Se inicia algo lento pero es aún más lento cuando navego con el firefox. Mi SO es Win XP y mi problema es que ya no tengo tanta protección como en otros sistemas. Me gustaría que me ayudarais porque me interesa seguir usándolo.
Gracias
Xp es un sistema al que apenas hay ya herrameintas que lo soporten y el pensar en abandonarlo es algo ya muy claro
-
Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
-
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits)
¿Cómo saber si mi Windows es de 32 o 64 bits? -
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Si.
-
En la nueva ventana que se abre, presiona el botón Analizar y espera a que concluya el análisis.
-
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.
En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST
Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2020
Ran by Papá y Mamá (administrator) on HOGAR-98E03BF29 (DataLogic P4M890T-M2) (12-02-2020 19:43:05)
Running from C:\Documents and Settings\Papá y Mamá\Desktop
Loaded Profiles: Papá y Mamá (Available Profiles: Papá y Mamá & Elena & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: Inglés (Estados Unidos)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Windows Component Publisher -> Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\alg.exe
(Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Ralink Technology Corporation -> Ralink Technology, Corp.) C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2006-08-02] (ATI Technologies Inc.)
HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [204800 2009-02-04] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> C:\WINDOWS\system32\ieudinit.exe [2009-03-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\inf\unregmp2.exe [2009-02-04] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{407408d4-94ed-4d86-ab69-a7f649d112ee}] -> C:\WINDOWS\inf\mcdftreg.inf [2005-06-29] (Microsoft Windows Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2016-04-09] (Google Inc -> Google Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2016-02-23]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [File not signed]
==================== Scheduled Tasks=============================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A555B3AF-0E2C-4EBD-A79E-91872E5E10EF}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A555B3AF-0E2C-4EBD-A79E-91872E5E10EF}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1757981266-484061587-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-05] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10] (SEIKO EPSON CORPORATION) [File not signed]
Toolbar: HKU\S-1-5-21-1757981266-484061587-725345543-1003 -> EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10] (SEIKO EPSON CORPORATION) [File not signed]
DPF: {2DAB6EF1-66C3-427C-87CD-8DC448C47EAE} hxxps://www5.aeat.es/es13/h/tgvicab.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1353346491859
DPF: {947B00D2-962D-4A35-9E48-98EE6A442B41} hxxps://www1.agenciatributaria.gob.es/ADUA/internet/aded1503.cab
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} hxxps://www1.agenciatributaria.gob.es/es13/h/cactivex.cab
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Papá y Mamá\Application Data\Mozilla\Firefox\Profiles\kfvnqg5i.default [2020-02-12]
FF DownloadDir: C:\Documents and Settings\Papá y Mamá\My Documents\Downloads
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-20] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> ) [File not signed]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\Google\Chrome\User Data\Default [2020-01-30]
CHR HomePage: Default -> hxxp://www.es.yahoo.com/
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://flndkmkiknaafapnnmbmimjjgnlcldlg/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://goooglesearch.net/KYv88S?sub_id_1={searchTerms}
CHR Extension: (Documentos) - C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Búsqueda de Google) - C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-06]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-08]
CHR Extension: (Gmail) - C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [143776 2017-03-17] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-21] (Adobe Inc. -> Adobe) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [401408 2006-08-02] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2006-08-02] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2185272 2018-06-26] (ESET, spol. s r.o. -> ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2006-04-24] (Hewlett-Packard Company) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 RalinkRegistryWriter; C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe [375872 2013-06-17] (Ralink Technology Corporation -> Ralink Technology, Corp.)
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{950F1407-2A96-48AE-95E3-B0BF2E6DB5D1} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [3960896 2006-03-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
S3 Apowersoft_AudioDevice; C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [1681920 2006-08-02] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 cdrombus; C:\WINDOWS\System32\Drivers\cdrombus.sys [18816 2012-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [209576 2018-05-27] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [158616 2018-05-27] (ESET, spol. s r.o. -> ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [139944 2018-05-27] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (Microsoft Windows Component Publisher -> VIA Technologies, Inc. )
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation -> Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2006-03-15] (Microsoft Windows Component Publisher -> Parallel Technologies, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20576 2005-05-12] (Microsoft Windows Publisher -> Sonic Solutions)
R3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [1660488 2013-09-06] (Mediatek Inc. -> Ralink Technology, Corp.)
R3 RTL8023; C:\WINDOWS\System32\DRIVERS\Rtlnic.sys [70144 2004-12-02] (Realtek Semiconductor Corporation ) [File not signed]
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Microsoft Windows Component Publisher -> Realtek Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [19072 2013-06-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R0 videX32; C:\WINDOWS\System32\DRIVERS\videX32.sys [9728 2006-02-23] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
R0 xfilt; C:\WINDOWS\System32\DRIVERS\xfilt.sys [11264 2006-02-23] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies,Inc)
S0 sptd; System32\Drivers\sptd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-12 19:43 - 2020-02-12 19:44 - 000018447 _____ C:\Documents and Settings\Papá y Mamá\Desktop\FRST.txt
2020-02-12 19:42 - 2020-02-12 19:43 - 000000000 ____D C:\FRST
2020-02-12 19:40 - 2020-02-12 19:41 - 002008064 _____ (Farbar) C:\Documents and Settings\Papá y Mamá\Desktop\FRST.exe
2020-01-30 13:36 - 2020-01-30 13:36 - 000000893 _____ C:\Documents and Settings\Papá y Mamá\Desktop\Acceso directo a uTorrent.exe.lnk
2020-01-30 10:16 - 2020-01-30 10:16 - 000000466 _____ C:\Documents and Settings\Papá y Mamá\My Documents\cc_20200130_101611.reg
2020-01-30 10:15 - 2020-01-30 10:15 - 000105508 _____ C:\Documents and Settings\Papá y Mamá\My Documents\cc_20200130_101531.reg
2020-01-30 10:15 - 2020-01-30 10:15 - 000001206 _____ C:\Documents and Settings\Papá y Mamá\My Documents\cc_20200130_101549.reg
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-12 19:44 - 2017-10-15 17:51 - 000000000 ____D C:\Documents and Settings\Papá y Mamá\Local Settings\temp
2020-02-12 19:42 - 2013-12-09 01:08 - 000001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2020-02-12 19:42 - 2013-12-09 01:08 - 000001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2020-02-12 19:24 - 2012-11-19 15:26 - 000000000 ____D C:\WINDOWS\Registration
2020-02-12 19:22 - 2018-08-20 18:23 - 000000340 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2020-02-12 19:20 - 2014-03-10 16:14 - 000000222 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2020-02-12 19:20 - 2012-11-19 15:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-12 19:20 - 2006-03-15 13:00 - 000013646 _____ C:\WINDOWS\system32\wpa.dbl
2020-02-12 19:05 - 2018-09-15 16:20 - 000000838 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2020-02-01 10:43 - 2018-11-14 17:51 - 000032512 _____ C:\WINDOWS\SchedLgU.Txt
2020-02-01 10:43 - 2012-11-19 15:45 - 000000178 ___SH C:\Documents and Settings\Papá y Mamá\ntuser.ini
2020-02-01 10:43 - 2012-11-19 15:45 - 000000000 ____D C:\Documents and Settings\Papá y Mamá
2020-02-01 10:23 - 2018-03-13 19:23 - 000000910 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2020-02-01 10:23 - 2012-11-19 15:28 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-02-01 10:18 - 2012-11-21 13:25 - 000143360 _____ C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-01-31 11:14 - 2012-11-23 14:28 - 000000000 ____D C:\Documents and Settings\Papá y Mamá\Application Data\uTorrent
2020-01-31 09:59 - 2012-11-19 17:55 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2020-01-30 11:15 - 2019-09-11 09:20 - 000001465 _____ C:\Documents and Settings\All Users\Start Menu\µTorrent.lnk
2020-01-30 11:15 - 2012-11-23 14:30 - 000000000 ____D C:\Program Files\uTorrent
2020-01-30 10:17 - 2013-02-10 18:38 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2020-01-30 09:54 - 2013-05-09 15:15 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2020-01-30 09:52 - 2012-11-21 00:06 - 000000000 ____D C:\Program Files\CyberLink
2020-01-30 09:49 - 2012-11-19 16:25 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-01-28 10:58 - 2018-11-13 09:54 - 000220896 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2020-01-21 20:06 - 2012-11-20 23:33 - 000842296 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerApp.exe
2020-01-21 20:06 - 2012-11-20 23:33 - 000175160 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2020-01-21 18:56 - 2013-06-02 15:46 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
==================== Files in the root of some directories ========
2013-04-22 17:18 - 2013-04-22 17:18 - 000691152 _____ (AEAT) C:\Documents and Settings\Papá y Mamá\Actualizacion_Renta2012_windows_1_10.exe
2018-04-21 18:47 - 2018-04-21 18:47 - 000326325 _____ () C:\Documents and Settings\Papá y Mamá\Application Data\PE.bin
2017-04-03 16:58 - 2017-10-15 16:54 - 000000513 _____ () C:\Documents and Settings\Papá y Mamá\Application Data\Poladroid prefs.plist
2012-11-21 13:25 - 2020-02-01 10:18 - 000143360 _____ () C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-19 18:04 - 2012-11-19 18:04 - 000000134 _____ () C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\fusioncache.dat
2017-09-15 12:04 - 2017-09-15 12:04 - 000001085 _____ () C:\Documents and Settings\Papá y Mamá\Local Settings\Application Data\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-02-2020
Ran by Papá y Mamá (12-02-2020 19:45:18)
Running from C:\Documents and Settings\Papá y Mamá\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2012-11-19 14:32:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1757981266-484061587-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1757981266-484061587-725345543-1004 - Limited - Enabled)
Elena (S-1-5-21-1757981266-484061587-725345543-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Elena
Guest (S-1-5-21-1757981266-484061587-725345543-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1757981266-484061587-725345543-1000 - Limited - Disabled)
Papá y Mamá (S-1-5-21-1757981266-484061587-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Papá y Mamá
SUPPORT_388945a0 (S-1-5-21-1757981266-484061587-725345543-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus (Disabled - Out of date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM\...\uTorrent) (Version: 3.3.0.29544 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Acción Rescate (HKLM\...\ARescate) (Version: - )
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.321 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
Adobe Reader XI (11.0.08) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 10.0.0.40103 - ATI Technologies Inc.)
ATI Catalyst Control Center (HKLM\...\{3EFEA529-2CFD-4357-A10B-F0BDFEBA5092}) (Version: 1.2.2405.30455 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.282-060802a-035722C-ATI - )
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Compresor WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Configurador AEAT (HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\Configurador AEAT 2.5) (Version: 2.5 - AEAT)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
eMule (HKLM\...\eMule) (Version: - )
EPSON CardMonitor (HKLM\...\{109D28C7-FB38-483A-9C91-001CB59E2699}) (Version: - )
EPSON Copy Utility 3 (HKLM\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.0.2.0 - )
EPSON PhotoQuicker3.5 (HKLM\...\{65F5B7AF-3363-11D7-BB6B-00018021113F}) (Version: - )
EPSON PhotoStarter3.1 (HKLM\...\{C48817E7-AA05-4151-A99D-1E1E550CE801}) (Version: - )
EPSON PRINT Image Framer Tool2.1 (HKLM\...\{23B59ED4-C360-11D7-875B-0090CC005647}) (Version: - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
EPSON Smart Panel (HKLM\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version: - )
EPSON Web-To-Page (HKLM\...\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}) (Version: - )
ESCX3600 Manual de Referencia (HKLM\...\ESCX3600 Manual de Referencia) (Version: - )
ESCX3600 Manual de software (HKLM\...\ESCX3600 Manual de software) (Version: - )
ESET NOD32 Antivirus (HKLM\...\{1E8298E4-1428-4E59-879A-F02D6E723733}) (Version: 9.0.386.1 - ESET, spol. s r.o.)
ffdshow (remove only) (HKLM\...\ffdshow) (Version: - )
FLAC 1.2.1b (remove only) (HKLM\...\FLAC) (Version: 1.2.1b - Xiph.org)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Instalación de DivX (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
LightScribe 1.4.89.1 (HKLM\...\{2792F12C-3515-4D69-8083-B557AF35F06F}) (Version: 1.4.89.1 - hxxp://www.lightscribe.com) Hidden
Localization Pack for Microsoft Windows XP Media Center Edition (HKLM\...\{6110AC9D-6D79-4D32-BF4E-E600689F5B15}) (Version: 1.0.0 - WIT) Hidden
Malwarebytes versión 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Spanish Language Pack (HKLM\...\{83169D43-4660-4347-BC95-E9D6E6BE65CE}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version: - Microsoft Corporation)
Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.9.0 ESR (x86 es-ES) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 es-ES)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.0.6746 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{AEB9948B-4FF2-47C9-990E-47014492A0FE}) (Version: 6.00.3883.8 - Microsoft Corporation)
Nero12EssTSST (HKLM\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)
Paquete de controladores de Windows - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0) (HKLM\...\9722CA1E8F72F362E93CBEC75A707FDABFC8D880) (Version: 08/31/2007 5.7.0831.0 - Advanced Micro Devices, Inc.)
Paquete de controladores de Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0) (HKLM\...\69083DC58646DE46A09847A522A1CC487F918039) (Version: 08/31/2007 5.7.0831.0 - eMPIA Technology Inc,)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (12/11/2012 2.0.0010.00002) (HKLM\...\04CF11701525348E660A41C9E4DEE7AAAD98E86E) (Version: 12/11/2012 2.0.0010.00002 - Google, Inc.)
Paquete de controladores de Windows - MediaTek Inc. (usbser) Ports (09/01/2011 2.0.1136.0) (HKLM\...\164A1E7FF3DDF1D1429B061CEE765B978D4B69AF) (Version: 09/01/2011 2.0.1136.0 - MediaTek Inc.)
Paquete de controladores de Windows - MediaTek Inc. (usbser) Ports (09/01/2011 2.0.1136.0) (HKLM\...\D508BE44D6211DAD002341FADB5C8DA632F0326F) (Version: 09/01/2011 2.0.1136.0 - MediaTek Inc.)
Paquete de controladores de Windows - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\771C514E9C0BA1CD3D17BBBEC61E3DA148D17997) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Paquete de controladores de Windows - MediaTek Inc. Net (07/14/2011 1.1129.00) (HKLM\...\1C30D77FB8A9DD0D749C9A5E899FA9CD3F369744) (Version: 07/14/2011 1.1129.00 - MediaTek Inc.)
Paquete de controladores de Windows - Microsoft (WUDFRd) WPD (02/22/2006 5.2.5326.4762) (HKLM\...\69CADF8F00AAA9A376C5E2AB10282E747EC5386D) (Version: 02/22/2006 5.2.5326.4762 - Microsoft)
Paquete de idioma de Microsoft .NET Framework 2.0 - ESN (HKLM\...\Microsoft .NET Framework 2.0 Language Pack - ESN) (Version: - Microsoft Corporation)
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (HKLM\...\Microsoft .NET Framework 4 Client Profile ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PIF DESIGNER2.1 (HKLM\...\{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}) (Version: - )
Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.21 - VIA Technologies, Inc.) Hidden
Prerequisite installer (HKLM\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.23 - Realtek Semiconductor Corp.)
Reproductor de Windows Media 11 (HKLM\...\Windows Media Player) (Version: - )
ScanToWeb (HKLM\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version: - )
Segoe UI (HKLM\...\{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}) (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SSC Service Utility v4.30 (HKLM\...\SSC Service Utility_is1) (Version: - SSC Localization Group)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
TP-LINK TL-WN727N Driver (HKLM\...\{52C7E8B3-A21E-460B-A9EC-5B6CBB8635CE}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version: - Microsoft Corporation)
USB Video Driver (HKLM\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 1.00 - EETI)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.21 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Internet Explorer 8 Multilingual User Interface (MUI) (HKLM\...\IE8-MUI) (Version: 20090411.120000 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Xvid MPEG-4 Video Codec (HKLM\...\Xvid_is1) (Version: - )
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1757981266-484061587-725345543-1003_Classes\CLSID\{1EF21888-3BD8-4064-BAD3-4BF694952652}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\WLPG.dll (Microsoft Corporation) [File not signed]
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Windows Component Publisher -> Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Windows Component Publisher -> Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Windows Component Publisher -> Microsoft Corporation)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8462848 2012-06-08] (Microsoft Windows Component Publisher -> Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SUPERAntiSpyware.com -> SuperAdBlocker.com)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-06-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => -> No File
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-06-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll [2005-10-19] () [File not signed]
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-06-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.trspch] => C:\WINDOWS\system32\tssoft32.acm [8192 2006-03-15] (Microsoft Windows Component Publisher -> DSP GROUP, INC.)
HKLM\...\Drivers32: [vidc.I420] => C:\WINDOWS\system32\msh263.drv [294912 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.iv31] => C:\WINDOWS\system32\ir32_32.dll [199168 2006-03-15] (Microsoft Windows Component Publisher -> )
HKLM\...\Drivers32: [vidc.iv32] => C:\WINDOWS\system32\ir32_32.dll [199168 2006-03-15] (Microsoft Windows Component Publisher -> )
HKLM\...\Drivers32: [vidc.iv41] => C:\WINDOWS\system32\ir41_32.ax [848384 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation)
HKLM\...\Drivers32: [msacm.msg723] => C:\WINDOWS\system32\msg723.acm [118784 2006-03-15] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.M263] => C:\WINDOWS\system32\msh263.drv [294912 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.M261] => C:\WINDOWS\system32\msh261.drv [188416 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINDOWS\system32\msaud32.acm [282654 2009-09-01] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINDOWS\system32\sl_anet.acm [86016 2008-04-14] (Microsoft Windows Component Publisher -> Sipro Lab Telecom Inc.)
HKLM\...\Drivers32: [msacm.iac2] => C:\WINDOWS\system32\iac25_32.ax [199680 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\system32\ir50_32.dll [755200 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation)
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [vidc.YV12] => C:\WINDOWS\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.ffds] => C:\Program Files\ffdshow\ffdshow.ax [1761280 2004-10-12] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:MSFT_UCScenarioControl.Name=\"Microsoft WMI Updating Consumer Scenario Control\"",Filter="\\.\root\subscription:__EventFilter.Name=\"Microsoft WMI Updating Consumer Scenario Control\"::
WMI:subscription\__EventFilter->Microsoft WMI Updating Consumer Scenario Control::[Query => SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'MSFT_UCScenario']
==================== Loaded Modules (Whitelisted) =============
2005-10-19 10:17 - 2005-10-19 10:17 - 000073728 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
2016-02-23 21:20 - 2013-07-23 15:08 - 000193024 _____ () [File not signed] C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2016-02-23 21:20 - 2013-06-17 14:04 - 001411072 _____ () [File not signed] C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2016-02-23 21:20 - 2013-09-27 16:18 - 000192000 _____ () [File not signed] C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJRa.dll
2012-11-24 23:31 - 2010-03-15 11:28 - 000141824 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2020-01-21 20:06 - 2020-01-21 20:06 - 019937848 _____ (Adobe Inc. -> ) [File not signed] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_321.dll
2012-11-19 17:12 - 2001-09-26 05:00 - 000068096 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Internet Explorer\mui\0c0a\browselc.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\batfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <==== ATTENTION
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7934 more sites.
IE trusted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\gob.es -> hxxps://agenciatributaria.gob.es
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1757981266-484061587-725345543-1003\...\123simsen.com -> www.123simsen.com
There are 7932 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-03-15 13:00 - 2017-10-18 10:46 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1757981266-484061587-725345543-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName3 -> C:\WINDOWS\system32\ipconf.tsp (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName4 -> C:\WINDOWS\system32\h323.tsp (Microsoft Windows Component Publisher -> Microsoft Corporation)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BDARemote.lnk => C:\WINDOWS\pss\BDARemote.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
MSCONFIG\startupreg: ATICCC => "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EPSON Stylus CX3600 Series (Copiar 1) => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P37 "EPSON Stylus CX3600 Series (Copiar 1)" /O6 "USB001" /M "Stylus CX3600"
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\wlcsdk.exe] => Enabled:Windows Live Call
DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Program Files\Messenger\msmsgs.exe] => Enabled:Windows Messenger
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Papá y Mamá\Application Data\Spotify\spotify.exe] => Enabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\VideoLAN\VLC\vlc.exe] => Disabled:VLC media player 2.1.3
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Papá y Mamá\Application Data\uTorrent\updates\3.4.3_40298.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\Spotify.exe] => Disabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe] => Disabled:Java(TM) Platform SE binary
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Elena\Application Data\Spotify\Spotify.exe] => Enabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Program Files\eMule\emule.exe] => Enabled:eMule
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\CCleaner\CCUpdate.exe] => Enabled:CCleaner Update
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Papá y Mamá\Application Data\uTorrent\uTorrent.exe] => Enabled:µTorrent (Papá y Mamá)
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Papá y Mamá\My Documents\Downloads\utorrent-3-4-8-build-42576.exe] => Enabled:μTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\uTorrent\uTorrent.exe] => Enabled:µTorrent
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
DomainProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
DomainProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
DomainProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
DomainProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
DomainProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
DomainProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
StandardProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
StandardProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
StandardProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
StandardProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
StandardProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Servicio de uso compartido de red del Reproductor de Windows Media
StandardProfile\GloballyOpenPorts: [50001:TCP] => Enabled:Emule1
StandardProfile\GloballyOpenPorts: [60002:UDP] => Enabled:Emule2
==================== Restore Points =========================
15-12-2019 00:11:21 Punto de control del sistema
19-12-2019 12:48:57 Punto de control del sistema
21-01-2020 19:29:01 Punto de control del sistema
30-01-2020 09:40:58 Eliminado Comecocos
30-01-2020 09:44:13 Removed Hofmann 10.0.3.
30-01-2020 09:45:29 Quitado Learning Essentials para Microsoft Office
30-01-2020 09:47:01 Matemáticas de Microsoft quitado
30-01-2020 09:49:18 Microsoft Student con Encarta Premium 2009 quitado
30-01-2020 09:53:59 Skype™ 6.18 eliminado
30-01-2020 09:58:45 Removed Poladroid
31-01-2020 09:59:31 Eliminado Panorama Maker
31-01-2020 10:00:27 Removed Helium
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/28/2020 10:57:29 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de fecha y hora en el archivo firmado.
Error: (01/28/2020 10:57:29 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de fecha y hora en el archivo firmado.
Error: (12/19/2019 03:51:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Aplicación que no responde: uTorrent.exe, versión 3.4.8.42576, módulo que no responde hungapp, versión 0.0.0.0, dirección que no responde 0x00000000.
Error: (12/19/2019 11:25:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Aplicación que no responde: uTorrent.exe, versión 3.3.0.29544, módulo que no responde hungapp, versión 0.0.0.0, dirección que no responde 0x00000000.
Error: (12/11/2019 08:48:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: explorer.exe, versión: 6.0.2900.5512, módulo con error: libavcodec.dll, versión 0.0.0.0, dirección de error 0x0019d098.
Procesando suceso específico de medio para [explorer.exe!ws!]
Error: (11/24/2019 10:10:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: explorer.exe, versión: 6.0.2900.5512, módulo con error: libavcodec.dll, versión 0.0.0.0, dirección de error 0x0019d098.
Procesando suceso específico de medio para [explorer.exe!ws!]
Error: (11/24/2019 09:14:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: explorer.exe, versión: 6.0.2900.5512, módulo con error: libavcodec.dll, versión 0.0.0.0, dirección de error 0x0019d098.
Procesando suceso específico de medio para [explorer.exe!ws!]
Error: (11/24/2019 09:08:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: explorer.exe, versión: 6.0.2900.5512, módulo con error: libavcodec.dll, versión 0.0.0.0, dirección de error 0x0019d098.
Procesando suceso específico de medio para [explorer.exe!ws!]
System errors:
=============
Error: (02/12/2020 07:24:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/12/2020 07:22:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El controlador de inicialización siguiente no se cargó correctamente:
sptd
Error: (02/12/2020 07:22:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio StarWind AE Service no pudo iniciarse debido al siguiente error:
El sistema no puede hallar el archivo especificado.
Error: (02/12/2020 07:04:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El controlador de inicialización siguiente no se cargó correctamente:
sptd
Error: (02/12/2020 07:04:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio StarWind AE Service no pudo iniciarse debido al siguiente error:
El sistema no puede hallar el archivo especificado.
Error: (02/01/2020 10:08:04 AM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11
Error: (02/01/2020 10:08:04 AM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5
Error: (02/01/2020 10:08:04 AM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11
==================== Memory info ===========================
BIOS: American Megatrends Inc. A M I - 8000631 08/31/2006
Motherboard: ECS P4M890T-M2
Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
Percentage of memory in use: 99%
Total physical RAM: 1535.29 MB
Available physical RAM: 10.71 MB
Total Virtual: 3431.6 MB
Available Virtual: 1455.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:195.31 GB) (Free:5.36 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive e: () (Fixed) (Total:38.44 GB) (Free:4.06 GB) NTFS
Drive f: (Cine) (Fixed) (Total:298.08 GB) (Free:20.56 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 233.8 GB) (Disk ID: FD40FD40)
Partition 1: (Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=38.4 GB) - (Type=0F Extended)
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 398EB528)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================Como me pediste te he enviado los resultados del FRST.TXT Y Addition.txt. Espero tu respuesta y gracias. Ya lo sé el XP está pasadito pero mi ordenador viejo todavía está potable, y no va con otro sistema operativo. Pero me viene muy bien para bajar determinados archivos y videos a través de páginas algo comprometidas. Los equipos más actuales los uso para navegar con más seguridad y no comprometer el portal del banco o pagos con tarjeta a través de internet
Veamos…
Primer problema y quizas el motivo de la lentitud…Tu disco C, el del Sistema, esta casi sin espacio, por lo que eso ya determina la lentitud del sistema
Debes, si tienes en ese disco, sacar archivos de peso ,como fotos ,videos etc
Ahora ademas:
Desinstalas, Eset. pues es una version obsoleta. Spybot y Superantispyware, puesto que esos programas solo te consumen recursos y no aportan nada.
Luego ya vemos que ponemos
Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :
-
Para hacerlo descarga Delfix en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
En el equipo con los demas programas cerrados:
Inicio >>> Ejecutar >>>Escribes notepad.exe.
Ahora copia y pega estos archivos dentro del Notepad:
Start
CreateRestorePoint:
CloseProcesses:
S0 sptd; System32\Drivers\sptd.sys [X]
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:MSFT_UCScenarioControl.Name=\"Microsoft WMI Updating Consumer Scenario Control\"",Filter="\\.\root\subscription:__EventFilter.Name=\"Microsoft WMI Updating Consumer Scenario Control\"::
WMI:subscription\__EventFilter->Microsoft WMI Updating Consumer Scenario Control::[Query => SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'MSFT_UCScenario']
HKLM\...\batfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <==== ATTENTION
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<
Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
-
Ejecutas Frst.exe.
-
Presionas el botón Corregir y aguardas a que termine.
-
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
Lo pegas en tu próxima respuesta, comentado como va el problema
Fix result of Farbar Recovery Scan Tool (x86) Version: 12-02-2020
Ran by Papá y Mamá (18-02-2020 21:22:13) Run:1
Running from C:\Documents and Settings\Papá y Mamá\Desktop
Loaded Profiles: Papá y Mamá (Available Profiles: Papá y Mamá & Elena & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
S0 sptd; System32\Drivers\sptd.sys [X]
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:MSFT_UCScenarioControl.Name=\"Microsoft WMI Updating Consumer Scenario Control\"",Filter="\\.\root\subscription:__EventFilter.Name=\"Microsoft WMI Updating Consumer Scenario Control\"::
WMI:subscription\__EventFilter->Microsoft WMI Updating Consumer Scenario Control::[Query => SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'MSFT_UCScenario']
HKLM\...\batfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <==== ATTENTION
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Restore point was successfully created.
Processes closed successfully.
Ahí tienes el resultado del Fixlog.txt. No te puedo decir como va porque no he tenido mucho tiempo para probar. No parece que vaya mal.
El fixlog esta incompleto
Comprueba cuanto espacio tienes libre ahora y comenta como va el pc
Sí, se quedó colgado durante horas. Esto me extrañó porque en alguna ocasión lo he usado por indicación vuestra y no le llevó tanto tiempo hacer sus procesos. No quise esperar más y lo cerré, sobre todo porque vi que ya había escrito el archivo fixlog en el escritorio. Tengo 7 gigabytes libres y el PC parece que va bien. Si quieres vuelvo a ejecutar el FRST.exe
7 aun son pocos, pues enseguida volevra a alentarse, que tienes en C que ocupe tanto espacio?
Una biblioteca de cine, música, fotos. Archivos que ocupan mucho. Me preocupa que no se haya hecho el proceso completo del Frst.exe. ¿Debería hacerlo otra vez?
Ahora el incio del PC es más rápido. Gracias. He retirado el Eset pero los otros dos no porque tengo deshabilitado su inicio con el de windows para que no me ocupe RAM. Se cargan solo cuando los necesito.
Pues debes sacar lo que puedas a otra particion o disco externo y veras como el pc funciona muchísimo mejor,
Prueba con Panda free
Lo haré. Gracias. Te puedo pedir un último favor? Tengo problemas con uTorrent desde hace unas semanas. No se me inicia. Me explico, cuando lo arranco hace intención de abrirse pero al rato el disco duro deja de hacer sonido de proceso y el programa no sigue con su apertura. Lo he desinstalado y lo he vuelto a instalar, se me incia bien una o dos veces y luego vuelve a hacer lo mismo. Incluso he eliminado todo resto con ccleaner y he vuelto a reinstalarlo, me pidió la configuración de idioma, como si se instalara desde cero, pero después de cerrarlos dos o tres veces de nuevo me hace lo mismo. Pensé que podía estar relacionado con algún malware que me iniciaba lento el PC, pero esto ya está solucionado por ti y como te he contado antes el problema sigue igual. Te lo agradecería, si tienes alguna idea de lo que puede estar pasando.
Tienes la ultima version de Utorrent 3.5.5 build 45574)?
He probado con la última versión también. Me pasa con versiones más antiguas y más adaptadas al XP y con la última versión pero no consigo que resulte estable. No me importa otro cliente pero no sé si lo habrá para Windows XP
Hola, con permiso @anlecina ¿Ya has probado BitTorrent ?(es igual a utorrent). Dinos si con ese programa también tienes esos problemas que tú dices.
Saludos y continúen con el Tema.
He conseguido instalar un versión para xp de qbittorrent. Voy a probar y sin no, seguiré tu consejo. Gracias.
Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.