE4F}) (Version: 10.0.1 - Auterra) EaseUS Partition Master 9.2.1 Home Edition (HKLM\...\EaseUS Partition Master Home Edition_is1) (Version: - EaseUS) EasyBCD 2.2 (HKLM\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies) EPSON Scan (HKLM\...\EPSON Scanner) (Version: - ) FileAlyzer 2 (HKLM\...\{29D3773E-54F4-23C2-D523-236A4453B845}_is1) (Version: 2.0.5.57 - Safer Networking Limited) FL Studio 11 (HKLM\...\FL Studio 11) (Version: - Image-Line) FlowStone FL 3.0 (HKLM\...\FlowStone) (Version: - ) Football Manager 2014 (HKLM\...\{68772D7A-4184-47A5-BFB9-BF74C1B09413}) (Version: 1.0.0 - Sega) FORScan versión 2.1.19.beta (HKLM\...\{63310483-6490-44CD-B351-8F66C2923070}_is1) (Version: 2.1.19.beta - Verysoft LLC) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation) FreeFileSync 6.7 (HKLM\...\FreeFileSync) (Version: 6.7 - Zenju) Hard Disk Low Level Format Tool 2.36 build 1181 (HKLM\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU) HP Deskjet D1500 Printer Driver 10.0 Rel .3 (HKLM\...\{167F938F-5AD3-40e2-B05D-2B7C6F0FDE48}) (Version: 10.0 - HP) HP Deskjet F4400 Printer Driver 14.0 Rel. 5 (HKLM\...\{A800FCC9-8E1E-4D84-9CED-47870701FDE1}) (Version: 14.0 - HP) IDA Demo v6.6 (HKLM\...\IDA Demo_is1) (Version: - Hex-Rays SA) IDA Pro Free v5.0 (HKLM\...\IDA Pro Free_is1) (Version: - Hex-Rays SA) IHMC CmapTools v5.04.01 (HKLM\...\IHMC CmapTools v5.04.01) (Version: 5.0.4.1 - Institute for Human & Machine Cognition) IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version: - Image-Line) ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.2.0 - LIGHTNING UK!) Iminent (HKLM\...\IMBoosterARP) (Version: 7.5.3.1 - Iminent) <==== ATTENTION inSSIDer (HKLM\...\{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}) (Version: 2.1.5 - MetaGeek) Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Java SE Development Kit 7 Update 21 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle) LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics) Lyrics Plugin for Winamp (HKLM\...\{75E9A522-65D2-4200-A95F-C3EF89703263}) (Version: 0.4 - Lyrics Plugin) Malwarebytes Anti-Malware versión 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) MediaMonkey 4.0 (HKLM\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - ) Microsoft .NET Framework 1.1 Spanish Language Pack (HKLM\...\{83169D43-4660-4347-BC95-E9D6E6BE65CE}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN (HKLM\...\{85AC0FFA-643D-3103-9310-7086ECB0C36C}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN (HKLM\...\{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - ) Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - ) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft) Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft) Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft) Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation) MinGW-Get version 0.5-beta-20120426-1 (HKLM\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW) Mozilla Firefox 34.0.5 (x86 es-AR) (HKLM\...\Mozilla Firefox 34.0.5 (x86 es-AR)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) NetBeans IDE 7.3 (HKLM\...\nbi-nb-base-7.3.0.0.201302132200) (Version: 7.3 - NetBeans.org) Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - ) Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team) OBD II logger (HKLM\...\ST6UNST #1) (Version: - ) Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC) Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTLE8023xp) Net (01/07/2014 5.824.0107.2014) (HKLM\...\56F4336CA4BBFC7D3B030BFB3CC552C3C190512D) (Version: 01/07/2014 5.824.0107.2014 - Realtek Semiconductor Corp.) Paquete de idioma de Microsoft .NET Framework 2.0 - ESN (HKLM\...\Microsoft .NET Framework 2.0 Language Pack - ESN) (Version: - Microsoft Corporation) Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - esn) (Version: - Microsoft Corporation) Paquete de idioma para español de Microsoft .NET Framework 3.0 (HKLM\...\Microsoft .NET Framework 3.0 Spanish Language Pack) (Version: - Microsoft Corporation) Paquete de proveedor base de servicios de cifrado para tarjetas inteligentes de Microsoft (HKLM\...\KB909520) (Version: - Microsoft Corporation) PCMSCAN (HKLM\...\{979B748C-6095-4A5A-BC7B-C15E720529D6}) (Version: 2.4.12 - Palmer Performance Engineering) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Physion (HKLM\...\B969B390-AC77-49F7-B928-C5147A6008C0) (Version: 1.01 - Dimitris Xanthopoulos) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PokerStars.net (HKLM\...\PokerStars.net) (Version: - PokerStars.net) Pro Evolution Soccer 2009 (HKLM\...\{A8DB611A-D80E-450D-85F6-3ACDD164BE31}) (Version: 1.00.0000 - KONAMI) ProScan (HKLM\...\{3AB16E9C-C582-4BF0-A76C-37B18ED78B72}) (Version: 5.9 - Gore Research) REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Reproductor de Windows Media 11 (HKLM\...\Windows Media Player) (Version: - ) Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation) Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC) Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden ScanMaster-ELM 2.1.104.771 DEMO (HKLM\...\ScanMaster-ELM - DEMO_is1) (Version: 2.1.104.771 - WGSoft.de) ScanMaster-ELM 4.3.0.2095 DEMO (HKLM\...\{76E1EA66-989B-475A-92AF-F950B49E711E}_is1) (Version: 4.3.0.2095 - WGSoft.de) ScanXL Professional (HKLM\...\{2BE87846-415C-4098-A6AE-226931D1C01A}) (Version: 3.5.1 - Palmer Performance Engineering) Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skins (Version: 2010.0210.2339.42455 - ATI) Hidden Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - ) SSC Service Utility v4.30 (HKLM\...\SSC Service Utility_is1) (Version: - SSC Localization Group) Super Mario 64 (Español) (HKLM\...\Super Mario 64_is1) (Version: - Nintendo™) System Explorer 6.1.0 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH) Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden UltraISO Premium V9.52 (HKLM\...\UltraISO_is1) (Version: - ) VirtualDJ Home FREE (HKLM\...\{5E1375CB-6792-4464-8715-CC3EC83D48FA}) (Version: 7.0.5 - Atomix Productions) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Winamp (HKLM\...\Winamp) (Version: 5.621 - Nullsoft, Inc) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Updates Downloader (HKLM\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation) WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) Wireshark 1.10.8 (32-bit) (HKLM\...\Wireshark) (Version: 1.10.8 - The Wireshark developer community, http://www.wireshark.org) Wondershare PDF Editor OCR (HKLM\...\{408133BA-3665-4EF5-9DC4-E6A475DA8119}_is1) (Version: 3.6.0.9 - Wondershare Software Co.,Ltd.) Wondershare PDF Editor(Build 3.7.1) (HKLM\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.7.1.5 - Wondershare Software Co.,Ltd.) Xirrus Wi-Fi Inspector (HKLM\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus) XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2001-08-24 13:00 - 2012-12-06 20:16 - 00000736 ____A K:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: K:\WINDOWS\Tasks\Adobe Flash Player Updater.job => K:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: K:\WINDOWS\Tasks\avast! Emergency Update.job => E:\AVAST Software\Avast\AvastEmUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-12-11 08:45 - 2014-12-11 08:45 - 02905600 _____ () E:\AVAST Software\Avast\defs\14121100\algo.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () E:\archivos comunes\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-05 13:24 - 2014-11-12 13:40 - 38562088 _____ () E:\AVAST Software\Avast\libcef.dll 2014-12-09 19:47 - 2014-12-09 19:47 - 03758192 _____ () E:\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: K:\WINDOWS\system32\autochk.exe:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\autochk.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\eventquery.vbs:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\eventquery.vbs:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\faultrep.dll:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\faultrep.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\keyboard.sys:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\keyboard.sys:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\schedsvc.dll:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\schedsvc.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\Ver canales.scf:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\Ver canales.scf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\wdmaud.drv:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\wdmaud.drv:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\Documents and Settings\All Users\Datos de programa\TEMP:1AAB2E68 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: mobilegeni daemon => ========================= Accounts: ========================== Administrador (S-1-5-21-1757981266-1788223648-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrador.PL-0 ASPNET (S-1-5-21-1757981266-1788223648-725345543-1052 - Limited - Enabled) Invitado (S-1-5-21-1757981266-1788223648-725345543-501 - Limited - Disabled) PL (S-1-5-21-1757981266-1788223648-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\PL ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/06/2014 02:58:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: lgflashtool2014.exe, versión: 1.0.0.1, módulo con error: msvcr100.dll, versión 10.0.30319.1, dirección de error 0x00002424. Procesando suceso específico de medio para [lgflashtool2014.exe!ws!] Error: (11/19/2014 02:31:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: physion.exe, versión: 0.0.0.0, módulo con error: physion.exe, versión 0.0.0.0, dirección de error 0x000bbeef. Procesando suceso específico de medio para [physion.exe!ws!] Error: (11/19/2014 02:15:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: algodoo.exe, versión: 0.0.0.0, módulo con error: atioglxx.dll, versión 6.14.10.6847, dirección de error 0x0026808e. Procesando suceso específico de medio para [algodoo.exe!ws!] Error: (11/19/2014 01:57:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: algodoo.exe, versión: 0.0.0.0, módulo con error: atioglxx.dll, versión 6.14.10.6847, dirección de error 0x0026808e. Procesando suceso específico de medio para [algodoo.exe!ws!] Error: (11/18/2014 01:58:22 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. Error: (11/18/2014 01:25:53 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. Error: (11/18/2014 01:23:58 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. System errors: ============= Error: (12/10/2014 06:51:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Intervalo de espera (30000 ms.) para la respuesta de transacción del servicio avast! Antivirus. Error: (12/09/2014 03:29:58 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:57 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:57 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:56 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:56 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:55 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:55 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:54 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Error: (12/09/2014 03:29:54 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk1\D Microsoft Office Sessions: ========================= Error: (12/06/2014 02:58:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: lgflashtool2014.exe1.0.0.1msvcr100.dll10.0.30319.100002424 Error: (11/19/2014 02:31:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: physion.exe0.0.0.0physion.exe0.0.0.0000bbeef Error: (11/19/2014 02:15:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: algodoo.exe0.0.0.0atioglxx.dll6.14.10.68470026808e Error: (11/19/2014 01:57:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: algodoo.exe0.0.0.0atioglxx.dll6.14.10.68470026808e Error: (11/18/2014 01:58:22 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL Error: (11/18/2014 01:25:53 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL Error: (11/18/2014 01:23:58 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL ==================== Memory info =========================== Processor: AMD Athlon 64 X2 Dual Core Processor 5000+ Percentage of memory in use: 31% Total physical RAM: 2942.42 MB Available physical RAM: 2017.49 MB Total Pagefile: 2980.17 MB Available Pagefile: 2270.89 MB Total Virtual: 2047.88 MB Available Virtual: 1929.23 MB ==================== Drives ================================ Drive c: (mis documentos) (Fixed) (Total:111.76 GB) (Free:0.72 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: (paginacion) (Fixed) (Total:0.93 GB) (Free:0.73 GB) NTFS Drive e: (Archivos de programa) (Fixed) (Total:24.02 GB) (Free:13.31 GB) NTFS Drive f: (Archivos 9GB) (Fixed) (Total:5.18 GB) (Free:2.14 GB) NTFS Drive g: (vacia) (Fixed) (Total:3.09 GB) (Free:0.95 GB) NTFS Drive i: (ULI) (Removable) (Total:7.25 GB) (Free:1.51 GB) FAT32 Drive k: (xp) (Fixed) (Total:27.26 GB) (Free:12.8 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 15551555) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=27.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=90.8 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=3.1 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (Size: 7.3 GB) (Disk ID: 47EEE80B) Partition 1: (Active) - (Size=7.3 GB) - (Type=0B) ==================== End Of Log ============================
  10. malwarebytes free detects malware inside %programfiles%, the folder is "settings manager" but that folder does not exist. the detections enter inside an infinit loop, malwarebytes goes slow and incrase memorie consumsion. i stop the scan after half an hour, malwarebytes hungs up an hour to show results and then it took half hour to save a log of 25 mb for some reason a cannot upload the log so a put the beggining here: Malwarebytes Anti-Malware www.malwarebytes.org Fecha del Análisis: 04/12/2014 Tiempo de Análisis: 14:22:00 Logfile: malwarebytes.txt Administrador: Si Versión: 2.00.4.1028 Base de datos de malware: v2014.12.04.05 Base de datos de rootkit: v2014.12.03.01 Licencia: Gratis Protección contra malware: Desactivado Protección Web: Desactivado Autoprotección: Desactivado SO: Windows XP Service Pack 3 CPU: x86 Archivos del Sistema: NTFS Usuario: PL Tipo de Análisis: Análisis Personalizado Resultado: Cancelar Objetos Analizados: 449453 Tiempo Transcurrido: 33 min, 20 seg Memoria: Activado Inicio: Activado Sistema de archivos: Desactivado Archivo: Desactivado Rootkits: Activado Heurística: Activado PUP: Activado PUM: Activado Procesos: 0 (Sin elementos maliciosos detectados) Modulos: 0 (Sin elementos maliciosos detectados) Llaves del Registro: 0 (Sin elementos maliciosos detectados) Valores del Registro: 0 (Sin elementos maliciosos detectados) Datos del Registro: 0 (Sin elementos maliciosos detectados) Carpetas: 387 PUP.Optional.SettingsManager.A, e:\\settings manager\7-zip, , [7205d38b562677bfcb0286a9d1327b85], PUP.Optional.SettingsManager.A, e:\\settings manager\7-zip\lang, , [7205d38b562677bfcb0286a9d1327b85], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45],
  11. checkresults.txt: mbam-check result log version: 2.1.1.1001 ======================================== User Account type: Administrator OS: Windows XP Service Pack 3 Service Pack 3 32 bit Operating System Current Version and Build: 5.1.2600.0 OS Product Info: Professional Malwarebytes Anti-Malware: 2.0.4.1028 Installed On: 2014/12/07 Malware Database: 0000.00.00.00 Rootkit Database: 0000.00.00.00 Remediation Database: 0000.00.00.00 IP Database: 0000.00.00.00 Domain Database: 0000.00.00.00 License: Free Malware Protection: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector Malicious Website Protection: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMWebAccessControl Chameleon: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon Log Created: 2014/12/07 17:44:17 Compatibility Flag Settings: ================================= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers E:\Foxit Software\Foxit Reader\Foxit Reader.exeREG_SZ EnableNXShowUI K:\WINDOWS\system32\services.exeREG_SZ EnableNXShowUI e:\Corel\CorelDRAW Graphics Suite X6\Programs\CorelDrw.exeREG_SZ DISABLECICERO E:\Winamp\winamp.exe REG_SZ EnableNXShowUI C:\uli\impresoras\reset\RESET_EPSON_TX430W.exeREG_SZ EnableNXShowUI C:\uli\softcrackin\RDG Packer Detector v0.7.2 Rev2 2014\RDG Packer Detector v0.7.2 Rev2 2014\RDG Packer Detector v0.7.2.exeREG_SZ DisableNXShowUI C:\ADCDA2\ADBCD.exe REG_SZ DisableNXShowUI HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers E:\Rovio Entertainment Ltd\Angry Birds\AngryBirds.exeREG_SZ HIGHDPIAWARE Malwarebytes Anti-Malware Shell Extension Block Check: ====================================================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked MBAM Startup Entries: ===================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Malwarebytes Anti-Malware Service and Driver Status: ======================================================= --------------Driver File Info:-------------- K:\WINDOWS\system32\drivers\mbam.sys File Size: 23256 BYTES FileVersion: 0.1.15.0 MD5: [a3f4391dfdf2f9e9fe4ead193265a5ad] K:\WINDOWS\system32\drivers\mbamswissarmy.sys File Size: 114904 BYTES FileVersion: 0.2.13.0 MD5: [8e2e9ccd873abf180f48bcaeeebe347d] K:\WINDOWS\system32\drivers\mbamchameleon.sys File Size: 54360 BYTES FileVersion: 1.1.4.0 MD5: [ffb32e70d735146f5630dc7a96b6e1a8] --------------MBAMProtector:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A --------------MBAMService:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMService WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A --------------MBAMScheduler:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A --------------MBAMChameleon:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A --------------MBAMWebAccessControl:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MbamWebAccessControl WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A Required Dependencies: ====================== --------------fltmgr:-------------- Type: 2 State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_EXIT_CODE: 0 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr Type REG_DWORD 2 Start REG_DWORD 0 ErrorControl REG_DWORD 1 Tag REG_DWORD 4 ImagePath REG_EXPAND_SZ system32\DRIVERS\fltMgr.sys DisplayName REG_SZ FltMgr Group REG_SZ FSFilter Infrastructure Description REG_SZ Controlador del administrador de filtros del sistema de archivos AttachWhenLoaded REG_DWORD 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Security Security REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum 0 REG_SZ Root\LEGACY_FLTMGR\0000 Count REG_DWORD 1 NextInstance REG_DWORD 1 K:\WINDOWS\system32\drivers\fltmgr.sys File Size: 129792 BYTES FileVersion: 5.1.2600.5512 MD5: [b2cf4b0786f8212cb92ed2b50c6db6b0] K:\WINDOWS\system32\comctl32.ocx File Size: 609824 BYTES FileVersion: 6.0.81.5 MD5: [e2bed335446b7321ff38a138b3962e8a] K:\WINDOWS\system32\mscomctl.ocx File Size: 1070232 BYTES FileVersion: 6.1.98.39 MD5: [766f501b61c22723536af696a74133d4] K:\WINDOWS\system32\olepro32.dll File Size: 84992 BYTES FileVersion: 5.1.2600.5512 MD5: [f71cb6064dfc10dfb767b537bfa33d61] MBAM Registry Settings and License Info: ======================================== --------------Settings:-------------- Advanced: AutomaticQuarantine: true AutostartProtection: true LimitedMode: false StartSilentMode: false StartupDelay: 0 ApplicationState: First-Run-After-Installation: false General: DaysUntilNotifyExpiration: 5 Language: en RightClickAccess: false SilentErrors: false Logging: ExportLog: true Notification: ProtectionTray: DisplayMilliseconds: 7000 ScanHistory: Duration_Driver: 14409 Duration_Filesystem: 620 Duration_Heuristics: 8000 Duration_Loading: 0 Duration_MasterBootRecord: 94 Duration_Memory: 40000 Duration_PreScan: 74551 Duration_Registry: 9037 Duration_Sector: 0 Duration_Startup: 18468 ItemCount_Driver: 292 ItemCount_Filesystem: 37465 ItemCount_Heuristics: 108509 ItemCount_Loading: 0 ItemCount_MasterBootRecord: 1 ItemCount_Memory: 2797 ItemCount_PreScan: 74500 ItemCount_Registry: 336 ItemCount_Sector: 0 ItemCount_Startup: 1280 LastScanDateEpoch: 1417981015562 LastScanType: 3 (Hyper Scan) Update: LastUpdate: 2014-12-07T19:30:18 NotifyInstallReady: true NotifyOutdatedDatabase: 7 ProxyPassword: ProxyPort: 0 ProxyServer: ProxyUsername: UseProxy: false UseProxyAuthentication: false --------------Account:-------------- Account Status: Free Expiration Time: Activation Time: Trial Used: false --------------Access Policies:-------------- Scheduler Queue: ================ Pending File Rename Operations: ================================ If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation. Pending File Rename Operations: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\ PendingFileRenameOperations REG_MULTI_SZ \??\E:\Malwarebytes Anti-Malware\mbamext.dll.old MBAMProtector Registry Values: ============================== MBAMService Registry Values: ============================ MBAMScheduler Registry Values: ============================== Terminal Services Status for (null) entries in PM logs and GetUserToken errors: =============================================================================== --------------TERMService:-------------- Type: 32 State: 4 (The service is running.) (State is stopped) WIN32_EXIT_CODE: 0 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 TermService Start is set to: 3 (Manual Startup) Proxy Status: No proxy is Set Proxy Override: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ ProxyOverride REG_SZ <local> LAN Settings: ============= No Settings are Set <--NOT DETECTING SETTING AUTOMATICALLY SystemPartition: ================ HKEY_LOCAL_MACHINE\SYSTEM\Setup\ SystemPartition REG_SZ \Device\HarddiskVolume10 Balloon Tips Status: ==================== Disabled <--BALLOON TOOLTIPS ARE DISABLED! Time Format Settings: ===================== Should be: h:mm:ss tt AM PM : Currently: REG_SZ HH:mm:ss REG_SZ a.m. REG_SZ p.m. REG_SZ : Language and Regional Settings: =============================== ACP: Language is English (United States) MACCP: Language is English (United States) OEMCP: 850 Please refer to this link for details: Here Startup Folders for Error_Expanding_Variables Check: ==================================================== All Users Startup Folder Exists. Current User's startup Folder Exists. Context Menu Entries: ===================== List of MBAM Related Directories: ================================= E:\Malwarebytes Anti-Malware\ 7z.dll File Size: 920888 BYTES FileVersion: 9.20.0.0 MD5: [067f8fee78dc960d6fc36d1d071913e8] changes.txt File Size: 100 BYTES FileVersion: N/A MD5: [a4b1260d5fa0045146288698a3db62f0] license.rtf File Size: 39478 BYTES FileVersion: N/A MD5: [8627b31943a534aad30d154c2b2c1aaf] master.conf File Size: 1258 BYTES FileVersion: N/A MD5: [9702ca5e82d3756c6d8af34a2ababaea] mbam.dll File Size: 579896 BYTES FileVersion: 1.0.16.0 MD5: [9605659224814baf5dc0b2c37a70b83c] mbam.exe File Size: 7229752 BYTES FileVersion: 1.0.1.711 MD5: [3c13f26a4766752314a5413038bd86b4] mbamcore.dll File Size: 1829176 BYTES FileVersion: 1.1.20.0 MD5: [b5de1455392f8aea137a79a539536086] mbamdor.exe File Size: 54072 BYTES FileVersion: 1.0.1.0 MD5: [7bda05509585396989e523bede832e9b] mbamext.dll File Size: 261432 BYTES FileVersion: 3.0.6.0 MD5: [fe89671d870acac23afc9becd4a0137d] mbampt.exe File Size: 39736 BYTES FileVersion: 1.0.0.0 MD5: [6c6ced3ffd1b24b39ecdd7416694324d] mbamscheduler.exe File Size: 1871160 BYTES FileVersion: 3.1.1.0 MD5: [0bb29de40c9d9529793dcdb59a43cf5b] mbamservice.exe File Size: 969016 BYTES FileVersion: 3.0.8.1 MD5: [5f82d8188b370b0cf185d4ae2b9b4a0e] mbamsrv.dll File Size: 4463928 BYTES FileVersion: 1.2.0.0 MD5: [5da6de166e1ca56638e931bfe631de53] msvcp100.dll File Size: 421688 BYTES FileVersion: 10.0.40219.325 MD5: [e7a36dc43b2757bdad7f1ba934234834] msvcr100.dll File Size: 774456 BYTES FileVersion: 10.0.40219.325 MD5: [cf5858509b748fe5cefe63d29289f7f3] QtCore4.dll File Size: 2732856 BYTES FileVersion: 4.8.4.0 MD5: [82373bfed2c741677e22dccb16f29960] QtGui4.dll File Size: 8575288 BYTES FileVersion: 4.8.4.0 MD5: [2c0fc2279552ff45ec0d7d9b113f8b92] QtNetwork4.dll File Size: 909112 BYTES FileVersion: 4.8.4.0 MD5: [454b9f0364d41afa69690baebda01217] unins000.dat File Size: 25334 BYTES FileVersion: N/A MD5: [0132c0b2cca385be6ce981df32dd8fe2] unins000.exe File Size: 719743 BYTES FileVersion: 51.52.0.0 MD5: [d4cfadd772f339da3ca93afcc11c8d70] E:\Malwarebytes Anti-Malware\\accessible qtaccessiblewidgets4.dll File Size: 198968 BYTES FileVersion: 4.8.4.0 MD5: [9dc9f70942de132a762c974e7ee3bed6] E:\Malwarebytes Anti-Malware\\Chameleon E:\Malwarebytes Anti-Malware\\Chameleon\Windows chameleon.chm File Size: 235882 BYTES FileVersion: N/A MD5: [c4190b71f037714aa77aba294434ba5b] firefox.com File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] firefox.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] firefox.pif File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] firefox.scr File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] iexplore.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] mbam-chameleon.com File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] mbam-chameleon.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] mbam-chameleon.pif File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] mbam-chameleon.scr File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] mbam-killer.exe File Size: 1188664 BYTES FileVersion: 3.0.2.0 MD5: [d6d202229b5cd31085d744f5b5bcf2e3] rundll32.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] svchost.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] windows.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] winlogon.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12] E:\Malwarebytes Anti-Malware\\imageformats qgif4.dll File Size: 32568 BYTES FileVersion: 4.8.4.0 MD5: [a99351607fe64cf112d7284b738e0b6a] E:\Malwarebytes Anti-Malware\\Languages lang_ar.qm File Size: 139423 BYTES FileVersion: N/A MD5: [9771d098e918204a99fa0068f431e6ba] lang_bg.qm File Size: 147865 BYTES FileVersion: N/A MD5: [d250b37179f313e58267f7946e0522d4] lang_ca.qm File Size: 149256 BYTES FileVersion: N/A MD5: [0cc2735ee2f231ea5d964c323ca73e08] lang_cs.qm File Size: 142601 BYTES FileVersion: N/A MD5: [8426f7126d2851a1e6ca1f1f7e45d2ec] lang_da.qm File Size: 143131 BYTES FileVersion: N/A MD5: [6fe13d4a5a44a3390bf9940404eeb6c7] lang_de.qm File Size: 151959 BYTES FileVersion: N/A MD5: [9517c7c9865b5641c5c250c84b51a6d1] lang_el.qm File Size: 152327 BYTES FileVersion: N/A MD5: [4cd483236d99cf40e9d8cf534bac05e7] lang_en.qm File Size: 137689 BYTES FileVersion: N/A MD5: [d34a8afc30bb472c443f7f088513ff04] lang_es.qm File Size: 149211 BYTES FileVersion: N/A MD5: [1ee5f6535d02c94812e54e3ed65de6ac] lang_et.qm File Size: 141939 BYTES FileVersion: N/A MD5: [f6faee4a33654bb27dcf2f9d4cf955ef] lang_fi.qm File Size: 145730 BYTES FileVersion: N/A MD5: [9f4ff431ec70747591ef0e0eaf3ed2cb] lang_fr.qm File Size: 153965 BYTES FileVersion: N/A MD5: [8dd69dd62ee617dc3ca4f25ab2c70af8] lang_he.qm File Size: 134117 BYTES FileVersion: N/A MD5: [3ad149f1778e6e8f8f89ecfe67a1e62e] lang_hu.qm File Size: 147806 BYTES FileVersion: N/A MD5: [7c3ae4dde80fa8759968b218a03a7a73] lang_id.qm File Size: 145710 BYTES FileVersion: N/A MD5: [c2a0325d9dfb5c5fce7a4832837896e7] lang_it.qm File Size: 148249 BYTES FileVersion: N/A MD5: [4766a519a653d8e6f6ad32094a2a059b] lang_ja.qm File Size: 122782 BYTES FileVersion: N/A MD5: [339134f906b770b833653682264bdc23] lang_ko.qm File Size: 119240 BYTES FileVersion: N/A MD5: [5042df441910dfe9f6a55d3c005b00c7] lang_lt.qm File Size: 146950 BYTES FileVersion: N/A MD5: [5c0fca31ff0a6d2b3f6d1722940a2dc6] lang_lv.qm File Size: 146072 BYTES FileVersion: N/A MD5: [8623ed6977cd81c0d520f5fd84788d93] lang_nl.qm File Size: 147725 BYTES FileVersion: N/A MD5: [1b391d5599be4724018624a27014eb75] lang_no.qm File Size: 144153 BYTES FileVersion: N/A MD5: [2d53348f8e74f26f065e0c83e8fff7fe] lang_pl.qm File Size: 147483 BYTES FileVersion: N/A MD5: [ce39bae20f8a2b42f93f2f5a5c6dd63e] lang_pt_BR.qm File Size: 146906 BYTES FileVersion: N/A MD5: [b337c75fa23ba36176719d54c0269560] lang_pt_PT.qm File Size: 144956 BYTES FileVersion: N/A MD5: [b41016907930a96a11aadb348fd9a1b6] lang_ro.qm File Size: 146821 BYTES FileVersion: N/A MD5: [69c447559268a873808d5ae48b425ad9] lang_ru.qm File Size: 148179 BYTES FileVersion: N/A MD5: [51d4d0c155de54f24b09be7040a7ff15] lang_sk.qm File Size: 144330 BYTES FileVersion: N/A MD5: [3a00a97315c24e6820f8939920ef14b4] lang_sl.qm File Size: 144582 BYTES FileVersion: N/A MD5: [47db99ccdd98936e6a38957321c71317] lang_sv.qm File Size: 145435 BYTES FileVersion: N/A MD5: [a2b33c0364aad3e9d7daafdd4f286ee1] lang_th.qm File Size: 137957 BYTES FileVersion: N/A MD5: [6a24ece552172d805cd428853255d294] lang_tr.qm File Size: 144262 BYTES FileVersion: N/A MD5: [18b7fec7611c038780ee77044e523f70] lang_vi.qm File Size: 144480 BYTES FileVersion: N/A MD5: [708062759498e791186bbe64b7246d0c] E:\Malwarebytes Anti-Malware\\Plugins fixdamage.exe File Size: 821560 BYTES FileVersion: 1.1.0.1010 MD5: [a8181ce03e9624f2c4606af3984e345e] K:\Documents and Settings\PL\Datos de programa\Malwarebytes\Malwarebytes Anti-Malware K:\Documents and Settings\PL\Start Menu\Programs\Malwarebytes Anti-Malware K:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware Malware Exclusions: =================== Unable to access exclusion information: Error code 20001Web Exclusions: ================ Unable to access exclusion information: Error code 20001Quarantined Items: =================== Unable to access quarantine information: Error code 20001=============================================================== END OF FILE
  12. adittions.txt: Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2014 01 Ran by PL at 2014-12-07 17:40:57 Running from C:\Descargas\jdownloader Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: ESET NOD32 Antivirus 7.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden 7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - ) Actualización de seguridad para Windows Internet Explorer 7 (KB2544521) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2559049) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2586448) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2618444) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 7 (KB2647516) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation) Actualización de seguridad para Windows XP (KB2510581) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB2544521) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB2559049) (Version: 1 - Microsoft Corporation) Hidden Actualización de seguridad para Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden Actualización para Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation) Actualización para Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation) Actualización para Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden Analizador de MSXML 6.0 (HKLM\...\{624810C7-02AA-4964-8A2F-AA07251259BF}) (Version: 6.00.3883.15 - Microsoft Corporation) Angry Birds (HKLM\...\{EB8D8402-5741-4CBA-A292-1E530E1A6F13}) (Version: 4.0.0 - Rovio Entertainment Ltd.) ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach) ATI - Utilidad de desinstalación de software (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - ) ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0210.2338 - ) ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.411-070821a1-055477C-Asus - ) ATI Parental Control & Encoder (Version: 3.0 - Nombre de su organización) Hidden Auslogics Registry Cleaner (HKLM\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 3.4.1.0 - Auslogics Labs Pty Ltd) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software) BlackBerry Link (HKLM\...\BlackBerry_10_Desktop) (Version: 1.2.3.56 - BlackBerry Ltd.) BlackBerry Link (Version: 1.2.3.56 - BlackBerry Ltd.) Hidden BootLog XP (HKLM\...\BootLog XP_is1) (Version: 2.10 - Greatis Software) BurnAware Free 7.1 (HKLM\...\BurnAware Free_is1) (Version: - Burnaware) ccc-core-preinstall (Version: 2010.0210.2339.42455 - ATI) Hidden ccc-core-static (Version: 2010.0210.2339.42455 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform) Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO) CorelDRAW Graphics Suite X6 - Capture (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Common (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Connect (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Draw (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - ES (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Filters (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - FontNav (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Redist (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VBA (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VSTA (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 (Version: 16.1 - Corel Corporation) Hidden Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - ) Crocodile Technology 607 (ES) (HKLM\...\{B0EA5655-6C96-4B50-8199-D87B30590718}) (Version: 1.00.0607 - Ì) Debugging Tools for Windows (x86) (HKLM\...\{1CD0C3C5-809D-4CFC-904A-1B67C6243637}) (Version: 6.9.3.113 - Microsoft Corporation) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Desinstalador de impresoras EPSON Stylus TX200 Series (HKLM\...\EPSON Stylus TX200 Series) (Version: - SEIKO EPSON Corporation) Digimoto 5 (HKLM\...\{EDA3A982-B8ED-407E-9BF4-0E94EBA35ED3}) (Version: 5.0.22 - PerformanceScan) DJ_AIO_05_F4400_Software_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden DJ_SF_03_D1500_Software_Min (Version: 100.0.239.000 - Hewlett-Packard) Hidden Dyno-Scan for Windows 10.0.1 (HKLM\...\{7576E0E7-AEFC-4F47-A388-F91B5640CE4F}) (Version: 10.0.1 - Auterra) EaseUS Partition Master 9.2.1 Home Edition (HKLM\...\EaseUS Partition Master Home Edition_is1) (Version: - EaseUS) EasyBCD 2.2 (HKLM\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies) EPSON Scan (HKLM\...\EPSON Scanner) (Version: - ) FileAlyzer 2 (HKLM\...\{29D3773E-54F4-23C2-D523-236A4453B845}_is1) (Version: 2.0.5.57 - Safer Networking Limited) FL Studio 11 (HKLM\...\FL Studio 11) (Version: - Image-Line) FlowStone FL 3.0 (HKLM\...\FlowStone) (Version: - ) Football Manager 2014 (HKLM\...\{68772D7A-4184-47A5-BFB9-BF74C1B09413}) (Version: 1.0.0 - Sega) FORScan versión 2.1.19.beta (HKLM\...\{63310483-6490-44CD-B351-8F66C2923070}_is1) (Version: 2.1.19.beta - Verysoft LLC) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation) FreeFileSync 6.7 (HKLM\...\FreeFileSync) (Version: 6.7 - Zenju) Hard Disk Low Level Format Tool 2.36 build 1181 (HKLM\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU) HP Deskjet D1500 Printer Driver 10.0 Rel .3 (HKLM\...\{167F938F-5AD3-40e2-B05D-2B7C6F0FDE48}) (Version: 10.0 - HP) HP Deskjet F4400 Printer Driver 14.0 Rel. 5 (HKLM\...\{A800FCC9-8E1E-4D84-9CED-47870701FDE1}) (Version: 14.0 - HP) IDA Demo v6.6 (HKLM\...\IDA Demo_is1) (Version: - Hex-Rays SA) IDA Pro Free v5.0 (HKLM\...\IDA Pro Free_is1) (Version: - Hex-Rays SA) IHMC CmapTools v5.04.01 (HKLM\...\IHMC CmapTools v5.04.01) (Version: 5.0.4.1 - Institute for Human & Machine Cognition) IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version: - Image-Line) ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.2.0 - LIGHTNING UK!) Iminent (HKLM\...\IMBoosterARP) (Version: 7.5.3.1 - Iminent) <==== ATTENTION IminentToolbar (HKLM\...\IminentToolbar) (Version: 7.5.3.1 - Iminent) <==== ATTENTION inSSIDer (HKLM\...\{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}) (Version: 2.1.5 - MetaGeek) Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Java SE Development Kit 7 Update 21 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle) LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics) Lyrics Plugin for Winamp (HKLM\...\{75E9A522-65D2-4200-A95F-C3EF89703263}) (Version: 0.4 - Lyrics Plugin) Malwarebytes Anti-Malware versión 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) MediaMonkey 4.0 (HKLM\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - ) Microsoft .NET Framework 1.1 Spanish Language Pack (HKLM\...\{83169D43-4660-4347-BC95-E9D6E6BE65CE}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN (HKLM\...\{85AC0FFA-643D-3103-9310-7086ECB0C36C}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN (HKLM\...\{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - ) Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - ) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft) Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft) Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft) Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation) MinGW-Get version 0.5-beta-20120426-1 (HKLM\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW) Mozilla Firefox 33.1 (x86 es-AR) (HKLM\...\Mozilla Firefox 33.1 (x86 es-AR)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) NetBeans IDE 7.3 (HKLM\...\nbi-nb-base-7.3.0.0.201302132200) (Version: 7.3 - NetBeans.org) Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - ) Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team) OBD II logger (HKLM\...\ST6UNST #1) (Version: - ) Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC) Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTLE8023xp) Net (01/07/2014 5.824.0107.2014) (HKLM\...\56F4336CA4BBFC7D3B030BFB3CC552C3C190512D) (Version: 01/07/2014 5.824.0107.2014 - Realtek Semiconductor Corp.) Paquete de idioma de Microsoft .NET Framework 2.0 - ESN (HKLM\...\Microsoft .NET Framework 2.0 Language Pack - ESN) (Version: - Microsoft Corporation) Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - esn) (Version: - Microsoft Corporation) Paquete de idioma para español de Microsoft .NET Framework 3.0 (HKLM\...\Microsoft .NET Framework 3.0 Spanish Language Pack) (Version: - Microsoft Corporation) Paquete de proveedor base de servicios de cifrado para tarjetas inteligentes de Microsoft (HKLM\...\KB909520) (Version: - Microsoft Corporation) PCMSCAN (HKLM\...\{979B748C-6095-4A5A-BC7B-C15E720529D6}) (Version: 2.4.12 - Palmer Performance Engineering) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Physion (HKLM\...\B969B390-AC77-49F7-B928-C5147A6008C0) (Version: 1.01 - Dimitris Xanthopoulos) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PokerStars.net (HKLM\...\PokerStars.net) (Version: - PokerStars.net) Pro Evolution Soccer 2009 (HKLM\...\{A8DB611A-D80E-450D-85F6-3ACDD164BE31}) (Version: 1.00.0000 - KONAMI) ProScan (HKLM\...\{3AB16E9C-C582-4BF0-A76C-37B18ED78B72}) (Version: 5.9 - Gore Research) REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Reproductor de Windows Media 11 (HKLM\...\Windows Media Player) (Version: - ) Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation) Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC) Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden ScanMaster-ELM 2.1.104.771 DEMO (HKLM\...\ScanMaster-ELM - DEMO_is1) (Version: 2.1.104.771 - WGSoft.de) ScanMaster-ELM 4.3.0.2095 DEMO (HKLM\...\{76E1EA66-989B-475A-92AF-F950B49E711E}_is1) (Version: 4.3.0.2095 - WGSoft.de) ScanXL Professional (HKLM\...\{2BE87846-415C-4098-A6AE-226931D1C01A}) (Version: 3.5.1 - Palmer Performance Engineering) Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skins (Version: 2010.0210.2339.42455 - ATI) Hidden Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - ) SSC Service Utility v4.30 (HKLM\...\SSC Service Utility_is1) (Version: - SSC Localization Group) Super Mario 64 (Español) (HKLM\...\Super Mario 64_is1) (Version: - Nintendo™) System Explorer 6.1.0 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH) Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden UltraISO Premium V9.52 (HKLM\...\UltraISO_is1) (Version: - ) VirtualDJ Home FREE (HKLM\...\{5E1375CB-6792-4464-8715-CC3EC83D48FA}) (Version: 7.0.5 - Atomix Productions) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Winamp (HKLM\...\Winamp) (Version: 5.621 - Nullsoft, Inc) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Updates Downloader (HKLM\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation) WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) Wireshark 1.10.8 (32-bit) (HKLM\...\Wireshark) (Version: 1.10.8 - The Wireshark developer community, http://www.wireshark.org) Wondershare PDF Editor OCR (HKLM\...\{408133BA-3665-4EF5-9DC4-E6A475DA8119}_is1) (Version: 3.6.0.9 - Wondershare Software Co.,Ltd.) Wondershare PDF Editor(Build 3.7.1) (HKLM\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.7.1.5 - Wondershare Software Co.,Ltd.) Xirrus Wi-Fi Inspector (HKLM\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus) XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2001-08-24 13:00 - 2012-12-06 20:16 - 00000736 ____A K:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: K:\WINDOWS\Tasks\Adobe Flash Player Updater.job => K:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: K:\WINDOWS\Tasks\AutoKMS.job => K:\WINDOWS\AutoKMS\AutoKMS.exe Task: K:\WINDOWS\Tasks\avast! Emergency Update.job => E:\AVAST Software\Avast\AvastEmUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-12-07 14:42 - 2014-12-07 14:42 - 02905088 _____ () E:\AVAST Software\Avast\defs\14120702\algo.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () E:\archivos comunes\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-05 13:24 - 2014-11-12 13:40 - 38562088 _____ () E:\AVAST Software\Avast\libcef.dll 2014-11-10 12:36 - 2014-11-10 12:36 - 03649648 _____ () E:\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: K:\WINDOWS\system32\autochk.exe:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\autochk.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\eventquery.vbs:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\eventquery.vbs:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\faultrep.dll:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\faultrep.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\keyboard.sys:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\keyboard.sys:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\schedsvc.dll:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\schedsvc.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\Ver canales.scf:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\Ver canales.scf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: K:\WINDOWS\system32\wdmaud.drv:SummaryInformation AlternateDataStreams: K:\WINDOWS\system32\wdmaud.drv:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: mobilegeni daemon => ========================= Accounts: ========================== Administrador (S-1-5-21-1757981266-1788223648-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrador.PL-0 ASPNET (S-1-5-21-1757981266-1788223648-725345543-1052 - Limited - Enabled) Invitado (S-1-5-21-1757981266-1788223648-725345543-501 - Limited - Disabled) PL (S-1-5-21-1757981266-1788223648-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\PL ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/06/2014 02:58:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: lgflashtool2014.exe, versión: 1.0.0.1, módulo con error: msvcr100.dll, versión 10.0.30319.1, dirección de error 0x00002424. Procesando suceso específico de medio para [lgflashtool2014.exe!ws!] Error: (11/19/2014 02:31:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: physion.exe, versión: 0.0.0.0, módulo con error: physion.exe, versión 0.0.0.0, dirección de error 0x000bbeef. Procesando suceso específico de medio para [physion.exe!ws!] Error: (11/19/2014 02:15:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: algodoo.exe, versión: 0.0.0.0, módulo con error: atioglxx.dll, versión 6.14.10.6847, dirección de error 0x0026808e. Procesando suceso específico de medio para [algodoo.exe!ws!] Error: (11/19/2014 01:57:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplicación con errores: algodoo.exe, versión: 0.0.0.0, módulo con error: atioglxx.dll, versión 6.14.10.6847, dirección de error 0x0026808e. Procesando suceso específico de medio para [algodoo.exe!ws!] Error: (11/18/2014 01:58:22 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. Error: (11/18/2014 01:25:53 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. Error: (11/18/2014 01:23:58 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: EventType office12setup, P1 {10140000-0f00-0000-0000--0000000ff1ce}, P2 14.0.4755.1000, P3 x, P4 msiapicallfailure, P5 proplusr_proplusrww.xml, P6 x, P7 x, P8 NIL, P9 office12setup0, P10 office12setup1. System errors: ============= Error: (12/06/2014 10:21:11 AM) (Source: ipnathlp) (EventID: 31008) (User: ) Description: El agente proxy de DNS no puede leer la lista local de los servidores de resolución de nombres desde el registro. Los datos son el código de error. Error: (12/06/2014 10:20:56 AM) (Source: ipnathlp) (EventID: 31008) (User: ) Description: El agente proxy de DNS no puede leer la lista local de los servidores de resolución de nombres desde el registro. Los datos son el código de error. Error: (12/06/2014 09:51:51 AM) (Source: ipnathlp) (EventID: 31008) (User: ) Description: El agente proxy de DNS no puede leer la lista local de los servidores de resolución de nombres desde el registro. Los datos son el código de error. Error: (12/05/2014 05:36:53 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: ) Description: MTP WPD Driver has failed to start. Error 0x8007001f. Error: (12/05/2014 05:36:40 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: ) Description: MTP WPD Driver has failed to start. Error 0x8007001f. Error: (12/05/2014 05:36:27 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: ) Description: MTP WPD Driver has failed to start. Error 0x800700e6. Error: (12/05/2014 05:36:09 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: ) Description: MTP WPD Driver has failed to start. Error 0x8007001f. Error: (12/05/2014 05:35:55 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: ) Description: MTP WPD Driver has failed to start. Error 0x8007001f. Error: (12/05/2014 05:35:45 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: ) Description: MTP WPD Driver has failed to start. Error 0x80070005. Error: (12/05/2014 05:35:40 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: ) Description: MTP WPD Driver has failed to start. Error 0x8007001f. Microsoft Office Sessions: ========================= Error: (12/06/2014 02:58:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: lgflashtool2014.exe1.0.0.1msvcr100.dll10.0.30319.100002424 Error: (11/19/2014 02:31:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: physion.exe0.0.0.0physion.exe0.0.0.0000bbeef Error: (11/19/2014 02:15:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: algodoo.exe0.0.0.0atioglxx.dll6.14.10.68470026808e Error: (11/19/2014 01:57:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: algodoo.exe0.0.0.0atioglxx.dll6.14.10.68470026808e Error: (11/18/2014 01:58:22 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL Error: (11/18/2014 01:25:53 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL Error: (11/18/2014 01:23:58 PM) (Source: Microsoft Office 14) (EventID: 5000) (User: ) Description: office12setup{10140000-0f00-0000-0000--0000000ff1ce}14.0.4755.1000xmsiapicallfailureproplusr_proplusrww.xmlxxNILNILNIL ==================== Memory info =========================== Processor: AMD Athlon 64 X2 Dual Core Processor 5000+ Percentage of memory in use: 34% Total physical RAM: 2942.42 MB Available physical RAM: 1940.99 MB Total Pagefile: 3236.17 MB Available Pagefile: 2333.08 MB Total Virtual: 2047.88 MB Available Virtual: 1937.23 MB ==================== Drives ================================ Drive c: (mis documentos) (Fixed) (Total:111.76 GB) (Free:4.79 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: (paginacion) (Fixed) (Total:0.93 GB) (Free:0.48 GB) NTFS Drive e: (Archivos de programa) (Fixed) (Total:24.02 GB) (Free:13.32 GB) NTFS Drive f: (Archivos 9GB) (Fixed) (Total:5.18 GB) (Free:2.14 GB) NTFS Drive g: (vacia) (Fixed) (Total:3.09 GB) (Free:0.95 GB) NTFS Drive k: (xp) (Fixed) (Total:27.26 GB) (Free:12.9 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 15551555) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=27.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=90.8 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=3.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  13. frst.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2014 01 Ran by PL (administrator) on PL-0 on 07-12-2014 17:40:11 Running from C:\Descargas\jdownloader Loaded Profile: PL (Available profiles: PL & Administrador) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Español (alfabetización internacional) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) E:\AVAST Software\Avast\AvastSvc.exe (AVAST Software) E:\AVAST Software\Avast\avastui.exe (Microsoft Corporation) K:\WINDOWS\system32\wbem\unsecapp.exe (Mister Group) E:\System Explorer\SystemExplorer.exe (Mister Group) E:\System Explorer\service\SystemExplorerService.exe (Sysinternals - www.sysinternals.com) C:\uli\herramientas\SysinternalsSuite\Procmon.exe (Mozilla Corporation) E:\Mozilla Firefox\firefox.exe (Oracle Corporation) E:\Java\jre7\bin\javaw.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => E:\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-21] (AVAST Software) HKLM\...\Run: [bCSSync] => E:\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [RIMBBLaunchAgent.exe] => E:\Archivos comunes\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe HKLM\...\Run: [RIM PeerManager] => "E:\Archivos comunes\Research In Motion\Tunnel Manager\PeerManager.exe" Winlogon\Notify\AtiExtEvent: K:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-19\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\MountPoints2: {76ac22d0-70c9-11e4-aa5c-001fc6b3eb40} - K:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL start.exe HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\MountPoints2: {8dc164b0-ce1d-11e0-ade5-806d6172696f} - M:\tools\start.cmd HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\MountPoints2: {96f32764-68f6-11e4-aa37-001fc6b3eb40} - I:\LGAutoRun.exe HKU\S-1-5-21-1757981266-1788223648-725345543-1003\...\MountPoints2: {9f069fba-720e-11e2-9989-001fc6b3eb40} - O:\Setup.exe HKU\S-1-5-18\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1 IFEO\taskmgr.exe: [Debugger] "E:\System Explorer\SystemExplorer.exe" Startup: K:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\SystemExplorerDisabled () Startup: K:\Documents and Settings\PL\Menú Inicio\Programas\Inicio\SystemExplorerDisabled () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\AVAST Software\Avast\ashShell.dll (AVAST Software) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?ocid=iehp HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x36060BD7CE07CD01 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01 HKU\S-1-5-21-1757981266-1788223648-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page Before = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01 HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01 HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - E:\Internet Explorer\iexplore.exe SearchScopes: HKLM -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1757981266-1788223648-725345543-1003 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1757981266-1788223648-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.iminent.com/?appId=F208C310-7BE2-4FCD-B99A-6079B105F5D0&ref=toolbox&q={searchTerms} SearchScopes: HKU\S-1-5-21-1757981266-1788223648-725345543-1003 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?} SearchScopes: HKU\S-1-5-21-1757981266-1788223648-725345543-1003 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1757981266-1788223648-725345543-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab Handler: AutorunsDisabled\ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - No File Handler: AutorunsDisabled\skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\archivos comunes\Skype\Skype4COM.dll (Skype Technologies) Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{074AD9D2-8506-43FE-A004-63ABBB0E1E01}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF ProfilePath: K:\Documents and Settings\PL\Datos de programa\Mozilla\Firefox\Profiles\exyssdja.default FF DefaultSearchEngine: webssearches FF SelectedSearchEngine: webssearches FF Homepage: https://www.google.com.ar/ FF Plugin: @adobe.com/FlashPlayer -> K:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> E:\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> E:\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> E:\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> E:\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> E:\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> K:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> E:\Archivos comunes\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll No File FF Plugin: @videolan.org/vlc,version=2.1.0 -> E:\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> E:\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> E:\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> E:\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: E:\\mozilla firefox\browser\searchplugins\creativecommons.xml FF SearchPlugin: E:\\mozilla firefox\browser\searchplugins\mercadolibre-ar.xml FF Extension: Ghostery - K:\Documents and Settings\PL\Datos de programa\Mozilla\Firefox\Profiles\exyssdja.default\Extensions\firefox@ghostery.com.xpi [2014-05-30] FF Extension: FlashGot - K:\Documents and Settings\PL\Datos de programa\Mozilla\Firefox\Profiles\exyssdja.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-11-18] FF Extension: Adblock Plus - K:\Documents and Settings\PL\Datos de programa\Mozilla\Firefox\Profiles\exyssdja.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-30] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - K:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - K:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-10-04] FF StartMenuInternet: FIREFOX.EXE - E:\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: K:\Documents and Settings\PL\Configuración local\Datos de programa\Google\Chrome\User Data\Default CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path CHR HKLM\...\Chrome\Extension: [hahpjplbmicfkmoccokbjejahjjpnena] - No Path ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 6to4; K:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation) S4 ATI Smart; K:\WINDOWS\system32\ati2sgag.exe [593920 2007-08-21] () [File not signed] R2 avast! Antivirus; E:\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-12] (AVAST Software) S4 BootlogService; E:\Greatis\BootLog XP\BootLogService.exe [65248 2009-12-04] (Greatis Software ©) S3 DragonUpdater; E:\comodo\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] () S3 HidServ; K:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) S4 IDriverT; E:\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] S4 JavaQuickStarterService; E:\Java\jre7\bin\jqs.exe [182696 2014-10-28] (Oracle Corporation) S3 Microsoft SharePoint Workspace Audit Service; E:\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation) S3 MozillaMaintenance; E:\Mozilla Maintenance Service\maintenanceservice.exe [114288 2014-11-10] (Mozilla Foundation) R2 Net Driver HPZ12; K:\WINDOWS\system32\HPZinw12.dll [44032 2010-01-18] (Hewlett-Packard) [File not signed] S3 ose; E:\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation) S3 osppsvc; E:\Archivos comunes\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation) R2 Pml Driver HPZ12; K:\WINDOWS\system32\HPZipm12.dll [53760 2010-01-18] (Hewlett-Packard) [File not signed] S3 PSI_SVC_2; e:\Archivos comunes\Protexis\License Service\PsiService_2.exe [189728 2010-03-10] (Protexis Inc.) S3 SbieSvc; E:\\Sandboxie\SbieSvc.exe [134664 2014-10-14] (Sandboxie Holdings, LLC) R3 SystemExplorerHelpService; E:\System Explorer\service\SystemExplorerService.exe [566496 2014-12-02] (Mister Group) S4 ekrn; No ImagePath S3 globalUpdate; No ImagePath S3 globalUpdatem; No ImagePath S4 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AegisP; K:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2014-04-29] (Cisco Systems, Inc.) [File not signed] S3 andnetadb; K:\WINDOWS\System32\Drivers\lgandnetadb.sys [25856 2014-05-27] (Google Inc) S3 AndNetDiag; K:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [24064 2014-07-07] (LG Electronics Inc.) S3 ANDNetModem; K:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [28672 2014-07-07] (LG Electronics Inc.) S3 andnetndis; K:\WINDOWS\System32\DRIVERS\lgandnetndis.sys [70784 2014-05-28] (LG Electronics Inc.) R2 aswHwid; K:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-12] () R2 aswMonFlt; K:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-12] (AVAST Software) R1 aswRdr; K:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-12] (AVAST Software) R0 aswRvrt; K:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-12] () R1 aswSnx; K:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-21] (AVAST Software) R1 aswSP; K:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-20] (AVAST Software) R1 aswTdi; K:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-12] (AVAST Software) R0 aswVmm; K:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-12] () S3 blackberryncm; K:\WINDOWS\System32\DRIVERS\blackberryncm.sys [19456 2014-04-15] (BlackBerry) [File not signed] R3 cwrwdm; K:\WINDOWS\System32\DRIVERS\cwrwdm.sys [48640 2008-04-13] (Crystal Semiconductor Corp.) S3 epmntdrv; K:\WINDOWS\system32\epmntdrv.sys [13896 2012-12-21] () [File not signed] S3 EuGdiDrv; K:\WINDOWS\system32\EuGdiDrv.sys [9160 2012-12-21] () [File not signed] S3 FTDIBUS; K:\WINDOWS\System32\drivers\ftdibus.sys [65896 2013-07-25] (FTDI Ltd.) R3 gameenum; K:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation) S3 ggsomc; K:\WINDOWS\System32\DRIVERS\ggsomc.sys [26328 2014-07-21] (Sony Mobile Communications) S3 HPZid412; K:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP) S3 HPZipr12; K:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP) S3 HPZius12; K:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP) S3 ISODrive; E:\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.) S3 NPF; K:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.) S3 rimvndis; K:\WINDOWS\System32\Drivers\rimvndis.sys [12800 2014-06-23] (Research in Motion Limited) S3 SbieDrv; E:\Sandboxie\SbieDrv.sys [161288 2014-10-14] (Sandboxie Holdings, LLC) S3 tap0901; K:\WINDOWS\System32\DRIVERS\tap0901.sys [33608 2014-04-09] (The OpenVPN Project) R1 Tcpip6; K:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) S0 bcaqicn; No ImagePath S3 dgderdrv; No ImagePath U5 Inport; K:\Windows\System32\Drivers\Inport.sys [13568 2001-08-22] (Microsoft Corporation) S3 RimUsb; System32\Drivers\RimUsb.sys [X] U5 UnlockerDriver5; E:\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 VBoxNetFlt; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-07 17:39 - 2014-12-07 17:40 - 00000000 ____D () K:\FRST 2014-12-07 16:21 - 2014-12-07 16:36 - 00114904 _____ (Malwarebytes Corporation) K:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-12-07 16:21 - 2014-12-07 16:21 - 00000565 _____ () K:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk 2014-12-07 16:21 - 2014-12-07 16:21 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes Anti-Malware 2014-12-07 16:20 - 2014-12-07 16:21 - 00000000 ____D () E:\\Malwarebytes Anti-Malware 2014-12-07 16:20 - 2014-12-07 16:20 - 00000000 ____D () K:\Documents and Settings\All Users\Datos de programa\Malwarebytes 2014-12-07 16:20 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) K:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-12-07 16:20 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) K:\WINDOWS\system32\Drivers\mbam.sys 2014-12-06 03:07 - 2014-12-06 03:07 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\LGMobile Support Tool 2014-12-06 03:05 - 2014-12-06 03:07 - 00000000 ____D () K:\Documents and Settings\All Users\Datos de programa\LGMOBILEAX 2014-12-06 02:55 - 2014-07-07 11:06 - 00028672 _____ (LG Electronics Inc.) K:\WINDOWS\system32\Drivers\lgandnetmodem.sys 2014-12-06 02:55 - 2014-07-07 11:05 - 00024064 _____ (LG Electronics Inc.) K:\WINDOWS\system32\Drivers\lgandnetdiag.sys 2014-12-06 02:55 - 2014-05-28 13:51 - 00070784 _____ (LG Electronics Inc.) K:\WINDOWS\system32\Drivers\lgandnetndis.sys 2014-12-06 02:55 - 2014-05-27 06:40 - 00025856 _____ (Google Inc) K:\WINDOWS\system32\Drivers\lgandnetadb.sys 2014-12-05 17:07 - 2014-12-05 17:25 - 00176272 _____ () K:\WINDOWS\DPINST.LOG 2014-12-01 22:02 - 2014-12-01 22:02 - 00009246 _____ () K:\Documents and Settings\PL\Escritorio\DevolverBarra.jpeg 2014-11-27 13:01 - 2014-11-27 13:01 - 00000000 ____H () K:\WINDOWS\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf 2014-11-22 10:38 - 2014-11-22 10:38 - 00000000 __RHD () K:\MSOCache 2014-11-20 23:57 - 2014-12-06 16:48 - 00010758 _____ () K:\WINDOWS\setupact.log 2014-11-20 23:57 - 2014-11-20 23:57 - 00000000 ____H () K:\WINDOWS\system32\Drivers\Msft_Kernel_blackberryncm_01007.Wdf 2014-11-20 23:57 - 2014-11-20 23:57 - 00000000 _____ () K:\WINDOWS\setuperr.log 2014-11-20 23:56 - 2014-12-05 17:05 - 00000000 ____D () K:\WINDOWS\LastGood 2014-11-20 23:56 - 2014-04-15 10:51 - 00019456 _____ (BlackBerry) K:\WINDOWS\system32\Drivers\blackberryncm.sys 2014-11-19 14:24 - 2014-12-06 17:01 - 00000000 ____D () E:\\Physion 2014-11-19 14:24 - 2014-11-19 14:24 - 00000484 _____ () K:\Documents and Settings\PL\Escritorio\Physion.lnk 2014-11-19 14:24 - 2014-11-19 14:24 - 00000000 ___HD () E:\\InstallJammer Registry 2014-11-19 14:24 - 2014-11-19 14:24 - 00000000 ____D () K:\Documents and Settings\PL\Menú Inicio\Programas\Physion 2014-11-19 14:03 - 2014-11-19 14:03 - 00000833 _____ () K:\WINDOWS\system32\atioglxx.dll.colors 2014-11-19 12:51 - 2014-11-20 23:57 - 00000000 ____D () E:\\Algodoo 2014-11-19 12:51 - 2014-11-19 12:51 - 00000000 ____D () E:\\74163e2d1762d6cb3ff9fc4868 2014-11-19 09:20 - 2014-11-19 09:20 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\Sandboxie 2014-11-19 08:53 - 2014-11-19 08:53 - 00001770 _____ () K:\Documents and Settings\All Users\Escritorio\Crocodile Technology 607 (ES).lnk 2014-11-19 08:53 - 2014-11-19 08:53 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\Crocodile Clips 2014-11-19 08:53 - 2014-11-19 08:53 - 00000000 ____D () E:\\Crocodile Clips 2014-11-18 14:38 - 2014-12-07 16:15 - 00000258 _____ () K:\WINDOWS\Tasks\AutoKMS.job 2014-11-18 14:38 - 2014-11-18 14:38 - 00000000 ____D () K:\WINDOWS\AutoKMS 2014-11-18 14:19 - 2014-11-18 14:19 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\SharePoint 2014-11-18 14:19 - 2014-11-18 14:19 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\Microsoft Office 2014-11-18 14:00 - 2014-11-18 14:11 - 00000006 _____ () K:\ScrubRetValFile.txt 2014-11-18 13:56 - 2014-12-06 17:11 - 00165538 _____ () K:\WINDOWS\setupapi.log 2014-11-18 12:54 - 2014-11-19 12:55 - 00498640 _____ () K:\WINDOWS\system32\FNTCACHE.DAT 2014-11-18 12:52 - 2014-11-19 13:56 - 00138664 _____ () K:\Documents and Settings\PL\Configuración local\Datos de programa\GDIPFONTCACHEV1.DAT 2014-11-14 15:34 - 2014-11-20 23:58 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\XCPCSync.OEM 2014-11-14 15:31 - 2014-11-14 15:31 - 00000000 ____H () K:\WINDOWS\system32\Drivers\Msft_Kernel_RimUsb_01007.Wdf 2014-11-14 15:26 - 2014-11-21 12:47 - 00000000 ____D () K:\Documents and Settings\PL\Configuración local\Datos de programa\Research In Motion 2014-11-14 15:26 - 2014-11-14 15:26 - 00000000 ____D () K:\Documents and Settings\All Users\Datos de programa\Research In Motion 2014-11-14 15:26 - 2014-11-14 15:26 - 00000000 _____ () K:\WINDOWS\system32\out.txt 2014-11-14 15:26 - 2014-11-14 15:26 - 00000000 _____ () K:\WINDOWS\system32\err.txt 2014-11-14 15:25 - 2014-11-21 12:47 - 00000000 ____D () E:\Archivos comunes\XCPCSync.OEM 2014-11-14 15:25 - 2014-11-21 12:45 - 00000000 ____D () E:\Archivos comunes\Research In Motion 2014-11-12 13:40 - 2014-11-12 13:40 - 00291352 _____ (AVAST Software) K:\WINDOWS\system32\aswBoot.exe 2014-11-12 13:40 - 2014-11-12 13:40 - 00043152 _____ (AVAST Software) K:\WINDOWS\avastSS.scr 2014-11-10 16:58 - 2014-12-06 02:55 - 00000000 ____D () E:\\LG Electronics 2014-11-10 12:36 - 2014-11-10 12:36 - 00000000 ____D () E:\\Mozilla Firefox 2014-11-07 21:29 - 2008-10-06 15:38 - 00121344 _____ (Hewlett-Packard Company) K:\WINDOWS\system32\hpf3l083.dll 2014-11-07 21:28 - 2014-11-07 21:28 - 00000000 ____D () E:\Archivos comunes\HP 2014-11-07 21:28 - 2008-10-30 05:37 - 00737280 _____ (Hewlett-Packard) K:\WINDOWS\system32\hposwia_d02a.dll 2014-11-07 21:28 - 2008-10-30 05:37 - 00598016 _____ (Hewlett-Packard Co.) K:\WINDOWS\system32\hpost_d02a.dll 2014-11-07 21:28 - 2008-10-30 05:37 - 00307200 _____ (Hewlett-Packard Co.) K:\WINDOWS\system32\hposc_d02a.dll 2014-11-07 21:28 - 2008-10-28 21:31 - 00309760 _____ (Microsoft Corporation) K:\WINDOWS\system32\difxapi.dll 2014-11-07 21:28 - 2008-10-28 21:31 - 00049920 _____ (HP) K:\WINDOWS\system32\Drivers\HPZid412.sys 2014-11-07 21:28 - 2008-10-28 21:31 - 00021568 _____ (HP) K:\WINDOWS\system32\Drivers\HPZius12.sys 2014-11-07 21:28 - 2008-10-28 21:31 - 00016496 _____ (HP) K:\WINDOWS\system32\Drivers\HPZipr12.sys 2014-11-07 21:26 - 2014-11-07 21:30 - 00143482 _____ () K:\WINDOWS\hpoins37.dat 2014-11-07 21:26 - 2010-02-03 08:14 - 00000558 ____N () K:\WINDOWS\hpomdl37.dat ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-07 17:23 - 2014-09-10 11:53 - 00000838 _____ () K:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-12-07 16:21 - 2011-08-24 03:00 - 00000000 ___RD () K:\Documents and Settings\All Users\Menú Inicio\Programas 2014-12-07 16:21 - 2011-08-24 03:00 - 00000000 ____D () K:\Documents and Settings\All Users\Escritorio 2014-12-07 16:20 - 2011-08-24 03:00 - 00000000 __RHD () K:\Documents and Settings\All Users\Datos de programa 2014-12-07 16:18 - 2011-08-24 07:10 - 02023097 _____ () K:\WINDOWS\WindowsUpdate.log 2014-12-07 16:16 - 2014-11-05 13:24 - 00000336 ____H () K:\WINDOWS\Tasks\avast! Emergency Update.job 2014-12-07 16:16 - 2012-05-30 03:58 - 00000374 _____ () K:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-12-07 16:15 - 2014-02-17 05:51 - 00000159 _____ () K:\WINDOWS\wiadebug.log 2014-12-07 16:15 - 2014-02-17 05:51 - 00000050 _____ () K:\WINDOWS\wiaservc.log 2014-12-07 16:15 - 2011-08-24 07:14 - 00000006 ____H () K:\WINDOWS\Tasks\SA.DAT 2014-12-07 16:05 - 2011-11-27 18:17 - 00032070 _____ () K:\WINDOWS\Tasks\SCHEDLGU.TXT 2014-12-07 16:05 - 2011-08-24 07:15 - 00000192 ___SH () K:\Documents and Settings\PL\ntuser.ini 2014-12-07 16:05 - 2001-08-24 13:00 - 00002262 _____ () K:\WINDOWS\system32\wpa.dbl 2014-12-07 16:01 - 2011-08-24 07:15 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa 2014-12-07 15:26 - 2014-02-10 14:26 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\System Explorer 2014-12-07 15:26 - 2011-08-24 21:50 - 00000000 ____D () E:\\System Explorer 2014-12-06 18:54 - 2013-05-22 02:45 - 00002318 _____ () K:\WINDOWS\Sandboxie.ini 2014-12-05 23:16 - 2013-09-10 01:02 - 00065536 _____ () K:\WINDOWS\system32\config\OAlerts.evt 2014-12-05 23:16 - 2011-08-24 07:15 - 00000000 ____D () K:\Documents and Settings\PL 2014-12-05 17:59 - 2011-09-01 00:24 - 00000000 ___HD () E:\\InstallShield Installation Information 2014-12-05 17:09 - 2011-08-24 03:01 - 02834488 _____ () K:\WINDOWS\system32\PerfStringBackup.INI 2014-12-04 13:09 - 2012-08-13 03:51 - 00701104 _____ (Adobe Systems Incorporated) K:\WINDOWS\system32\FlashPlayerApp.exe 2014-12-04 13:09 - 2012-08-13 03:51 - 00071344 _____ (Adobe Systems Incorporated) K:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-12-03 21:37 - 2011-08-24 10:09 - 00000000 ____D () E:\\JDownloader 2014-12-02 00:02 - 2011-08-24 07:15 - 00000000 ____D () K:\Documents and Settings\PL\Escritorio 2014-12-01 22:03 - 2014-03-15 23:43 - 00060928 ___SH () K:\Documents and Settings\PL\Escritorio\Thumbs.db 2014-11-30 23:40 - 2013-08-17 23:11 - 00002275 _____ () K:\Documents and Settings\All Users\Escritorio\CorelDRAW X6.lnk 2014-11-30 23:40 - 2011-08-24 03:00 - 00000000 ___RD () K:\Documents and Settings\All Users\Documentos 2014-11-30 02:29 - 2012-06-30 23:08 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\MediaMonkey 2014-11-29 19:53 - 2013-10-05 16:42 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\vlc 2014-11-27 15:11 - 2012-02-10 23:52 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\Winamp 2014-11-21 23:52 - 2014-11-05 13:24 - 00787800 _____ (AVAST Software) K:\WINDOWS\system32\Drivers\aswsnx.sys 2014-11-21 14:22 - 2013-11-14 14:15 - 00000000 __SHD () E:\\Config.Msi 2014-11-21 01:31 - 2012-04-04 22:01 - 03084486 _____ () K:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-S-1-5-21-1757981266-1788223648-725345543-1003-0.dat 2014-11-21 01:31 - 2012-04-04 22:01 - 00387766 _____ () K:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-System.dat 2014-11-20 13:40 - 2014-11-05 13:24 - 00423784 _____ (AVAST Software) K:\WINDOWS\system32\Drivers\aswsp.sys 2014-11-19 14:24 - 2011-08-24 07:15 - 00000000 ____D () K:\Documents and Settings\PL\Menú Inicio\Programas 2014-11-19 08:51 - 2013-09-10 00:47 - 00000000 ____D () K:\Documents and Settings\All Users\Datos de programa\Microsoft Help 2014-11-19 08:49 - 2011-11-27 21:59 - 00000000 ____D () K:\WINDOWS\Downloaded Installations 2014-11-19 00:23 - 2001-08-24 13:00 - 00001076 _____ () K:\WINDOWS\win.ini 2014-11-18 19:39 - 2012-04-19 22:42 - 00000000 __SHD () K:\Documents and Settings\NetworkService\IETldCache 2014-11-18 14:31 - 2011-08-24 08:24 - 00000000 ____D () E:\Archivos comunes\system 2014-11-18 14:19 - 2012-06-14 18:22 - 00000000 ____D () K:\WINDOWS\SHELLNEW 2014-11-18 14:19 - 2011-10-01 22:10 - 00000000 ____D () E:\\MSBuild 2014-11-18 14:19 - 2011-08-24 08:24 - 00000000 ____D () E:\Archivos comunes\microsoft shared 2014-11-18 14:16 - 2013-09-07 14:34 - 00000000 ____D () E:\\Microsoft Visual Studio 8 2014-11-18 13:01 - 2011-08-24 07:14 - 00000000 __SHD () K:\Documents and Settings\NetworkService 2014-11-18 12:59 - 2011-08-24 07:15 - 00000000 __SHD () K:\Documents and Settings\PL\Configuración local\Archivos temporales de Internet 2014-11-18 12:52 - 2011-08-24 07:15 - 00000000 ___HD () K:\Documents and Settings\PL\Configuración local\Datos de programa 2014-11-18 12:42 - 2014-08-15 03:29 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\uTorrent 2014-11-18 12:42 - 2014-02-19 15:26 - 00000000 ____D () K:\Documents and Settings\PL\Configuración local\Datos de programa\Paint.NET 2014-11-18 12:42 - 2012-12-20 04:13 - 00000000 ____D () K:\Documents and Settings\All Users\Datos de programa\Skype 2014-11-18 12:42 - 2012-07-11 22:24 - 00000000 __SHD () K:\Documents and Settings\LocalService\IETldCache 2014-11-18 12:41 - 2014-06-30 20:46 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\Java Development Kit 2014-11-18 12:41 - 2011-08-24 09:09 - 00000000 ____D () K:\WINDOWS\system32\LogFiles 2014-11-15 05:56 - 2011-08-24 08:24 - 00000000 ____D () E:\\archivos comunes 2014-11-15 05:52 - 2014-08-15 01:49 - 00000000 ____D () K:\WINDOWS\LastGood.Tmp 2014-11-14 15:29 - 2011-08-24 03:53 - 00000000 ____D () K:\WINDOWS\security 2014-11-12 20:48 - 2013-08-08 23:30 - 00000000 ____D () K:\WINDOWS\system32\MRT 2014-11-12 20:48 - 2011-08-29 02:24 - 100445232 _____ (Microsoft Corporation) K:\WINDOWS\system32\MRT.exe 2014-11-12 13:40 - 2014-11-05 13:24 - 00206248 _____ () K:\WINDOWS\system32\Drivers\aswVmm.sys 2014-11-12 13:40 - 2014-11-05 13:24 - 00070384 _____ (AVAST Software) K:\WINDOWS\system32\Drivers\aswmonflt.sys 2014-11-12 13:40 - 2014-11-05 13:24 - 00057928 _____ (AVAST Software) K:\WINDOWS\system32\Drivers\aswTdi.sys 2014-11-12 13:40 - 2014-11-05 13:24 - 00055240 _____ (AVAST Software) K:\WINDOWS\system32\Drivers\aswRdr.sys 2014-11-12 13:40 - 2014-11-05 13:24 - 00049944 _____ () K:\WINDOWS\system32\Drivers\aswRvrt.sys 2014-11-12 13:40 - 2014-11-05 13:24 - 00024184 _____ () K:\WINDOWS\system32\Drivers\aswHwid.sys 2014-11-12 13:40 - 2014-11-05 13:24 - 00001495 _____ () K:\Documents and Settings\All Users\Escritorio\Avast Free Antivirus.lnk 2014-11-10 16:35 - 2013-09-16 16:18 - 00000000 ____D () K:\Documents and Settings\PL\Datos de programa\CmapTools 2014-11-10 15:11 - 2011-11-18 13:35 - 00000807 _____ () K:\Documents and Settings\PL\.powerupdate.user.properties 2014-11-10 15:10 - 2014-04-22 16:50 - 00000000 ____D () E:\\IHMC CmapTools 2014-11-10 15:10 - 2013-09-25 03:14 - 00000000 ____D () K:\Documents and Settings\All Users\Menú Inicio\Programas\IHMC CmapTools 2014-11-10 13:16 - 2014-05-30 01:46 - 00000000 ____D () E:\\Mozilla Maintenance Service 2014-11-07 21:29 - 2011-08-24 03:00 - 00000000 ___RD () K:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio 2014-11-07 21:28 - 2011-08-24 03:53 - 00000000 ____D () K:\WINDOWS\twain_32 Some content of TEMP: ==================== K:\Documents and Settings\PL\Configuración local\Temp\BlackBerryDeviceManager.exe K:\Documents and Settings\PL\Configuración local\Temp\BlackBerryLauncher.exe K:\Documents and Settings\PL\Configuración local\Temp\Foxit Reader Updater.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) K:\WINDOWS\explorer.exe => File is digitally signed K:\WINDOWS\system32\winlogon.exe => File is digitally signed K:\WINDOWS\system32\svchost.exe => File is digitally signed K:\WINDOWS\system32\services.exe => File is digitally signed K:\WINDOWS\system32\User32.dll => File is digitally signed K:\WINDOWS\system32\userinit.exe => File is digitally signed K:\WINDOWS\system32\rpcss.dll => File is digitally signed K:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================
  14. the biginning of log file: Malwarebytes Anti-Malware www.malwarebytes.org Fecha del Análisis: 04/12/2014 Tiempo de Análisis: 14:22:00 Logfile: malwarebytes.txt Administrador: Si Versión: 2.00.4.1028 Base de datos de malware: v2014.12.04.05 Base de datos de rootkit: v2014.12.03.01 Licencia: Gratis Protección contra malware: Desactivado Protección Web: Desactivado Autoprotección: Desactivado SO: Windows XP Service Pack 3 CPU: x86 Archivos del Sistema: NTFS Usuario: PL Tipo de Análisis: Análisis Personalizado Resultado: Cancelar Objetos Analizados: 449453 Tiempo Transcurrido: 33 min, 20 seg Memoria: Activado Inicio: Activado Sistema de archivos: Desactivado Archivo: Desactivado Rootkits: Activado Heurística: Activado PUP: Activado PUM: Activado Procesos: 0 (Sin elementos maliciosos detectados) Modulos: 0 (Sin elementos maliciosos detectados) Llaves del Registro: 0 (Sin elementos maliciosos detectados) Valores del Registro: 0 (Sin elementos maliciosos detectados) Datos del Registro: 0 (Sin elementos maliciosos detectados) Carpetas: 387 PUP.Optional.SettingsManager.A, e:\\settings manager\7-zip, , [7205d38b562677bfcb0286a9d1327b85], PUP.Optional.SettingsManager.A, e:\\settings manager\7-zip\lang, , [7205d38b562677bfcb0286a9d1327b85], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip, , [294eff5f4c300630309d84ab2bd8bb45], PUP.Optional.SettingsManager.A, e:\\settings manager\adobe\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\74163e2d1762d6cb3ff9fc4868\7-zip\lang, , [294eff5f4c300630309d84ab2bd8bb45],
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.