Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-05-2019 Ran by Ana (administrator) on LUIS_ALBERTO (LENOVO 9702AB7) (26-05-2019 15:59:49) Running from C:\Documents and Settings\Ana\Escritorio Loaded Profiles: Ana (Available Profiles: luis alberto combita & Ana & luis combita & Administrador & Invitado) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: Español (alfabetización internacional) Internet Explorer Version 8 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software s.r.o. -> AVAST Software) C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (Malwarebytes Corporation -> Malwarebytes) C:\Archivos de programa\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Archivos de programa\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\explorer.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\services.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\winlogon.exe (Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\alg.exe (Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Archivos de programa\AVAST Software\Avast\AvLaunch.exe [242392 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) HKLM\...\Run: [RTHDCPL] => RTHDCPL.EXE HKLM\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [1036288 2009-11-24] (Microsoft Corporation) [File not signed] HKU\S-1-5-21-1960408961-73586283-1801674531-1007\...\Policies\Explorer: [NoLowDiskSpaceChesks] 1 HKU\S-1-5-21-1960408961-73586283-1801674531-1007\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\avastSS.scr [53208 2016-09-06] (AVAST Software a.s. -> AVAST Software) HKLM\...\Providers\LanMan Print Services: C:\WINDOWS\system32\win32spl.dll [105472 2009-11-24] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [msacm.trspch] => C:\WINDOWS\system32\tssoft32.acm [8192 2001-08-24] (Microsoft Windows Component Publisher -> DSP GROUP, INC.) HKLM\...\Drivers32: [VIDC.I420] => C:\WINDOWS\system32\msh263.drv [294912 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.iv31] => C:\WINDOWS\system32\ir32_32.dll [199168 2001-08-24] (Microsoft Windows Component Publisher -> ) HKLM\...\Drivers32: [vidc.iv32] => C:\WINDOWS\system32\ir32_32.dll [199168 2001-08-24] (Microsoft Windows Component Publisher -> ) HKLM\...\Drivers32: [vidc.iv41] => C:\WINDOWS\system32\ir41_32.ax [848384 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation) HKLM\...\Drivers32: [msacm.msg723] => C:\WINDOWS\system32\msg723.acm [118784 2001-08-24] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.M263] => C:\WINDOWS\system32\msh263.drv [294912 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.M261] => C:\WINDOWS\system32\msh261.drv [188416 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINDOWS\system32\msaud32.acm [282654 2009-11-24] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINDOWS\system32\sl_anet.acm [86016 2008-04-14] (Microsoft Windows Component Publisher -> Sipro Lab Telecom Inc.) HKLM\...\Drivers32: [msacm.iac2] => C:\WINDOWS\system32\iac25_32.ax [199680 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation) HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\system32\ir50_32.dll [755200 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation) HKLM\...\Drivers32: [VIDC.MPG4] => C:\WINDOWS\system32\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Drivers32: [VIDC.MP42] => C:\WINDOWS\system32\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [497664 2009-08-11] () [File not signed] HKLM\...\Drivers32: [vidc.tscc] => C:\WINDOWS\system32\tsccvid.dll [602624 2013-11-26] (TechSmith Corporation) [File not signed] HKLM\...\Drivers32: [vidc.tsc2] => C:\WINDOWS\system32\tsc2_codec32.dll [234496 2013-09-18] (TechSmith Corporation) [File not signed] HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [284672 2018-01-28] () [File not signed] HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [112128 2015-10-24] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed] HKLM\...\Drivers32: [msacm.l3codecp] => C:\WINDOWS\system32\l3codecp.acm [232448 2009-11-24] (Microsoft Windows Component Publisher -> Fraunhofer Institut Integrierte Schaltungen IIS) HKLM\Software\Microsoft\Active Setup\Installed Components: [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> C:\WINDOWS\system32\ieudinit.exe [2009-03-08] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\inf\unregmp2.exe [2009-11-24] (Microsoft Corporation) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Archivos de programa\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINDOWS\system32\advpack.dll [2009-11-24] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINDOWS\system32\advpack.dll [2009-11-24] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] -> C:\WINDOWS\system32\advpack.dll [2009-11-24] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\advpack.dll [2009-11-24] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Archivos de programa\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Archivos de programa\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-05-23] (Google Inc -> Google Inc.) HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll GroupPolicy: Restriction - Chrome <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Archivos de programa\CCleaner\CCUpdate.exe Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1464892677.job => C:\Archivos de programa\Opera\launcher.exe Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task b151d79f-4a94-4f42-80f0-dc3774cd11ab.job => C:\Archivos de programa\SUPERAntiSpyware\SASTask.exe C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c75f75b2-0d39-46d4-87a1-4e734462de70.job => C:\Archivos de programa\SUPERAntiSpyware\SASTask.exe C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1960408961-73586283-1801674531-1007\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1960408961-73586283-1801674531-1007\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = SearchScopes: HKU\S-1-5-21-1960408961-73586283-1801674531-1007 -> DefaultScope {84EA543E-D14F-4962-9CBC-965C63F8630B} URL = Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-1960408961-73586283-1801674531-1007 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll [2013-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\SHELL32.dll [2015-07-29] (Microsoft Corporation) [File not signed] Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - No File FireFox: ======== FF ProfilePath: C:\Documents and Settings\Ana\Datos de programa\Mozilla\Firefox\Profiles\kzyrpnje.default-1528586266250 [2019-05-26] FF Homepage: C:\Documents and Settings\Ana\Datos de programa\Mozilla\Firefox\Profiles\kzyrpnje.default-1528586266250 -> hxxps://www.facebook.com/ FF Extension: (Avast Online Security) - C:\Documents and Settings\Ana\Datos de programa\Mozilla\Firefox\Profiles\kzyrpnje.default-1528586266250\Extensions\wrc@avast.com.xpi [2019-04-29] FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Documents and Settings\Ana\Datos de programa\Mozilla\Firefox\Profiles\kzyrpnje.default-1528586266250\features\{f5588059-19ba-4dd1-bfa9-2d196612a04f}\hotfix-bug-1548973@mozilla.org.xpi [2019-05-24] [Legacy] FF Extension: (Application Update Service Helper) - C:\Archivos de programa\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi [2018-06-21] [Legacy] [not signed] FF Extension: (Multi-process staged rollout) - C:\Archivos de programa\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi [2018-06-21] [Legacy] [not signed] FF Extension: (Pocket) - C:\Archivos de programa\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi [2018-06-21] [Legacy] [not signed] FF Extension: (Web Compat) - C:\Archivos de programa\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi [2018-06-21] [Legacy] [not signed] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-12-27] [Legacy] [not signed] FF HKU\S-1-5-21-1960408961-73586283-1801674531-1007\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8877}] - C:\Documents and Settings\Ana\Configuración local\Datos de programa\GAS Tecnologia\GBBD\bdv\xpi FF Extension: (Cl@veDefensa - Banco de Venezuela) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\GAS Tecnologia\GBBD\bdv\xpi [2014-12-22] [Legacy] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-29] (Adobe Systems Incorporated -> ) [File not signed] FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) [File not signed] FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Archivos de programa\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Archivos de programa\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Archivos de programa\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2009-09-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @nexon.net/NxGame -> C:\Documents and Settings\All Users\Datos de programa\NexonUS\NGM\npNxGameUS.dll [2018-09-27] (Nexon) [File not signed] FF Plugin: @raidcall.en/RCplugin -> C:\Documents and Settings\Ana\Datos de programa\raidcall\plugins\nprcplugin.dll [No File] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Archivos de programa\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google Inc -> Google LLC) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Archivos de programa\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google Inc -> Google LLC) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Archivos de programa\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN) FF Plugin: Adobe Reader -> C:\Archivos de programa\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1960408961-73586283-1801674531-1007: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Ana\Datos de programa\Mozilla\plugins\npgoogletalk.dll [2013-08-27] (Google Inc -> Google) FF Plugin HKU\S-1-5-21-1960408961-73586283-1801674531-1007: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Ana\Datos de programa\Mozilla\plugins\npo1d.dll [2013-08-27] (Google Inc -> Google) FF Plugin HKU\S-1-5-21-1960408961-73586283-1801674531-1007: @talk.google.com/O3DPlugin -> C:\Documents and Settings\Ana\Datos de programa\Mozilla\plugins\npgtpo3dautoplugin.dll [2013-08-27] (Google Inc -> ) FF Plugin HKU\S-1-5-21-1960408961-73586283-1801674531-1007: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-12] (Google Inc -> Google Inc.) FF Plugin HKU\S-1-5-21-1960408961-73586283-1801674531-1007: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-12] (Google Inc -> Google Inc.) FF Plugin HKU\S-1-5-21-1960408961-73586283-1801674531-1007: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Ana\Configuración local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-11] (Unity Technologies SF -> Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1960408961-73586283-1801674531-1007: gastecnologia.com.br/sf/bdv -> C:\Documents and Settings\Ana\Configuración local\Datos de programa\GAS Tecnologia\GBBD\npsf_bdv.dll [2014-01-13] (Banco de Venezuela SA Banco Universal -> GAS Tecnologia) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Ana\Datos de programa\mozilla\plugins\npgoogletalk.dll [2013-08-30] FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Ana\Datos de programa\mozilla\plugins\npgtpo3dautoplugin.dll [2013-08-30] FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Ana\Datos de programa\mozilla\plugins\npo1d.dll [2013-08-30] Chrome: ======= CHR DefaultProfile: Default CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms} CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms} CHR Profile: C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default [2019-05-24] CHR Extension: (Presentaciones) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-29] CHR Extension: (Documentos) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-29] CHR Extension: (Google Drive) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-29] CHR Extension: (WebRTC Protect) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\bkmmlbllpjdpgcgdohbaghfaecnddhni [2019-05-05] CHR Extension: (YouTube) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-29] CHR Extension: (Friend Remover PRO - Delete All Friends 2017) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\ekjblaihiicbgjibfipjoepkmondnnbd [2019-03-29] CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-29] CHR Extension: (Hojas de cálculo) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-29] CHR Extension: (Documentos de Google sin conexión) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-08] CHR Extension: (Avast Online Security) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-02] CHR Extension: (Hoxx VPN Proxy) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2019-05-05] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-29] CHR Extension: (Gmail) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-29] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - CHR HKLM\...\Chrome\Extension: [pppagaglfkmlpgobnlenhknilehpmcbo] - Opera: ======= OPR Extension: (Super Auto Refresh) - C:\Documents and Settings\Ana\Datos de programa\Opera Software\Opera Stable\Extensions\ghjaeanhfafkigkehjgapnlobfhefkme [2017-04-10] OPR Extension: (DotVPN — a better way to VPN) - C:\Documents and Settings\Ana\Datos de programa\Opera Software\Opera Stable\Extensions\hiegahbgoabbpoieploedhfnobmpgbeg [2019-01-13] OPR Extension: (Page Capture) - C:\Documents and Settings\Ana\Datos de programa\Opera Software\Opera Stable\Extensions\hjjhcalkcaeagibemeeakbmmmaneedoh [2015-08-07] OPR Extension: (TinEye Reverse Image Search (Context menu)) - C:\Documents and Settings\Ana\Datos de programa\Opera Software\Opera Stable\Extensions\kgdmjihcfdjkcgodohgofgcdfiaekdkk [2015-12-12] OPR Extension: (SafeBrowse) - C:\Documents and Settings\Ana\Datos de programa\Opera Software\Opera Stable\Extensions\klmnkkadejnkpgnibphjeoancnmmjkef [2015-08-07] OPR Extension: (About://Internal Pages) - C:\Documents and Settings\Ana\Datos de programa\Opera Software\Opera Stable\Extensions\mpkgnldklpemphbfogboacnljgfpnkme [2016-11-01] OPR Extension: (Flash Video Downloader (FVD)) - C:\Documents and Settings\Ana\Datos de programa\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2017-08-10] OPR Extension: (Bookmarks Manager) - C:\Documents and Settings\Ana\Datos de programa\Opera Software\Opera Stable\Extensions\nkgbeagkihphgjnlkclfjjjplmefndnm [2013-11-14] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Documents and Settings\Ana\Datos de programa\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-05-04] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Documents and Settings\Ana\Datos de programa\Opera Software\Opera Stable\WidevineCDM\1.4.8.903\_platform_specific\win_x86\widevinecdmadapter.dll [2016-08-05] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\WINDOWS\system32\Macromed\Flash\pepflashplayer32_29_0_0_140.dll [2018-04-22] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\QuickTime\plugins\npqtplugin.dll [2017-06-15] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\QuickTime\plugins\npqtplugin2.dll [2017-06-15] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\QuickTime\plugins\npqtplugin3.dll [2017-06-15] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\QuickTime\plugins\npqtplugin4.dll [2017-06-15] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\QuickTime\plugins\npqtplugin5.dll [2017-06-15] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\Windows Media Player\npdrmv2.dll [2009-11-24] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\Windows Media Player\npdsplay.dll [2008-04-14] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\Windows Media Player\npwmsdrm.dll [2009-11-24] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\Google\Update\1.3.33.7\npGoogleUpdate3.dll [0] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-20] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Archivos de programa\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-20] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\GAS Tecnologia\GBBD\npsf_bdv.dll [2014-01-13] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Documents and Settings\Ana\Configuración local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-11] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Documents and Settings\Ana\Datos de programa\Mozilla\plugins\npgoogletalk.dll [2013-08-27] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Documents and Settings\Ana\Datos de programa\Mozilla\plugins\npgtpo3dautoplugin.dll [2013-08-27] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Documents and Settings\Ana\Datos de programa\Mozilla\plugins\npo1d.dll [2013-08-27] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Documents and Settings\Ana\Datos de programa\TrianglePlayer\NPTrianglePlayer.dll [0] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Documents and Settings\Ana\Datos de programa\raidcall\plugins\nprcplugin.dll [0] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - c:\Archivos de programa\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2009-09-14] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation) [File not signed] S3 aswbIDSAgent; C:\Archivos de programa\AVAST Software\Avast\aswidsagent.exe [6799632 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe [324000 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) S3 BITS; C:\WINDOWS\system32\qmgr.dll [408576 2009-11-24] (Microsoft Corporation) [File not signed] S4 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed] R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-11-24] (Microsoft Corporation) [File not signed] R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2009-11-24] (Microsoft Corporation) [File not signed] S3 Disc Soft Lite Bus Service; C:\Archivos de programa\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd) R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-11-24] (Microsoft Corporation) [File not signed] S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [133120 2009-11-24] (Microsoft Corporation) [File not signed] R2 Eventlog; C:\WINDOWS\system32\services.exe [111104 2009-11-24] (Microsoft Corporation) [File not signed] R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2009-11-24] (Microsoft Corporation) [File not signed] R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-11-24] (Microsoft Corporation) [File not signed] R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed] S3 LanmanWorkstation; C:\WINDOWS\System32\wkssvc.dll [134144 2009-11-24] (Microsoft Corporation) [File not signed] S2 MBAMIService; C:\Documents and Settings\All Users\Datos de programa\MB3Install\MBAMIService.exe [170496 2018-05-29] (Malwarebytes) [File not signed] R2 MBAMService; C:\Archivos de programa\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes Corporation -> Malwarebytes) S4 Microsoft Office Groove Audit Service; C:\Archivos de programa\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) S3 MSIServer; C:\WINDOWS\System32\msiexec.exe /V [96256 2015-06-24] (Microsoft Corporation) [File not signed] S4 NovaPdfServer; C:\Archivos de programa\Softland\novaPDF 8\Server\novapdfs.exe [35616 2014-12-16] (Softland S.R.L. -> Microsoft) S4 odserv; C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation -> Microsoft Corporation) S4 ose; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation -> Microsoft Corporation) S4 OverwolfUpdater; C:\Archivos de programa\Overwolf\OverwolfUpdater.exe [999152 2015-05-04] (Overwolf Ltd -> Overwolf LTD) R2 PlugPlay; C:\WINDOWS\system32\services.exe [111104 2009-11-24] (Microsoft Corporation) [File not signed] R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-11-24] (Microsoft Corporation) [File not signed] R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2016-02-16] (Microsoft Corporation) [File not signed] R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331776 2009-11-24] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-11-24] (Microsoft Corporation) [File not signed] R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed] S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{FE6DB053-B1A7-4629-8342-522CF87F4B3A} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2009-11-24] (Microsoft Corporation) [File not signed] R3 TermService; C:\WINDOWS\System32\termsrv.dll [298496 2009-11-24] (Microsoft Corporation) [File not signed] R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-11-24] (Microsoft Corporation) [File not signed] S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [1107456 2009-11-24] (Microsoft Corporation) [File not signed] S3 Wmi; C:\WINDOWS\System32\advapi32.dll [686080 2015-12-17] (Microsoft Corporation) [File not signed] S4 WMPNetworkSvc; C:\Archivos de programa\Windows Media Player\WMPNetwk.exe [916480 2009-11-24] (Microsoft Windows Component Publisher -> Microsoft Corporation) S4 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [439808 2009-11-24] (Microsoft Corporation) [File not signed] S4 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2009-11-24] (Microsoft Corporation) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2014-05-28] (Microsoft Corporation) [File not signed] S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative Labs Inc -> Creative) S3 ampa; C:\WINDOWS\system32\ampa.sys [12656 2013-11-29] (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] S3 Andbus; C:\WINDOWS\System32\DRIVERS\lgandbus.sys [14336 2010-12-07] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndDiag; C:\WINDOWS\System32\DRIVERS\lganddiag.sys [20736 2010-12-07] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndGps; C:\WINDOWS\System32\DRIVERS\lgandgps.sys [20096 2010-12-07] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 ANDModem; C:\WINDOWS\System32\DRIVERS\lgandmodem.sys [25088 2010-12-07] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 andnetadb; C:\WINDOWS\System32\Drivers\lgandnetadb.sys [25856 2010-11-29] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc) S3 androidusb; C:\WINDOWS\System32\Drivers\lgandadb.sys [25728 2010-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc) S3 apf003; C:\WINDOWS\system32\apf003.sys [13232 2013-08-20] (Beijing Apex Weifeng Technology Co.,Ltd. -> ) [File not signed] R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167480 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188976 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [165384 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284256 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57904 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [138840 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42736 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40688 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135200 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70640 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72800 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784560 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [397992 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) S3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [146584 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2014-09-28] (AVAST Software a.s. -> The OpenVPN Project) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310200 2019-04-16] (AVAST Software s.r.o. -> AVAST Software) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 devlower; C:\WINDOWS\System32\DRIVERS\devlower.sys [9216 2010-07-02] (Windows (R) Server 2003 DDK provider) [File not signed] S3 dg_ssudbus; C:\WINDOWS\System32\DRIVERS\ssudbus.sys [80824 2012-06-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [25016 2015-07-31] (Disc Soft Ltd -> Disc Soft Ltd) S1 DumpDrv; C:\Windows\System32\Drivers\DumpDrv.sys [9472 2009-11-24] (Microsoft Corporation) [File not signed] R1 EfiMon; C:\WINDOWS\System32\Drivers\Efimon.sys [23624 2014-02-09] (Qihoo 360 Software (Beijing) Company Limited -> 360安全中心) S4 exFat; C:\Windows\System32\Drivers\exFat.sys [133632 2009-11-24] (Microsoft Corporation) [File not signed] U1 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [9216 2009-11-24] (Microsoft Corporation) [File not signed] R0 GbpKm; C:\WINDOWS\System32\drivers\gbpkm.sys [47192 2014-05-08] (GAS INFORMATICA LTDA -> GAS Tecnologia) S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2018-05-30] (LogMeIn, Inc. -> LogMeIn, Inc.) R0 HookPort; C:\WINDOWS\System32\Drivers\Hookport.sys [75832 2014-02-09] (Qihoo 360 Software (Beijing) Company Limited -> 360安全中心) R3 HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [254848 2006-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) R3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [990592 2006-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) S3 HTCAND32; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [25088 2014-07-22] (HTC, Corporation) [File not signed] R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed] R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-08-19] (Martin Malik - REALiX -> REALiX(tm)) S3 hwmobile; C:\WINDOWS\System32\DRIVERS\hwusbser.sys [106624 2010-08-19] (Microsoft Windows Hardware Compatibility Publisher -> HUAWEI Incorporated) R3 ialm; C:\WINDOWS\System32\DRIVERS\igxpmp32.sys [1730272 2010-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R1 ISODrive; C:\Archivos de programa\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) S3 ManyCam; C:\WINDOWS\System32\DRIVERS\mcvidrv.sys [34432 2012-07-20] (Microsoft Windows Hardware Compatibility Publisher -> ManyCam LLC) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [220896 2019-05-26] (Malwarebytes Corporation -> Malwarebytes) S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv.sys [25088 2012-07-20] (Microsoft Windows Hardware Compatibility Publisher -> ManyCam LLC) R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [12544 2005-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Conexant) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Labs Inc -> Creative Technology Ltd.) R0 MountMgr; C:\Windows\System32\Drivers\MountMgr.sys [42752 2009-11-24] (Microsoft Corporation) [File not signed] R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [457856 2011-07-15] (Microsoft Corporation) [File not signed] R0 NDIS; C:\Windows\System32\Drivers\NDIS.sys [182912 2009-11-24] (Microsoft Corporation) [File not signed] S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed] R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91776 2009-11-24] (Microsoft Corporation) [File not signed] R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed] S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 nocashio; C:\WINDOWS\System32\drivers\nocashio.sys [4096 2012-02-28] () [File not signed] R4 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [576512 2009-03-23] (Microsoft Corporation) [File not signed] R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2001-08-24] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2001-08-24] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 Orinoquia; C:\WINDOWS\System32\DRIVERS\orinousbser.sys [106624 2011-11-09] (Microsoft Windows Hardware Compatibility Publisher -> ORINOQUIA Incorporated) U5 phunter; C:\WINDOWS\system32\unikey.sys [13816 2017-12-04] (UAB Digiteka -> ) S3 pneteth; C:\WINDOWS\System32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.) [File not signed] S3 PortTalk; C:\WINDOWS\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [File not signed] R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [70272 2009-11-24] (Microsoft Corporation) [File not signed] R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> ) R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2009-11-24] (Microsoft Corporation) [File not signed] R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [174848 2009-11-24] (Microsoft Corporation) [File not signed] R3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [195712 2009-09-04] (Microsoft Corporation) [File not signed] S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) [File not signed] S3 REN2CAP_DRIVER; C:\WINDOWS\System32\drivers\ren2cap.sys [39048 2011-11-07] (4Front Technologies, Inc. -> ) S3 rimvndis; C:\WINDOWS\System32\Drivers\rimvndis.sys [12288 2015-05-26] (BlackBerry Limited) [File not signed] S3 RimVSerPort; C:\WINDOWS\System32\DRIVERS\RimSerial.sys [35840 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd) R2 rspndr; C:\WINDOWS\System32\DRIVERS\rspndr.sys [62848 2009-11-24] (Microsoft Corporation) [File not signed] R1 SASDIFSV; C:\Archivos de programa\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [80384 2009-11-24] (Microsoft Corporation) [File not signed] S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S3 smhwdev; C:\WINDOWS\System32\DRIVERS\smhwdev.sys [100864 2010-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 smhwser; C:\WINDOWS\System32\DRIVERS\smhwser.sys [108032 2010-06-24] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) S3 ssudmdm; C:\WINDOWS\System32\DRIVERS\ssudmdm.sys [181432 2012-06-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudserd; C:\WINDOWS\System32\DRIVERS\ssudserd.sys [181432 2012-06-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tapse01; C:\WINDOWS\System32\DRIVERS\tapse01.sys [33720 2016-07-14] (SurfEasy Inc -> The OpenVPN Project) R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2015-10-13] (Microsoft Corporation) [File not signed] R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2015-10-13] (Microsoft Corporation) [File not signed] S3 TDTCP; C:\Windows\System32\Drivers\TDTCP.sys [22024 2009-11-24] (Microsoft Corporation) [File not signed] U5 UnlockerDriver5; C:\Archivos de programa\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-16] (Microsoft Corporation) [File not signed] S3 usbbus; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys [13056 2010-10-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 usbcamcl; C:\WINDOWS\System32\DRIVERS\usbcamcl.sys [30976 2010-07-15] (usb camera) [File not signed] S3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation) [File not signed] S3 UsbDiag; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys [20864 2010-10-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed] S3 USBModem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys [25216 2010-10-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 usbser; C:\WINDOWS\System32\DRIVERS\usbser.sys [26240 2013-08-28] (Microsoft Corporation) [File not signed] S3 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26496 2016-01-29] (Microsoft Corporation) [File not signed] S3 usbUDisc; C:\WINDOWS\System32\DRIVERS\USBDrv.sys [13824 2018-05-10] (ALL WINNER (HONG KONG) LIMITED -> Scott) S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [123008 2013-07-16] (Microsoft Corporation) [File not signed] S3 USB_RNDIS; C:\WINDOWS\System32\DRIVERS\usb8023.sys [12928 2013-02-11] (Microsoft Corporation) [File not signed] S3 usb_rndisx; C:\WINDOWS\System32\DRIVERS\usb8023x.sys [12928 2013-02-11] (Microsoft Corporation) [File not signed] S3 wacomrouterfilter; C:\WINDOWS\System32\DRIVERS\wacomrouterfilter.sys [13112 2015-08-19] (Wacom Technology Corp. -> Wacom Technology) R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [727808 2006-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [299488 2013-01-08] (Marvell Semiconductor -> Marvell) S3 ztemtusbser; C:\WINDOWS\System32\DRIVERS\CT_ZTEMT_U_USBSER.sys [105472 2010-06-06] (Microsoft Windows Hardware Compatibility Publisher -> ZTEMT Incorporated) S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X] S3 ATP; no ImagePath S3 EagleXNt; no ImagePath S3 Generalusbserialser20675; system32\DRIVERS\CT_U_USBSER.sys [X] S4 IntelIde; no ImagePath S3 LLRING0; no ImagePath S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X] S1 MoboroboAssDriver; system32\drivers\MoboroboAssDriver.sys [X] S3 RimUsb; System32\Drivers\RimUsb.sys [X] S3 USBAAPL; System32\Drivers\usbaapl.sys [X] S1 WNMFLT; no ImagePath S3 XDva407; no ImagePath S3 XDva409; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-05-26 15:59 - 2019-05-26 16:02 - 000048371 _____ C:\Documents and Settings\Ana\Escritorio\FRST.txt 2019-05-26 15:59 - 2019-05-26 15:59 - 000000856 _____ C:\Documents and Settings\Ana\Escritorio\JRT.txt 2019-05-26 15:59 - 2019-05-26 15:59 - 000000000 ____D C:\FRST 2019-05-26 15:47 - 2019-05-26 15:47 - 000004569 _____ C:\Documents and Settings\Ana\Escritorio\AdwCleaner[C0].txt 2019-05-26 15:34 - 2019-05-26 15:37 - 000000000 ____D C:\AdwCleaner 2019-05-26 15:33 - 2019-05-26 15:34 - 004110280 _____ C:\Documents and Settings\Ana\Escritorio\adwcleaner_6.047.exe 2019-05-26 15:25 - 2019-05-26 15:25 - 000013423 _____ C:\Documents and Settings\Ana\Escritorio\Malwarebytes.txt 2019-05-26 14:33 - 2019-05-26 14:33 - 000220896 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2019-05-26 14:32 - 2019-05-26 14:32 - 000001778 _____ C:\Documents and Settings\All Users\Escritorio\Malwarebytes.lnk 2019-05-26 14:32 - 2019-05-26 14:32 - 000000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes 2019-05-26 14:31 - 2019-05-26 14:31 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\Malwarebytes 2019-05-26 14:31 - 2019-05-26 14:31 - 000000000 ____D C:\Archivos de programa\Malwarebytes 2019-05-26 14:31 - 2018-04-26 05:36 - 000128736 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys 2019-05-26 14:19 - 2019-05-26 14:19 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\MB3Install 2019-05-26 14:17 - 2019-05-26 14:18 - 076534856 _____ (Malwarebytes ) C:\Documents and Settings\Ana\Escritorio\mb3-setup-legacywos-3.5.1.2522-1.0.365-1.0.5292.exe 2019-05-26 13:55 - 2019-05-26 13:55 - 000119722 _____ C:\Documents and Settings\Ana\Mis documentos\cc_20190526_135456.reg 2019-05-26 13:52 - 2019-05-26 13:52 - 000084208 _____ C:\Documents and Settings\Ana\Configuración local\Datos de programa\GDIPFONTCACHEV1.DAT 2019-05-26 13:46 - 2019-05-26 13:56 - 000000338 ____H C:\WINDOWS\Tasks\CCleaner Update.job 2019-05-26 13:46 - 2019-05-26 13:46 - 000000731 _____ C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk 2019-05-26 13:46 - 2019-05-26 13:46 - 000000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\CCleaner 2019-05-26 13:46 - 2019-05-26 13:46 - 000000000 ____D C:\Archivos de programa\CCleaner 2019-05-26 13:42 - 2019-05-26 13:42 - 001794048 _____ (Farbar) C:\Documents and Settings\Ana\Escritorio\FRST.exe 2019-05-26 13:40 - 2019-05-26 13:40 - 001790024 _____ (Malwarebytes) C:\Documents and Settings\Ana\Escritorio\JRT.exe 2019-05-26 13:27 - 2019-05-26 13:27 - 021254208 _____ (Piriform Software Ltd) C:\Documents and Settings\Ana\Escritorio\ccsetup556.exe 2019-05-26 10:57 - 2019-05-26 11:03 - 000000000 ____D C:\FSTool 2019-05-24 19:01 - 2019-05-26 13:56 - 000000426 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1464892677.job 2019-05-24 18:24 - 2019-05-26 13:56 - 000000534 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c75f75b2-0d39-46d4-87a1-4e734462de70.job 2019-05-24 18:23 - 2019-05-26 13:56 - 000000534 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task b151d79f-4a94-4f42-80f0-dc3774cd11ab.job 2019-05-24 18:22 - 2019-05-24 18:22 - 000000000 ____D C:\Documents and Settings\Ana\Configuración local\Datos de programa\Temp 2019-05-24 18:11 - 2019-05-24 18:11 - 000000000 ____D C:\WINDOWS\ABR 2019-05-23 23:46 - 2019-05-23 23:46 - 000001880 _____ C:\Documents and Settings\All Users\Menú Inicio\Programas\Google Chrome.lnk 2019-05-23 20:56 - 2019-05-24 12:40 - 000000000 ____D C:\Documents and Settings\luis combita\Mis documentos\Descargas 2019-05-22 20:22 - 2019-05-25 18:15 - 000000000 ____D C:\SUPERDelete 2019-05-22 20:08 - 2019-05-22 20:08 - 000000000 ____D C:\Documents and Settings\Ana\Datos de programa\SUPERAntiSpyware.com 2019-05-22 20:06 - 2019-05-25 19:20 - 000000000 ____D C:\Archivos de programa\SUPERAntiSpyware 2019-05-22 20:06 - 2019-05-22 20:06 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\SUPERAntiSpyware.com 2019-05-22 19:45 - 2019-05-22 19:45 - 000000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Auto Clicker Asoftech 2019-05-22 19:45 - 2019-05-22 19:45 - 000000000 ____D C:\Archivos de programa\Asoftech 2019-05-21 18:57 - 2019-05-21 18:57 - 000000000 ___HD C:\Documents and Settings\Ana\Datos de programa\ShellList 2019-05-20 18:44 - 2019-05-20 19:09 - 000000063 _____ C:\WINDOWS\data.file 2019-05-20 17:46 - 2019-05-20 20:47 - 000000000 ____D C:\Documents and Settings\Ana\Mis documentos\Android_MTK 2019-05-19 16:27 - 2019-05-19 16:27 - 000000000 ____D C:\Documents and Settings\Ana\Datos de programa\pyinstaller 2019-05-18 19:49 - 2019-05-18 19:49 - 000000000 ____D C:\Documents and Settings\Ana\Mis documentos\NckDongle 2019-05-16 18:05 - 2019-05-16 18:05 - 000000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Auto Clicker by MurGee.com 2019-05-16 18:05 - 2019-05-16 18:05 - 000000000 ____D C:\Archivos de programa\Auto Clicker by MurGee.com 2019-05-07 19:31 - 2019-05-07 19:32 - 000000000 __SHD C:\Documents and Settings\Ana\Configuración local\Datos de programa\.# 2019-05-05 15:10 - 2019-05-05 15:10 - 000000000 ____D C:\Documents and Settings\Ana\Configuración local\Datos de programa\SkinSoft 2019-05-04 17:52 - 2019-05-04 17:52 - 000000000 ____D C:\Documents and Settings\Ana\Datos de programa\SBot 2019-05-04 17:51 - 2019-05-04 17:51 - 000000000 ____D C:\Documents and Settings\Ana\Datos de programa\edxLabs 2019-05-01 20:20 - 2019-05-01 20:20 - 000000000 ____D C:\Documents and Settings\Ana\Configuración local\Datos de programa\Deployment 2019-05-01 19:15 - 2019-05-01 19:15 - 000000000 ____D C:\Documents and Settings\Ana\Datos de programa\Pokémon Trading Card Game Online 2019-05-01 18:32 - 2019-05-01 18:32 - 000000000 ____D C:\Archivos de programa\3DP Chip Lite 2019-05-01 18:18 - 2019-05-01 18:18 - 000000000 ____D C:\Documents and Settings\Ana\Datos de programa\JetBrains 2019-05-01 18:16 - 2019-05-01 18:16 - 000000000 ____D C:\Documents and Settings\Ana\.PyCharmCE2018.1 2019-04-29 18:24 - 2019-04-29 18:24 - 000000000 ___HD C:\WINDOWS\msdownld.tmp ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-05-26 16:02 - 2016-12-24 10:39 - 000000000 ____D C:\Documents and Settings\Ana\Configuración local\temp 2019-05-26 15:59 - 2012-02-12 16:32 - 000000000 ____D C:\Documents and Settings\Ana\Escritorio 2019-05-26 15:40 - 2011-12-27 23:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-05-26 15:38 - 2017-09-30 13:38 - 000031846 _____ C:\WINDOWS\SchedLgU.Txt 2019-05-26 15:38 - 2012-02-12 16:32 - 000000192 ___SH C:\Documents and Settings\Ana\ntuser.ini 2019-05-26 15:38 - 2012-02-12 16:32 - 000000000 ____D C:\Documents and Settings\Ana 2019-05-26 15:36 - 2018-01-15 19:23 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\Lavasoft 2019-05-26 15:36 - 2011-12-27 18:09 - 000000000 ___HD C:\Documents and Settings\All Users\Datos de programa 2019-05-26 15:33 - 2012-02-12 16:32 - 000000000 ___RD C:\Documents and Settings\Ana\Mis documentos 2019-05-26 15:10 - 2011-12-27 18:12 - 000000000 ____D C:\Archivos de programa 2019-05-26 14:32 - 2011-12-27 18:11 - 000000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas 2019-05-26 14:32 - 2011-12-27 18:11 - 000000000 ____D C:\Documents and Settings\All Users\Escritorio 2019-05-26 14:03 - 2012-02-12 16:32 - 000000000 __SHD C:\Documents and Settings\Ana\Configuración local\Archivos temporales de Internet 2019-05-26 14:00 - 2014-03-06 23:28 - 001143808 ___SH C:\Documents and Settings\Ana\Escritorio\Thumbs.db 2019-05-26 13:52 - 2014-05-13 23:19 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\BlueStacksSetup 2019-05-26 13:52 - 2013-07-04 19:21 - 000000000 ____D C:\Documents and Settings\Ana\Datos de programa\uTorrent 2019-05-26 13:52 - 2012-02-12 16:32 - 000000000 ___HD C:\Documents and Settings\Ana\Configuración local\Datos de programa 2019-05-26 13:50 - 2012-09-14 18:20 - 000000000 ____D C:\WINDOWS\Minidump 2019-05-26 13:45 - 2016-10-19 17:35 - 000000000 ____D C:\Documents and Settings\Ana\Escritorio\Muchas Cositas 2019-05-26 10:32 - 2016-06-02 14:37 - 000000000 ____D C:\Archivos de programa\Opera 2019-05-26 09:43 - 2011-12-27 23:44 - 000000000 ____D C:\Documents and Settings\luis alberto combita 2019-05-26 08:44 - 2018-10-28 14:51 - 000000000 ____D C:\Archivos de programa\VLC 2019-05-25 21:17 - 2014-03-22 13:00 - 000000192 ___SH C:\Documents and Settings\luis combita\ntuser.ini 2019-05-25 21:17 - 2014-03-22 13:00 - 000000000 ____D C:\Documents and Settings\luis combita 2019-05-25 21:16 - 2016-12-24 10:39 - 000000000 ____D C:\Documents and Settings\luis combita\Configuración local\temp 2019-05-25 20:51 - 2015-08-03 22:29 - 000002143 _____ C:\Documents and Settings\luis combita\Escritorio\Google Chrome.lnk 2019-05-25 20:49 - 2012-01-05 13:57 - 000000000 ____D C:\Archivos de programa\WinRar 2019-05-25 20:45 - 2016-11-17 18:40 - 000000000 ____D C:\Archivos de programa\Mozilla Firefox 2019-05-25 19:20 - 2018-01-15 19:22 - 000000000 ____D C:\Documents and Settings\luis combita\Datos de programa\uTorrent 2019-05-25 19:20 - 2012-03-11 05:22 - 000000000 ____D C:\Archivos de programa\Microsoft ActiveSync 2019-05-25 19:03 - 2015-08-13 12:35 - 000001580 _____ C:\Documents and Settings\Ana\Escritorio\Opera.lnk 2019-05-24 20:24 - 2011-12-27 18:15 - 000000000 ___DC C:\WINDOWS\system32\dllcache 2019-05-24 20:23 - 2015-08-03 22:29 - 000001880 _____ C:\Documents and Settings\luis combita\Menú Inicio\Programas\Google Chrome.lnk 2019-05-24 20:14 - 2014-06-11 12:58 - 000000000 ____D C:\Documents and Settings\Ana\Escritorio\Accesos Directos 2019-05-24 18:15 - 2015-08-27 18:21 - 000000000 ____D C:\Documents and Settings\Ana\Configuración local\Datos de programa\MEGAsync 2019-05-24 18:12 - 2012-09-16 17:34 - 000000000 ____D C:\WINDOWS\pss 2019-05-24 18:12 - 2011-12-27 18:11 - 000000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio 2019-05-24 13:33 - 2019-03-29 13:03 - 000001874 _____ C:\Documents and Settings\Ana\Escritorio\Google Chrome.lnk 2019-05-23 23:42 - 2014-03-22 13:00 - 000000000 ___HD C:\Documents and Settings\luis combita\Configuración local\Datos de programa 2019-05-23 23:42 - 2012-07-09 18:42 - 000000000 ____D C:\Archivos de programa\Google 2019-05-23 23:29 - 2012-06-16 18:57 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-05-23 23:24 - 2011-12-27 23:21 - 000000000 ____D C:\Archivos de programa\Windows Desktop Search 2019-05-23 20:56 - 2014-03-22 13:00 - 000000000 ___RD C:\Documents and Settings\luis combita\Mis documentos 2019-05-23 20:54 - 2014-03-22 13:00 - 000000000 __RHD C:\Documents and Settings\luis combita\Reciente 2019-05-23 20:33 - 2014-03-22 13:00 - 000000000 __SHD C:\Documents and Settings\luis combita\Configuración local\Archivos temporales de Internet 2019-05-23 13:12 - 2013-12-08 18:08 - 000000000 ____D C:\Archivos de programa\Cheating-Death 2019-05-22 20:24 - 2012-08-07 18:00 - 000000000 ____D C:\Archivos de programa\Unlocker 2019-05-22 20:23 - 2017-09-30 13:38 - 000000000 __SHD C:\Documents and Settings\LocalService.NT AUTHORITY.000\Configuración local\Archivos temporales de Internet 2019-05-22 20:23 - 2017-09-30 13:38 - 000000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY.000\Configuración local\Temp 2019-05-22 20:23 - 2016-12-28 00:13 - 000000000 ___HD C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet 2019-05-22 20:23 - 2016-12-28 00:13 - 000000000 ____D C:\Documents and Settings\Administrador\Configuración local\temp 2019-05-22 20:23 - 2011-12-28 16:27 - 000000000 __SHD C:\Documents and Settings\Invitado\Configuración local\Archivos temporales de Internet 2019-05-22 20:23 - 2011-12-27 23:41 - 000000000 ___HD C:\Documents and Settings\NetworkService\Configuración local\Archivos temporales de Internet 2019-05-22 20:23 - 2011-12-27 18:11 - 000000000 __SHD C:\Documents and Settings\Default User\Configuración local\Archivos temporales de Internet 2019-05-22 20:08 - 2012-02-12 16:32 - 000000000 ____D C:\Documents and Settings\Ana\Datos de programa 2019-05-22 19:55 - 2016-12-28 00:13 - 000000192 ___SH C:\Documents and Settings\Administrador\ntuser.ini 2019-05-21 21:14 - 2011-12-27 18:15 - 000000000 ___HD C:\WINDOWS\inf 2019-05-21 19:05 - 2011-12-27 17:53 - 000000000 ____D C:\Documents and Settings 2019-05-21 19:01 - 2017-09-30 13:38 - 000000000 __SHD C:\Documents and Settings\LocalService.NT AUTHORITY.000 2019-05-21 19:01 - 2016-12-28 00:13 - 000000000 ____D C:\Documents and Settings\Administrador 2019-05-21 19:01 - 2011-12-28 16:27 - 000000000 ____D C:\Documents and Settings\Invitado 2019-05-21 19:01 - 2011-12-27 23:41 - 000000000 __SHD C:\Documents and Settings\NetworkService 2019-05-21 19:00 - 2011-12-27 23:22 - 000000000 ____D C:\WINDOWS\Registration 2019-05-21 18:55 - 2015-07-31 17:03 - 000000000 ____D C:\Games 2019-05-21 18:50 - 2011-12-27 23:29 - 000000000 ____D C:\Archivos de programa\Microsoft Silverlight 2019-05-21 14:03 - 2001-08-24 06:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl 2019-05-20 20:57 - 2018-08-22 19:16 - 000000000 ____D C:\Archivos de programa\7-Zip 2019-05-20 20:30 - 2016-06-01 17:45 - 000000000 ____D C:\Documents and Settings\Ana\Mis documentos\Descargas 2019-05-20 20:05 - 2015-12-12 14:44 - 000000000 ____D C:\Archivos de programa\DIFX 2019-05-20 19:39 - 2015-08-12 11:47 - 000000000 ____D C:\Archivos de programa\UltraISO 2019-05-20 19:39 - 2015-07-06 15:55 - 000000000 ____D C:\Archivos de programa\Notepad++ 2019-05-20 18:21 - 2012-02-12 16:32 - 000000000 ____D C:\Documents and Settings\Ana\Menú Inicio\Programas 2019-05-18 20:46 - 2014-12-28 18:55 - 000000000 ____D C:\Documents and Settings\Ana\Escritorio\AK433 2019-05-18 18:22 - 2016-09-08 00:48 - 000000000 _____ C:\WINDOWS\system32\last.dump 2019-05-18 18:10 - 2011-12-31 22:02 - 000000000 ___HD C:\Archivos de programa\InstallShield Installation Information 2019-05-18 09:43 - 2014-03-22 13:01 - 000000000 ___RD C:\Documents and Settings\luis combita\Mis documentos\Mis imágenes 2019-05-15 17:06 - 2015-09-06 18:08 - 000000000 ____D C:\Documents and Settings\Ana\Datos de programa\vlc 2019-05-08 19:27 - 2019-01-19 19:08 - 000000000 ____D C:\Documents and Settings\Ana\Escritorio\Argelis 2019-05-08 19:27 - 2012-02-12 16:42 - 000000000 ____D C:\Documents and Settings\Ana\Datos de programa\Adobe 2019-05-06 12:18 - 2011-12-27 18:12 - 001336958 ____C C:\WINDOWS\system32\PerfStringBackup.INI 2019-05-06 12:18 - 2001-08-24 06:00 - 000598658 _____ C:\WINDOWS\system32\perfh00A.dat 2019-05-06 12:18 - 2001-08-24 06:00 - 000123456 _____ C:\WINDOWS\system32\perfc00A.dat 2019-05-05 16:27 - 2014-07-13 13:20 - 000000000 ___RD C:\Documents and Settings\Ana\Escritorio\Android 2019-05-04 17:21 - 2011-12-27 18:52 - 000000250 ___SH C:\boot.ini 2019-05-04 17:21 - 2001-08-24 06:00 - 000000769 _____ C:\WINDOWS\win.ini 2019-05-04 17:21 - 2001-08-24 06:00 - 000000275 _____ C:\WINDOWS\system.ini 2019-05-02 19:33 - 2011-12-27 18:15 - 000000000 ____D C:\WINDOWS\Network Diagnostic 2019-05-02 18:10 - 2017-01-03 00:47 - 000000000 ____D C:\Archivos de programa\EviSoft 2019-05-01 18:16 - 2018-01-04 18:42 - 000002345 _____ C:\Documents and Settings\Ana\cookie.txt 2019-04-30 11:17 - 2018-09-05 21:59 - 000000000 ____D C:\Documents and Settings\luis combita\Datos de programa\vlc 2019-04-29 18:26 - 2011-12-27 23:27 - 000000000 ____D C:\WINDOWS\system32\DirectX ==================== Files in the root of some directories ======= 2013-07-14 11:30 - 2013-05-15 11:30 - 000000032 ___RC () C:\Documents and Settings\All Users\hash.dat 2018-11-20 20:07 - 2018-11-20 20:07 - 000000257 _____ () C:\Documents and Settings\Ana\mdatac.dat 2012-03-11 05:22 - 2012-03-11 05:22 - 000002528 ____C () C:\Documents and Settings\Ana\Datos de programa\$_hpcst$.hpc 2017-01-07 00:51 - 2017-01-07 02:29 - 000000035 _____ () C:\Documents and Settings\All Users\Datos de programa\droidcam-settings 2016-03-18 12:10 - 2016-03-18 12:11 - 000000376 _____ () C:\Documents and Settings\All Users\Datos de programa\IpodRescue.ini 2015-01-01 14:46 - 2015-01-01 14:46 - 000000016 ____C () C:\Documents and Settings\All Users\Datos de programa\mntemp 2014-09-30 20:34 - 2014-09-30 20:34 - 005392384 ____C (CipSoft GmbH) C:\Documents and Settings\All Users\Datos de programa\Tibia.bak 2014-09-30 20:33 - 2014-09-30 20:33 - 003973756 ____C () C:\Documents and Settings\All Users\Datos de programa\Tibia_pic.bak 2014-09-30 20:32 - 2014-09-30 20:32 - 120118012 ____C () C:\Documents and Settings\All Users\Datos de programa\Tibia_spr.bak ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe [2009-11-24 10:32] - [2009-11-24 10:32] - 001036288 _____ (Microsoft Corporation) CA36EA502EDC55F0BB553F35CEEFDED1 C:\WINDOWS\system32\winlogon.exe [2009-11-24 10:33] - [2009-11-24 10:33] - 000512512 _____ (Microsoft Corporation) DF9D6523F0260D050F91145E329CB754 C:\WINDOWS\system32\svchost.exe [2009-11-24 10:33] - [2009-11-24 10:33] - 000014848 _____ (Microsoft Corporation) 67E38B4A549833E02D4D1617B5DBC318 C:\WINDOWS\system32\services.exe [2009-11-24 10:32] - [2009-11-24 10:32] - 000111104 _____ (Microsoft Corporation) AA6E1769469F9D15603A619FC1FB9E18 C:\WINDOWS\system32\rpcss.dll [2009-11-24 10:32] - [2009-11-24 10:32] - 000401408 _____ (Microsoft Corporation) AEF41FC6F108CC4F94F9B4E96AFA9C70 C:\WINDOWS\system32\dnsapi.dll [2009-11-24 10:32] - [2011-03-03 02:53] - 000149504 _____ (Microsoft Corporation) 7C6CB9B5FABFBBD708299C67C8480614 ==================== End of FRST.txt ============================