Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21.11.2018 Ran by Administrador (administrator) on HERNAN-03229A75 (25-11-2018 20:47:48) Running from C:\Documents and Settings\Administrador\Escritorio Loaded Profiles: Administrador (Available Profiles: Administrador & Invitado) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: Español (alfabetización internacional) Internet Explorer Version 6 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Oracle Corporation) C:\Archivos de programa\Java\jre7\bin\jqs.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (PixArt Imaging Incorporation) C:\WINDOWS\PixArt\Pac7302\Monitor.exe (Adobe Systems Incorporated) C:\Archivos de programa\Adobe\Reader 9.0\Reader\reader_sl.exe (InstallShield Software Corporation) C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe (Oracle Corporation) C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Nero AG) C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe (Piriform Ltd) C:\Archivos de programa\CCleaner\CCleaner.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Nero AG) C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexStoreSvr.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17881600 2009-05-21] (Realtek Semiconductor Corp.) HKLM\...\Run: [NeroFilterCheck] => C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG) HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated) HKLM\...\Run: [ISUSScheduler] => C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation) Winlogon\Notify\!SASWinLogon: C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL [X] HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe [139264 2006-09-13] (Nero AG) HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\Run: [CCleaner Smart Cleaning] => C:\Archivos de programa\CCleaner\CCleaner.exe [13797712 2018-08-24] (Piriform Ltd) HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {26ab4b02-ee2e-11e0-a0b4-00e04d917897} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {2f131a81-9ac9-11e0-a007-00e04d917897} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {4385b2a0-aa61-11e0-a038-00e04d917897} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {79abbba4-a5d4-11e0-a025-00e04d917897} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {8350af28-d76d-11e0-a076-00e04d917897} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {b41343a4-abfd-11e1-a1cf-b98e3f72e29a} - E:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {b41343aa-abfd-11e1-a1cf-f2708756a6cd} - E:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {b8759478-dcd8-11e0-a07b-00e04d917897} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {b96b3cf2-7756-11e1-a195-ed8c861c7000} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {b96b3cf4-7756-11e1-a195-ed8c861c7000} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {e86270df-4f6a-11e1-a132-00e04d917897} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {ec06156c-67c4-11e0-9f88-00e04d917897} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {f716f258-64cd-11e1-a159-b69b172686b5} - G:\AutoRun.exe HKU\S-1-5-21-1801674531-2025429265-839522115-500\...\MountPoints2: {fc5e0438-4f6d-11e1-a133-80f663d6c828} - G:\AutoRun.exe ShellExecuteHooks: No Name - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - -> No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: Hosts file not detected in the default directory Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-1801674531-2025429265-839522115-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKU\S-1-5-21-1801674531-2025429265-839522115-500\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie URLSearchHook: HKU\S-1-5-21-1801674531-2025429265-839522115-500 - Hook de búsqueda de direcciones URL de Microsoft - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) SearchScopes: HKLM -> DefaultScope value is missing SearchScopes: HKU\S-1-5-21-1801674531-2025429265-839522115-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated) BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Archivos de programa\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Archivos de programa\Java\jre7\bin\ssv.dll [2016-06-29] (Oracle Corporation) BHO: Windows Live Aplicación auxiliar de inicio de sesión -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll [2016-06-29] (Oracle Corporation) Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll [2006-10-26] (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\2gk05fkv.default [2018-11-25] FF Extension: (Microsoft Choice Guard) - C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\2gk05fkv.default\Extensions\ChoiceGuard@Microsoft [2011-05-02] [Legacy] [not signed] FF Extension: (Microsoft .NET Framework Assistant) - C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\2gk05fkv.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}(2) [2011-04-13] [Legacy] [not signed] FF Extension: (DownloadHelper) - C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\2gk05fkv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-02-22] [Legacy] [not signed] FF Extension: (DownloadHelper) - C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\2gk05fkv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2) [2011-04-13] [Legacy] [not signed] FF Extension: (DownloadHelper) - C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\2gk05fkv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(3) [2012-01-25] [Legacy] [not signed] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-07-09] [Legacy] [not signed] FF HKLM\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Archivos de programa\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension FF Extension: (Search Helper Extension) - C:\Archivos de programa\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2012-07-19] [Legacy] [not signed] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2012-02-22] () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Archivos de programa\Google\Picasa3\npPicasa3.dll [2010-01-08] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Archivos de programa\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-06-29] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Archivos de programa\Java\jre7\bin\plugin2\npjp2.dll [2016-06-29] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Archivos de programa\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll [No File] FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Archivos de programa\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin: Adobe Reader -> C:\Archivos de programa\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 gusvc; C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe [136120 2008-11-20] (Google) S4 IDriverT; C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-13] (Macrovision Corporation) [File not signed] R2 JavaQuickStarterService; C:\Archivos de programa\Java\jre7\bin\jqs.exe [182696 2016-06-29] (Oracle Corporation) S4 NBService; C:\Archivos de programa\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-09-12] (Nero AG) [File not signed] S4 odserv; C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation) S4 ose; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation) S4 SeaPort; C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [249136 2010-07-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative) R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2010-11-23] () [File not signed] R1 BIOS; C:\WINDOWS\system32\drivers\BIOS.sys [13696 2005-03-16] (BIOSTAR Group) [File not signed] S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S3 dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [223128 2017-01-21] (DT Soft Ltd.) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2010-11-23] () [File not signed] S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 PAC7302; C:\WINDOWS\System32\DRIVERS\PAC7302.SYS [457856 2007-06-14] (PixArt Imaging Inc.) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [664064 2017-01-21] () S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X] S3 Huawei; system32\DRIVERS\ewdcsc.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] S4 IntelIde; no ImagePath S3 massfilter; system32\drivers\massfilter.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-11-25 20:47 - 2018-11-25 20:47 - 000015295 _____ C:\Documents and Settings\Administrador\Escritorio\FRST.txt 2018-11-25 20:47 - 2018-11-25 20:47 - 000000000 ____D C:\FRST 2018-11-25 18:31 - 2018-11-25 20:46 - 000000000 ____D C:\Documents and Settings\Administrador\Doctor Web 2018-11-25 18:31 - 2018-11-25 20:42 - 000065536 _____ C:\WINDOWS\system32\config\Doctor Web.evt 2018-11-25 18:31 - 2018-11-25 18:31 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\Doctor Web 2018-11-25 18:30 - 2018-11-25 18:15 - 001775616 _____ (Farbar) C:\Documents and Settings\Administrador\Escritorio\FRST.exe 2018-11-25 18:29 - 2018-11-25 18:14 - 181409784 _____ C:\Documents and Settings\Administrador\Escritorio\cureit.exe 2018-11-25 10:51 - 2018-11-25 12:12 - 000000000 ____D C:\Documents and Settings\Administrador\Datos de programa\vlc 2018-11-25 10:51 - 2018-11-25 10:51 - 000000768 _____ C:\Documents and Settings\All Users\Escritorio\VLC media player.lnk 2018-11-25 10:51 - 2018-11-25 10:51 - 000000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\VideoLAN 2018-11-25 10:50 - 2018-11-25 10:50 - 000000000 ____D C:\Archivos de programa\VideoLAN 2018-11-22 19:15 - 2018-11-22 19:15 - 000000000 ____D C:\Documents and Settings\Administrador\Escritorio\nacionales 2018-11-22 19:15 - 2018-11-22 19:15 - 000000000 ____D C:\Documents and Settings\Administrador\Escritorio\fotos celdad ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-11-25 20:47 - 2010-10-13 06:05 - 000000000 ____D C:\Documents and Settings\Administrador\Escritorio 2018-11-25 20:47 - 2010-10-13 06:05 - 000000000 ____D C:\Documents and Settings\Administrador\Configuración local\Temp 2018-11-25 20:45 - 2011-03-19 15:05 - 000000504 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{19E9699C-F246-4B29-8057-AF6E25C5038A}.job 2018-11-25 20:44 - 2018-09-13 23:29 - 000000358 ____H C:\WINDOWS\Tasks\CCleaner Update.job 2018-11-25 20:43 - 2010-10-13 06:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-11-25 20:42 - 2014-06-26 09:01 - 000032428 _____ C:\WINDOWS\SchedLgU.Txt 2018-11-25 20:42 - 2010-10-13 06:05 - 000000192 ___SH C:\Documents and Settings\Administrador\ntuser.ini 2018-11-25 20:40 - 2010-10-13 06:50 - 000000000 ____D C:\Documents and Settings\All Users 2018-11-25 18:31 - 2010-10-13 06:50 - 000000000 __RHD C:\Documents and Settings\All Users\Datos de programa 2018-11-25 18:31 - 2010-10-13 06:05 - 000000000 ____D C:\Documents and Settings\Administrador 2018-11-25 18:26 - 2014-10-25 11:47 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\Malwarebytes 2018-11-25 18:26 - 2010-10-13 06:51 - 000000000 ___RD C:\Archivos de programa 2018-11-25 18:26 - 2010-10-13 06:50 - 000000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas 2018-11-25 11:27 - 2010-10-13 06:05 - 000000000 ___SD C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet 2018-11-25 10:54 - 2010-10-29 12:16 - 000172544 _____ C:\Documents and Settings\Administrador\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-11-25 10:54 - 2010-10-29 12:16 - 000000116 _____ C:\WINDOWS\NeroDigital.ini 2018-11-25 10:53 - 2010-10-29 16:42 - 000000096 _____ C:\Documents and Settings\Administrador\default.pls 2018-11-25 10:51 - 2010-10-13 06:50 - 000000000 ____D C:\Documents and Settings\All Users\Escritorio 2018-11-25 10:51 - 2010-10-13 06:05 - 000000000 ____D C:\Documents and Settings\Administrador\Datos de programa 2018-11-25 10:34 - 2010-10-13 06:05 - 000000000 ___HD C:\Documents and Settings\Administrador\Configuración local 2018-11-25 10:32 - 2001-08-24 05:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl 2018-11-22 20:02 - 2010-10-13 07:45 - 000000000 RSHDC C:\WINDOWS\system32\dllcache 2018-11-22 19:57 - 2014-06-24 18:39 - 000000000 ____D C:\Archivos de programa\CCleaner 2018-11-22 19:55 - 2010-10-13 07:45 - 000000000 ___HD C:\WINDOWS\inf 2018-11-22 19:55 - 2010-10-13 06:51 - 000000000 ____D C:\Archivos de programa\Archivos comunes\Microsoft Shared 2018-11-22 19:55 - 2010-10-13 06:51 - 000000000 ____D C:\Archivos de programa\Archivos comunes 2018-11-22 19:25 - 2010-10-13 06:20 - 000000000 __HDC C:\WINDOWS\$NtServicePackUninstall$ 2018-11-22 18:50 - 2018-10-15 11:03 - 000000000 ____D C:\Documents and Settings\Administrador\Escritorio\nan 2018-11-22 18:45 - 2018-05-31 14:51 - 000087912 _____ C:\Documents and Settings\Administrador\Configuración local\Datos de programa\GDIPFONTCACHEV1.DAT 2018-11-22 18:01 - 2018-09-15 09:47 - 000000000 ____D C:\AdwCleaner ==================== Files in the root of some directories ======= 2012-03-29 18:12 - 2001-05-24 12:59 - 000162304 ____C () C:\Archivos de programa\UNWISE.EXE 2010-11-13 14:21 - 2008-03-09 01:25 - 000000236 ___HC () C:\Archivos de programa\Archivos comunes\dx.reg 2013-01-28 09:27 - 2013-04-14 11:34 - 000003194 ____C () C:\Documents and Settings\Administrador\Datos de programa\SAS7_000.DAT 2010-10-29 12:16 - 2018-11-25 10:54 - 000172544 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-04-13 10:23 - 2011-04-13 10:23 - 000095640 ____C () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\FASTWiz.log 2016-04-03 12:06 - 2016-04-03 12:06 - 000000001 ____C () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\llftool.4.12.agreement Some files in TEMP: ==================== 2018-10-14 22:55 - 2008-04-14 00:48 - 002091520 _____ (Microsoft Corporation) C:\Documents and Settings\Administrador\Configuración local\Temp\cdo1639322225.dll 2011-06-18 23:07 - 2006-09-13 04:18 - 000049152 ____C (Nero AG) C:\Documents and Settings\Invitado\Configuración local\Temp\NeroSearchTrayHook_{8EEBD1C9-132F-458D-A450-9C33047140E2}.dll Some zero byte size files/folders: ========================== C:\Windows\System32\nsprs.dll C:\Windows\System32\serauth1.dll C:\Windows\System32\serauth2.dll C:\Windows\System32\ssprs.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================