Hola, este es mi bloc, ya tengo un tema abierto pero sigo indicaciones.

Estado
Cerrado para nuevas respuestas

emmchio

Miembro
Miembro
Hola buenas noches a todos.

Tengo un tema abierto con el siguiente titulo:
Se han eliminado temporalmente todos los sitios de descargas?

y siguiendo las reglas de solucion de problema, al que tengo actuamente, pego mi bloc:
Insertar CODE, HTML o PHP:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:32, on 08/08/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ASRock Utility\OCTuner\ASROC.exe
C:\Windows\Explorer.EXE
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\DFX\DFX.exe
C:\Program Files\DFX\Universal\Apps\DfxSharedApp32.exe
C:\Program Files\DFX\Universal\Apps\dfxItunesSong.exe
C:\Program Files\Origin\Origin.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\Origin Games\FIFA 12\Game\fifa.exe
C:\Program Files\ORIGIN~1\FIFA12~1\Game\Core\EACoreServer.exe
C:\Users\EmmChio\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
C:\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKCU\..\Run: [EPSON Stylus CX7300 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDL.EXE /FU "C:\Users\EmmChio\AppData\Local\Temp\E_S7867.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
O4 - HKUS\S-1-5-21-476293004-1738655125-3981867584-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-476293004-1738655125-3981867584-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: DFX.lnk = ?
O8 - Extra context menu item: &Enviar a OneNote - res://C:\Program Files\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\Program Files\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Desfragmentador de disco (DEFRAGSVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Copias de seguridad de Windows (SDRSVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 16761 bytes
Gracias nuevamente.
 

jbex

El que peca y reza empata
Administrador
○» Cierra todas las aplicaciones.

○» Ejecuta el HijackThis y da clic en el botón Do a system scan only

○» Selecciona las casillas de las siguientes entradas y presiona el botón Fix Checked:
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
○» Cierra el Hijackhis.

Ahora descarga el ComboFix lo ejecutas siguiendo las indicaciones y nos pones su log en tu proxima respuesta.

Un saludo
 

emmchio

Miembro
Miembro
ComboFix 12-08-09.01 - EmmChio 09/08/2012 14:50:00.1.2 - x86
Microsoft Windows 7 Ultimate
Insertar CODE, HTML o PHP:
 6.1.7601.1.1252.34.3082.18.2047.1317 [GMT -4,5:30]
Running from: e:\pendrive\programas\ANTIVIRUS y MALWARE\ANTIMALWARE\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\install.exe
.
.
(((((((((((((((((((((((((   Files Created from 2012-07-09 to 2012-08-09  )))))))))))))))))))))))))))))))
.
.
2012-08-09 19:24 . 2012-08-09 19:24    --------    d-----w-    c:\users\EmmChio\AppData\Local\temp
2012-08-09 19:24 . 2012-08-09 19:24    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
2012-08-09 19:24 . 2012-08-09 19:24    --------    d-----w-    c:\users\Default\AppData\Local\temp
2012-08-09 19:24 . 2012-08-09 19:24    --------    d-----w-    c:\users\Administrador\AppData\Local\temp
2012-08-09 03:08 . 2012-08-09 03:08    --------    d-----w-    c:\program files\ESET
2012-08-09 02:44 . 2012-08-09 02:44    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\QuickScan
2012-08-09 02:24 . 2012-08-09 02:24    388096    ----a-r-    c:\users\EmmChio\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-09 02:24 . 2012-08-09 02:24    --------    d-----w-    C:\Trend Micro
2012-08-07 00:30 . 2012-08-07 00:30    --------    d-----w-    c:\program files\Ministars Software
2012-08-07 00:28 . 1997-11-19 21:19    303616    ----a-w-    c:\windows\IsUninst.exe
2012-08-06 02:08 . 2012-08-06 02:08    --------    d-----w-    c:\programdata\GroupPolicy
2012-08-06 01:22 . 2012-07-16 07:11    6891424    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{5A22C9C3-2094-45B3-8FA3-FD56722014F2}\mpengine.dll
2012-08-05 21:51 . 2012-08-05 21:51    --------    d-----w-    c:\program files\Remedy Entertainment
2012-08-05 21:14 . 2012-08-05 21:14    281760    ----a-w-    c:\windows\system32\drivers\atksgt.sys
2012-08-05 21:14 . 2012-08-05 21:14    25888    ----a-w-    c:\windows\system32\drivers\lirsgt.sys
2012-08-05 21:13 . 2012-08-05 21:13    --------    d-----w-    c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2012-08-05 21:13 . 2012-08-05 21:13    --------    d-----w-    c:\program files\Common Files\Wise Installation Wizard
2012-08-05 21:12 . 2012-08-05 21:42    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\Prison Break
2012-08-05 21:09 . 2012-08-05 21:09    --------    d-----w-    c:\program files\Deep Silver
2012-08-05 20:19 . 2012-08-05 20:19    --------    d-----w-    c:\program files\Dark Energy Digital Ltd
2012-08-05 19:20 . 2012-08-05 19:21    --------    d--h--w-    c:\windows\msdownld.tmp
2012-08-05 19:03 . 2012-08-05 19:03    --------    d-----w-    c:\program files\VictorVal
2012-08-05 04:57 . 2012-08-06 02:23    --------    d-----w-    c:\program files\JDownloader
2012-08-05 04:52 . 2012-08-05 04:52    --------    d-----w-    c:\windows\Sun
2012-08-05 04:44 . 2012-08-05 04:44    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\SeriousBit
2012-08-05 04:44 . 2012-08-05 04:44    --------    d-----w-    c:\program files\EnhanceMySe7en
2012-08-04 23:47 . 2012-08-04 23:47    --------    d-----w-    c:\users\EmmChio\AppData\Local\Ilivid Player
2012-08-03 15:11 . 2012-08-03 15:11    3968368    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2012-08-03 15:11 . 2012-08-03 15:11    3913072    ----a-w-    c:\windows\system32\ntoskrnl.exe
2012-08-03 15:10 . 2012-08-03 15:10    2048    ----a-w-    c:\windows\system32\msxml3r.dll
2012-08-03 15:10 . 2012-08-03 15:10    1236992    ----a-w-    c:\windows\system32\msxml3.dll
2012-08-03 15:10 . 2012-08-03 15:10    1390080    ----a-w-    c:\windows\system32\msxml6.dll
2012-08-03 15:10 . 2012-08-03 15:10    67440    ----a-w-    c:\windows\system32\drivers\ksecdd.sys
2012-08-03 15:10 . 2012-08-03 15:10    369336    ----a-w-    c:\windows\system32\drivers\cng.sys
2012-08-03 15:10 . 2012-08-03 15:10    225280    ----a-w-    c:\windows\system32\schannel.dll
2012-08-03 15:10 . 2012-08-03 15:10    219136    ----a-w-    c:\windows\system32\ncrypt.dll
2012-08-03 15:10 . 2012-08-03 15:10    134000    ----a-w-    c:\windows\system32\drivers\ksecpkg.sys
2012-08-03 15:08 . 2012-08-03 15:08    8192    ----a-w-    c:\windows\system32\rdrmemptylst.exe
2012-08-03 15:08 . 2012-08-03 15:08    58880    ----a-w-    c:\windows\system32\rdpwsx.dll
2012-08-03 15:08 . 2012-08-03 15:08    129536    ----a-w-    c:\windows\system32\rdpcorekmts.dll
2012-08-03 15:08 . 2012-08-03 15:08    919040    ----a-w-    c:\windows\system32\rdpcorets.dll
2012-08-03 15:08 . 2012-08-03 15:08    183808    ----a-w-    c:\windows\system32\drivers\rdpwd.sys
2012-08-03 15:08 . 2012-08-03 15:08    56176    ----a-w-    c:\windows\system32\drivers\partmgr.sys
2012-08-03 15:08 . 2012-08-03 15:08    1291632    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2012-08-03 15:06 . 2012-08-03 15:06    314880    ----a-w-    c:\windows\system32\webio.dll
2012-08-03 15:05 . 2012-08-03 15:05    94208    ----a-w-    c:\program files\Common Files\System\Ole DB\msdaosp.dll
2012-08-03 15:04 . 2012-08-03 15:04    1164288    ----a-w-    c:\windows\system32\mfc42u.dll
2012-08-03 15:04 . 2012-08-03 15:04    1137664    ----a-w-    c:\windows\system32\mfc42.dll
2012-08-03 15:04 . 2012-08-03 15:04    850944    ----a-w-    c:\windows\system32\sbe.dll
2012-08-03 15:04 . 2012-08-03 15:04    642048    ----a-w-    c:\windows\system32\CPFilters.dll
2012-08-03 15:04 . 2012-08-03 15:04    199680    ----a-w-    c:\windows\system32\mpg2splt.ax
2012-08-03 15:04 . 2012-08-03 15:04    542208    ----a-w-    c:\windows\system32\kerberos.dll
2012-08-03 01:58 . 2012-08-03 02:03    --------    d-----w-    c:\program files\IP Locator
2012-08-02 22:45 . 2012-08-03 22:47    --------    d-----w-    c:\program files\uTorrent
2012-08-02 22:44 . 2012-08-04 16:21    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\uTorrent
2012-08-01 01:58 . 2012-08-01 01:58    --------    d-----w-    c:\program files\EPSON
2012-08-01 00:56 . 2012-08-01 01:58    --------    d-----w-    c:\programdata\EPSON
2012-08-01 00:48 . 2006-12-08 06:34    76800    ----a-w-    c:\windows\system32\E_FLBCDL.DLL
2012-08-01 00:48 . 2006-04-19 06:30    62976    ----a-w-    c:\windows\system32\E_FD4BCDL.DLL
2012-07-26 17:58 . 2012-05-24 15:17    21888    ----a-w-    c:\windows\system32\RegistryDefragBootTime.exe
2012-07-26 17:45 . 2012-07-26 17:45    --------    d-----w-    c:\programdata\IObit
2012-07-26 17:44 . 2012-07-30 18:39    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\IObit
2012-07-26 17:44 . 2012-07-26 17:44    --------    d-----w-    c:\program files\IObit
2012-07-25 20:06 . 2012-07-25 20:06    --------    d-----w-    c:\users\UpdatusUser\AppData\Roaming\vlc
2012-07-25 20:06 . 2012-07-25 20:06    --------    d-----w-    c:\users\Invitado
2012-07-25 20:06 . 2012-07-25 20:06    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\vlc
2012-07-25 20:06 . 2012-07-25 20:06    --------    d-----w-    c:\users\Administrador\AppData\Roaming\vlc
2012-07-25 00:26 . 2012-07-25 01:16    --------    d-----w-    c:\users\EmmChio\AppData\Local\Origin
2012-07-24 16:01 . 2012-07-24 16:03    409088    ----a-w-    c:\windows\system32\systemcplx86.dll
2012-07-24 04:19 . 2012-07-24 04:19    --------    d-----w-    c:\users\EmmChio\temp
2012-07-24 04:19 . 2012-07-24 04:19    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\TeamViewer
2012-07-24 03:12 . 2012-07-31 01:05    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\TS3Client
2012-07-24 03:12 . 2012-07-24 03:12    --------    d-----w-    c:\program files\TeamSpeak 3 Client
2012-07-18 21:42 . 2012-08-05 22:09    --------    d-----w-    c:\users\EmmChio\AppData\Local\SKIDROW
2012-07-13 22:18 . 2012-07-13 22:18    --------    d-----w-    c:\windows\H.A.W.X. Black Edition
2012-07-12 20:56 . 2012-07-12 20:56    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\Iminent
2012-07-12 20:53 . 2012-08-09 19:15    --------    d-----w-    c:\program files\Yontoo
2012-07-12 20:53 . 2012-08-01 00:52    --------    d-----w-    c:\programdata\Tarma Installer
2012-07-12 20:52 . 2012-08-01 00:52    --------    d-----w-    c:\program files\1ClickDownload
2012-07-12 20:20 . 2012-08-09 01:00    --------    d-----w-    c:\program files\mIRC
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-03 23:11 . 2012-06-12 02:50    70344    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-03 23:11 . 2012-06-12 02:50    426184    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2012-07-03 18:16 . 2012-06-12 01:48    22344    ----a-w-    c:\windows\system32\drivers\mbam.sys
2012-06-24 03:42 . 2011-03-28 23:06    19736    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-02 22:19 . 2012-06-28 16:26    53784    ----a-w-    c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-28 16:26    45080    ----a-w-    c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-28 16:26    35864    ----a-w-    c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-28 16:26    577048    ----a-w-    c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-28 16:26    1933848    ----a-w-    c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-28 16:26    2422272    ----a-w-    c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-28 16:26    88576    ----a-w-    c:\windows\system32\wudriver.dll
2012-06-02 19:49 . 2012-06-28 16:26    171904    ----a-w-    c:\windows\system32\wuwebv.dll
2012-06-02 19:42 . 2012-06-28 16:26    33792    ----a-w-    c:\windows\system32\wuapp.exe
2012-05-31 16:55 . 2012-06-12 02:13    237072    ------w-    c:\windows\system32\MpSigStub.exe
2012-05-15 10:26 . 2012-06-12 04:40    61248    ----a-w-    c:\windows\system32\OpenCL.dll
2012-05-15 10:26 . 2012-06-12 04:36    883008    ----a-w-    c:\windows\system32\nvgenco32.dll
2012-05-15 10:26 . 2012-06-12 04:36    8105280    ----a-w-    c:\windows\system32\nvwgf2um.dll
2012-05-15 10:26 . 2012-06-12 04:36    5982528    ----a-w-    c:\windows\system32\nvcuda.dll
2012-05-15 10:26 . 2012-06-12 04:36    2524992    ----a-w-    c:\windows\system32\nvcuvid.dll
2012-05-15 10:26 . 2012-06-12 04:36    2445120    ----a-w-    c:\windows\system32\nvcuvenc.dll
2012-05-15 10:26 . 2012-06-12 04:36    19607872    ----a-w-    c:\windows\system32\nvoglv32.dll
2012-05-15 10:26 . 2012-06-12 04:36    15322432    ----a-w-    c:\windows\system32\nvd3dum.dll
2012-05-15 10:26 . 2012-06-12 04:36    11354944    ----a-w-    c:\windows\system32\drivers\nvlddmkm.sys
2012-05-15 10:26 . 2012-06-12 04:36    1000768    ----a-w-    c:\windows\system32\nvdispco32.dll
2012-05-15 10:26 . 2012-06-12 04:36    2368832    ----a-w-    c:\windows\system32\nvapi.dll
2012-05-15 10:26 . 2012-06-12 04:36    17551680    ----a-w-    c:\windows\system32\nvcompiler.dll
2012-05-15 09:28 . 2012-06-12 04:41    2561344    ----a-w-    c:\windows\system32\nvsvcr.dll
2012-05-15 09:28 . 2012-06-12 04:41    645440    ----a-w-    c:\windows\system32\nvvsvc.exe
2012-05-15 09:28 . 2012-06-12 04:41    62272    ----a-w-    c:\windows\system32\nvshext.dll
2012-05-15 09:28 . 2012-06-12 04:41    108352    ----a-w-    c:\windows\system32\nvmctray.dll
2012-05-15 09:28 . 2012-06-12 04:41    3931456    ----a-w-    c:\windows\system32\nvcpl.dll
2012-05-15 09:27 . 2012-06-12 04:41    2759488    ----a-w-    c:\windows\system32\nvsvc.dll
2012-05-15 06:51 . 2012-05-15 06:51    423744    ----a-w-    c:\windows\system32\nvStreaming.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-12-04 1728512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ       kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53    843712    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2012-02-02 15:55    3209216    ----a-w-    c:\program files\Ares\Ares.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-06-12 02:01    116648    ----atw-    c:\users\EmmChio\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-07-03 18:16    462920    ----a-w-    c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 15:37    252296    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AsrCDDrv;AsrCDDrv; [x]
R3 cpuz134;cpuz134;c:\users\EmmChio\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU; [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 AsrOcDrv;AsrOcDrv;c:\windows\system32\Drivers\AsrOcDrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASROCDRV
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 23:11]
.
2012-08-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-476293004-1738655125-3981867584-1000Core.job
- c:\users\EmmChio\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-12 02:01]
.
2012-08-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-476293004-1738655125-3981867584-1000UA.job
- c:\users\EmmChio\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-12 02:01]
.
.
------- Supplementary Scan -------
.
IE: &Enviar a OneNote - c:\program files\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xportar a Microsoft Excel - c:\program files\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
MSConfigStartUp-Advanced SystemCare 5 - c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
MSConfigStartUp-SDTray - c:\program files\Spybot - Search & Destroy 2\SDTray.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-08-09  14:56:57
ComboFix-quarantined-files.txt  2012-08-09 19:26
.
Pre-Run: 38.212.775.936 bytes libres
Post-Run: 38.484.832.256 bytes libres
.
- - End Of File - - DA877E1DC6DA6AF31696587A07C79CBC
Gracias nuevamente.
 

jbex

El que peca y reza empata
Administrador
Abre el notepad - no utilice otro tipo de editor de texto que el Bloc de notas o el script fallará.

- Clic en inicio -> ejecutar y escribe: notepad.exe

- Clic en aceptar

- Copia/pega el texto de la casilla de abajo en el notepad:
File::
c:\windows\msdownld.tmp
- Ve a la ventana del Bloc de notas y haz clic en Editar -> Pegar

- A continuación, haz clic en Archivo -> Guardar

- Nombre del archivo CFScript.txt

- Guarde el archivo en el escritorio

- Arrastra el archivo que acaba de crear ... CFScript.txt y soltar en el icono principal ComboFix.exe como se indica a continuación.



- Espera a que ComboFix termine de ejecutarse.

- Esto iniciará de nuevo ComboFix.

Después de reiniciar el sistema (en caso de que pida reiniciar), pega el contenido de Combofix.txt en la próxima respuesta.

Saludos.
 

emmchio

Miembro
Miembro
Pego el bloc del combo fix:
Insertar CODE, HTML o PHP:
ComboFix 12-08-09.01 - EmmChio 10/08/2012  17:06:11.3.2 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.34.3082.18.2047.1184 [GMT -4,5:30]
Running from: e:\pendrive\programas\ANTIVIRUS y MALWARE\ANTIVIR\ComboFix.exe
Command switches used :: e:\pendrive\programas\ANTIVIRUS y MALWARE\ANTIVIR\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\EmmChio\AppData\Roaming\info.who
c:\users\EmmChio\AppData\Roaming\mIRC\logs\status.log
.
.
(((((((((((((((((((((((((   Files Created from 2012-07-10 to 2012-08-10  )))))))))))))))))))))))))))))))
.
.
2012-08-10 21:40 . 2012-08-10 21:40    --------    d-----w-    c:\users\EmmChio\AppData\Local\temp
2012-08-10 21:40 . 2012-08-10 21:40    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
2012-08-10 21:40 . 2012-08-10 21:40    --------    d-----w-    c:\users\TEMP\AppData\Local\temp
2012-08-10 21:40 . 2012-08-10 21:40    --------    d-----w-    c:\users\Default\AppData\Local\temp
2012-08-10 21:40 . 2012-08-10 21:40    --------    d-----w-    c:\users\Administrador\AppData\Local\temp
2012-08-10 21:27 . 2012-08-10 21:27    --------    d-----w-    c:\users\EmmChio\AppData\Local\Diagnostics
2012-08-09 21:38 . 2012-08-09 21:38    --------    d-----w-    c:\program files\Panda Security
2012-08-09 19:43 . 2012-08-09 19:43    --------    d-----w-    c:\users\EmmChio\AppData\Local\SlimWare Utilities Inc
2012-08-09 19:42 . 2012-08-09 19:44    --------    d-----w-    c:\program files\SlimCleaner
2012-08-09 03:08 . 2012-08-09 03:08    --------    d-----w-    c:\program files\ESET
2012-08-09 02:44 . 2012-08-09 02:44    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\QuickScan
2012-08-09 02:24 . 2012-08-09 02:24    388096    ----a-r-    c:\users\EmmChio\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-09 02:24 . 2012-08-09 02:24    --------    d-----w-    C:\Trend Micro
2012-08-07 00:30 . 2012-08-07 00:30    --------    d-----w-    c:\program files\Ministars Software
2012-08-07 00:28 . 1997-11-19 21:19    303616    ----a-w-    c:\windows\IsUninst.exe
2012-08-06 02:08 . 2012-08-06 02:08    --------    d-----w-    c:\programdata\GroupPolicy
2012-08-06 01:22 . 2012-07-16 07:11    6891424    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{5A22C9C3-2094-45B3-8FA3-FD56722014F2}\mpengine.dll
2012-08-05 21:51 . 2012-08-05 21:51    --------    d-----w-    c:\program files\Remedy Entertainment
2012-08-05 21:14 . 2012-08-05 21:14    281760    ----a-w-    c:\windows\system32\drivers\atksgt.sys
2012-08-05 21:14 . 2012-08-05 21:14    25888    ----a-w-    c:\windows\system32\drivers\lirsgt.sys
2012-08-05 21:13 . 2012-08-05 21:13    --------    d-----w-    c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2012-08-05 21:13 . 2012-08-05 21:13    --------    d-----w-    c:\program files\Common Files\Wise Installation Wizard
2012-08-05 21:12 . 2012-08-05 21:42    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\Prison Break
2012-08-05 21:09 . 2012-08-05 21:09    --------    d-----w-    c:\program files\Deep Silver
2012-08-05 20:19 . 2012-08-05 20:19    --------    d-----w-    c:\program files\Dark Energy Digital Ltd
2012-08-05 19:20 . 2012-08-05 19:21    --------    d--h--w-    c:\windows\msdownld.tmp
2012-08-05 19:03 . 2012-08-05 19:03    --------    d-----w-    c:\program files\VictorVal
2012-08-05 04:57 . 2012-08-06 02:23    --------    d-----w-    c:\program files\JDownloader
2012-08-05 04:52 . 2012-08-05 04:52    --------    d-----w-    c:\windows\Sun
2012-08-05 04:44 . 2012-08-05 04:44    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\SeriousBit
2012-08-05 04:44 . 2012-08-05 04:44    --------    d-----w-    c:\program files\EnhanceMySe7en
2012-08-04 23:47 . 2012-08-04 23:47    --------    d-----w-    c:\users\EmmChio\AppData\Local\Ilivid Player
2012-08-03 15:11 . 2012-08-03 15:11    3968368    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2012-08-03 15:11 . 2012-08-03 15:11    3913072    ----a-w-    c:\windows\system32\ntoskrnl.exe
2012-08-03 15:10 . 2012-08-03 15:10    2048    ----a-w-    c:\windows\system32\msxml3r.dll
2012-08-03 15:10 . 2012-08-03 15:10    1236992    ----a-w-    c:\windows\system32\msxml3.dll
2012-08-03 15:10 . 2012-08-03 15:10    1390080    ----a-w-    c:\windows\system32\msxml6.dll
2012-08-03 15:10 . 2012-08-03 15:10    67440    ----a-w-    c:\windows\system32\drivers\ksecdd.sys
2012-08-03 15:10 . 2012-08-03 15:10    369336    ----a-w-    c:\windows\system32\drivers\cng.sys
2012-08-03 15:10 . 2012-08-03 15:10    225280    ----a-w-    c:\windows\system32\schannel.dll
2012-08-03 15:10 . 2012-08-03 15:10    219136    ----a-w-    c:\windows\system32\ncrypt.dll
2012-08-03 15:10 . 2012-08-03 15:10    134000    ----a-w-    c:\windows\system32\drivers\ksecpkg.sys
2012-08-03 15:09 . 2012-08-03 15:09    2345984    ----a-w-    c:\windows\system32\win32k.sys
2012-08-03 15:09 . 2012-08-03 15:09    805376    ----a-w-    c:\windows\system32\cdosys.dll
2012-08-03 15:09 . 2012-08-03 15:09    57344    ----a-w-    c:\program files\Common Files\System\ado\msador15.dll
2012-08-03 15:09 . 2012-08-03 15:09    372736    ----a-w-    c:\program files\Common Files\System\ado\msadox.dll
2012-08-03 15:09 . 2012-08-03 15:09    352256    ----a-w-    c:\program files\Common Files\System\ado\msadomd.dll
2012-08-03 15:09 . 2012-08-03 15:09    212992    ----a-w-    c:\program files\Common Files\System\msadc\msadco.dll
2012-08-03 15:09 . 2012-08-03 15:09    143360    ----a-w-    c:\program files\Common Files\System\ado\msjro.dll
2012-08-03 15:09 . 2012-08-03 15:09    1019904    ----a-w-    c:\program files\Common Files\System\ado\msado15.dll
2012-08-03 15:08 . 2012-08-03 15:08    8192    ----a-w-    c:\windows\system32\rdrmemptylst.exe
2012-08-03 15:08 . 2012-08-03 15:08    58880    ----a-w-    c:\windows\system32\rdpwsx.dll
2012-08-03 15:08 . 2012-08-03 15:08    129536    ----a-w-    c:\windows\system32\rdpcorekmts.dll
2012-08-03 15:08 . 2012-08-03 15:08    919040    ----a-w-    c:\windows\system32\rdpcorets.dll
2012-08-03 15:08 . 2012-08-03 15:08    183808    ----a-w-    c:\windows\system32\drivers\rdpwd.sys
2012-08-03 15:08 . 2012-08-03 15:08    56176    ----a-w-    c:\windows\system32\drivers\partmgr.sys
2012-08-03 15:08 . 2012-08-03 15:08    1291632    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2012-08-03 15:06 . 2012-08-03 15:06    314880    ----a-w-    c:\windows\system32\webio.dll
2012-08-03 15:05 . 2012-08-03 15:05    94208    ----a-w-    c:\program files\Common Files\System\Ole DB\msdaosp.dll
2012-08-03 15:04 . 2012-08-03 15:04    1164288    ----a-w-    c:\windows\system32\mfc42u.dll
2012-08-03 15:04 . 2012-08-03 15:04    1137664    ----a-w-    c:\windows\system32\mfc42.dll
2012-08-03 15:04 . 2012-08-03 15:04    850944    ----a-w-    c:\windows\system32\sbe.dll
2012-08-03 15:04 . 2012-08-03 15:04    642048    ----a-w-    c:\windows\system32\CPFilters.dll
2012-08-03 15:04 . 2012-08-03 15:04    199680    ----a-w-    c:\windows\system32\mpg2splt.ax
2012-08-03 15:04 . 2012-08-03 15:04    542208    ----a-w-    c:\windows\system32\kerberos.dll
2012-08-03 01:58 . 2012-08-03 02:03    --------    d-----w-    c:\program files\IP Locator
2012-08-02 22:45 . 2012-08-03 22:47    --------    d-----w-    c:\program files\uTorrent
2012-08-02 22:44 . 2012-08-04 16:21    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\uTorrent
2012-08-01 01:58 . 2012-08-01 01:58    --------    d-----w-    c:\program files\EPSON
2012-08-01 00:56 . 2012-08-01 01:58    --------    d-----w-    c:\programdata\EPSON
2012-08-01 00:48 . 2006-12-08 06:34    76800    ----a-w-    c:\windows\system32\E_FLBCDL.DLL
2012-08-01 00:48 . 2006-04-19 06:30    62976    ----a-w-    c:\windows\system32\E_FD4BCDL.DLL
2012-07-26 17:58 . 2012-05-24 15:17    21888    ----a-w-    c:\windows\system32\RegistryDefragBootTime.exe
2012-07-26 17:45 . 2012-07-26 17:45    --------    d-----w-    c:\programdata\IObit
2012-07-26 17:44 . 2012-07-30 18:39    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\IObit
2012-07-26 17:44 . 2012-07-26 17:44    --------    d-----w-    c:\program files\IObit
2012-07-25 20:06 . 2012-07-25 20:06    --------    d-----w-    c:\users\UpdatusUser\AppData\Roaming\vlc
2012-07-25 20:06 . 2012-07-25 20:06    --------    d-----w-    c:\users\Invitado
2012-07-25 20:06 . 2012-07-25 20:06    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\vlc
2012-07-25 20:06 . 2012-07-25 20:06    --------    d-----w-    c:\users\Administrador\AppData\Roaming\vlc
2012-07-25 00:26 . 2012-07-25 01:16    --------    d-----w-    c:\users\EmmChio\AppData\Local\Origin
2012-07-24 16:01 . 2012-07-24 16:03    409088    ----a-w-    c:\windows\system32\systemcplx86.dll
2012-07-24 04:19 . 2012-07-24 04:19    --------    d-----w-    c:\users\EmmChio\temp
2012-07-24 04:19 . 2012-07-24 04:19    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\TeamViewer
2012-07-24 03:12 . 2012-08-10 03:40    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\TS3Client
2012-07-24 03:12 . 2012-07-24 03:12    --------    d-----w-    c:\program files\TeamSpeak 3 Client
2012-07-18 21:42 . 2012-08-05 22:09    --------    d-----w-    c:\users\EmmChio\AppData\Local\SKIDROW
2012-07-13 22:18 . 2012-07-13 22:18    --------    d-----w-    c:\windows\H.A.W.X. Black Edition
2012-07-12 20:56 . 2012-07-12 20:56    --------    d-----w-    c:\users\EmmChio\AppData\Roaming\Iminent
2012-07-12 20:53 . 2012-08-09 19:15    --------    d-----w-    c:\program files\Yontoo
2012-07-12 20:53 . 2012-08-09 21:28    --------    d-----w-    c:\programdata\Tarma Installer
2012-07-12 20:52 . 2012-08-01 00:52    --------    d-----w-    c:\program files\1ClickDownload
2012-07-12 20:20 . 2012-08-09 01:00    --------    d-----w-    c:\program files\mIRC
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-03 23:11 . 2012-06-12 02:50    70344    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-03 23:11 . 2012-06-12 02:50    426184    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2012-07-03 18:16 . 2012-06-12 01:48    22344    ----a-w-    c:\windows\system32\drivers\mbam.sys
2012-06-24 03:42 . 2011-03-28 23:06    19736    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-02 22:19 . 2012-06-28 16:26    53784    ----a-w-    c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-28 16:26    45080    ----a-w-    c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-28 16:26    35864    ----a-w-    c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-28 16:26    577048    ----a-w-    c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-28 16:26    1933848    ----a-w-    c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-28 16:26    2422272    ----a-w-    c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-28 16:26    88576    ----a-w-    c:\windows\system32\wudriver.dll
2012-06-02 19:49 . 2012-06-28 16:26    171904    ----a-w-    c:\windows\system32\wuwebv.dll
2012-06-02 19:42 . 2012-06-28 16:26    33792    ----a-w-    c:\windows\system32\wuapp.exe
2012-05-31 16:55 . 2012-06-12 02:13    237072    ------w-    c:\windows\system32\MpSigStub.exe
2012-05-15 10:26 . 2012-06-12 04:40    61248    ----a-w-    c:\windows\system32\OpenCL.dll
2012-05-15 10:26 . 2012-06-12 04:36    883008    ----a-w-    c:\windows\system32\nvgenco32.dll
2012-05-15 10:26 . 2012-06-12 04:36    8105280    ----a-w-    c:\windows\system32\nvwgf2um.dll
2012-05-15 10:26 . 2012-06-12 04:36    5982528    ----a-w-    c:\windows\system32\nvcuda.dll
2012-05-15 10:26 . 2012-06-12 04:36    2524992    ----a-w-    c:\windows\system32\nvcuvid.dll
2012-05-15 10:26 . 2012-06-12 04:36    2445120    ----a-w-    c:\windows\system32\nvcuvenc.dll
2012-05-15 10:26 . 2012-06-12 04:36    19607872    ----a-w-    c:\windows\system32\nvoglv32.dll
2012-05-15 10:26 . 2012-06-12 04:36    15322432    ----a-w-    c:\windows\system32\nvd3dum.dll
2012-05-15 10:26 . 2012-06-12 04:36    11354944    ----a-w-    c:\windows\system32\drivers\nvlddmkm.sys
2012-05-15 10:26 . 2012-06-12 04:36    1000768    ----a-w-    c:\windows\system32\nvdispco32.dll
2012-05-15 10:26 . 2012-06-12 04:36    2368832    ----a-w-    c:\windows\system32\nvapi.dll
2012-05-15 10:26 . 2012-06-12 04:36    17551680    ----a-w-    c:\windows\system32\nvcompiler.dll
2012-05-15 09:28 . 2012-06-12 04:41    2561344    ----a-w-    c:\windows\system32\nvsvcr.dll
2012-05-15 09:28 . 2012-06-12 04:41    645440    ----a-w-    c:\windows\system32\nvvsvc.exe
2012-05-15 09:28 . 2012-06-12 04:41    62272    ----a-w-    c:\windows\system32\nvshext.dll
2012-05-15 09:28 . 2012-06-12 04:41    108352    ----a-w-    c:\windows\system32\nvmctray.dll
2012-05-15 09:28 . 2012-06-12 04:41    3931456    ----a-w-    c:\windows\system32\nvcpl.dll
2012-05-15 09:27 . 2012-06-12 04:41    2759488    ----a-w-    c:\windows\system32\nvsvc.dll
2012-05-15 06:51 . 2012-05-15 06:51    423744    ----a-w-    c:\windows\system32\nvStreaming.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-12-04 1728512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ       kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53    843712    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2012-02-02 15:55    3209216    ----a-w-    c:\program files\Ares\Ares.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-06-12 02:01    116648    ----atw-    c:\users\EmmChio\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-07-03 18:16    462920    ----a-w-    c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 15:37    252296    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AsrCDDrv;AsrCDDrv; [x]
R3 cpuz134;cpuz134;c:\users\EmmChio\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU; [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 AsrOcDrv;AsrOcDrv;c:\windows\system32\Drivers\AsrOcDrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASROCDRV
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 23:11]
.
2012-08-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-476293004-1738655125-3981867584-1000Core.job
- c:\users\EmmChio\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-12 02:01]
.
2012-08-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-476293004-1738655125-3981867584-1000UA.job
- c:\users\EmmChio\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-12 02:01]
.
.
------- Supplementary Scan -------
.
IE: &Enviar a OneNote - c:\program files\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xportar a Microsoft Excel - c:\program files\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-08-10  17:12:34
ComboFix-quarantined-files.txt  2012-08-10 21:42
ComboFix2.txt  2012-08-10 21:33
ComboFix3.txt  2012-08-09 19:26
.
Pre-Run: 40.218.689.536 bytes libres
Post-Run: 40.153.305.088 bytes libres
.
- - End Of File - - 9283DDC7AA5C44638E92CD176152D180
Gracias nuevamente.
 

jbex

El que peca y reza empata
Administrador
Aun se mantiene la entrada a eliminar, algún paso no hiciste bien ya que el combofix no elimino la entrada c:\windows\msdownld.tmp

Repite los pasos indicados:
Copia/pega el texto de la casilla de abajo en el notepad:
c:\windows\msdownld.tmp
c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
- Ve a la ventana del Bloc de notas y haz clic en Editar -> Pegar

- A continuación, haz clic en Archivo -> Guardar

- Nombre del archivo CFScript.txt

- Guarde el archivo en el escritorio

- Arrastra el archivo que acaba de crear ... CFScript.txt y soltar en el icono principal ComboFix.exe como se indica a continuación.



- Espera a que ComboFix termine de ejecutarse.

- Esto iniciará de nuevo ComboFix.

Después de reiniciar el sistema (en caso de que pida reiniciar), pega el contenido de Combofix.txt en la próxima respuesta.

Saludos.


Un saludo
 

emmchio

Miembro
Miembro
ComboFix 12-08-09.01 - EmmChio 11/08/2012 22:44:17.4.2 - x86
Microsoft Windows 7 Ultimate
Insertar CODE, HTML o PHP:
  6.1.7601.1.1252.34.3082.18.2047.1061 [GMT -4,5:30]
Running from: E:\Pendrive\programas\ANTIVIRUS y MALWARE\ANTIVIR\ComboFix.exe
Command switches used :: E:\Pendrive\programas\ANTIVIRUS y MALWARE\ANTIVIR\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

(((((((((((((((((((((((((   Files Created from 2012-07-12 to 2012-08-12  )))))))))))))))))))))))))))))))

2012-08-12 03:19:30 . 2012-08-12 03:19:30    --------    d-----w-    C:\Users\UpdatusUser\AppData\Local\temp
2012-08-12 03:19:30 . 2012-08-12 03:19:30    --------    d-----w-    C:\Users\TEMP\AppData\Local\temp
2012-08-12 03:19:30 . 2012-08-12 03:19:30    --------    d-----w-    C:\Users\Default\AppData\Local\temp
2012-08-12 03:19:30 . 2012-08-12 03:19:30    --------    d-----w-    C:\Users\Administrador\AppData\Local\temp
2012-08-11 21:43:36 . 2012-08-11 21:43:36    --------    d-----w-    C:\Program Files\Geeks3D
2012-08-11 21:14:31 . 2012-08-11 21:42:01    --------    d-----w-    C:\Program Files\ATITool
2012-08-11 20:18:13 . 2012-08-11 20:18:13    --------    d-----w-    C:\Users\EmmChio\AppData\Roaming\Nitro PDF
2012-08-11 20:11:12 . 2012-08-11 20:11:18    --------    d-----w-    C:\Users\EmmChio\AppData\Roaming\OpenCandy
2012-08-10 21:42:35 . 2012-08-12 03:19:30    --------    d-----w-    C:\Users\EmmChio\AppData\Local\temp
2012-08-10 21:27:32 . 2012-08-10 21:27:32    --------    d-----w-    C:\Users\EmmChio\AppData\Local\Diagnostics
2012-08-09 21:38:25 . 2012-08-09 21:38:25    --------    d-----w-    C:\Program Files\Panda Security
2012-08-09 19:43:13 . 2012-08-09 19:43:13    --------    d-----w-    C:\Users\EmmChio\AppData\Local\SlimWare Utilities Inc
2012-08-09 19:42:16 . 2012-08-09 19:44:27    --------    d-----w-    C:\Program Files\SlimCleaner
2012-08-09 03:08:35 . 2012-08-09 03:08:35    --------    d-----w-    C:\Program Files\ESET
2012-08-09 02:44:33 . 2012-08-09 02:44:37    --------    d-----w-    C:\Users\EmmChio\AppData\Roaming\QuickScan
2012-08-09 02:24:19 . 2012-08-09 02:24:19    388096    ----a-r-    C:\Users\EmmChio\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-09 02:24:19 . 2012-08-09 02:24:19    --------    d-----w-    C:\Trend Micro
2012-08-07 00:30:01 . 2012-08-07 00:30:01    --------    d-----w-    C:\Program Files\Ministars Software
2012-08-07 00:28:58 . 1997-11-19 21:19:58    303616    ----a-w-    C:\Windows\IsUninst.exe
2012-08-06 02:08:11 . 2012-08-06 02:08:11    --------    d-----w-    C:\ProgramData\GroupPolicy
2012-08-06 01:22:07 . 2012-07-16 07:11:42    6891424    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5A22C9C3-2094-45B3-8FA3-FD56722014F2}\mpengine.dll
2012-08-05 21:51:02 . 2012-08-05 21:51:02    --------    d-----w-    C:\Program Files\Remedy Entertainment
2012-08-05 21:14:01 . 2012-08-05 21:14:01    281760    ----a-w-    C:\Windows\system32\drivers\atksgt.sys
2012-08-05 21:14:00 . 2012-08-05 21:14:00    25888    ----a-w-    C:\Windows\system32\drivers\lirsgt.sys
2012-08-05 21:13:53 . 2012-08-05 21:13:53    --------    d-----w-    C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2012-08-05 21:13:48 . 2012-08-05 21:13:51    --------    d-----w-    C:\Program Files\Common Files\Wise Installation Wizard
2012-08-05 21:12:14 . 2012-08-05 21:42:37    --------    d-----w-    C:\Users\EmmChio\AppData\Roaming\Prison Break
2012-08-05 21:09:52 . 2012-08-05 21:09:52    --------    d-----w-    C:\Program Files\Deep Silver
2012-08-05 20:19:38 . 2012-08-05 20:19:38    --------    d-----w-    C:\Program Files\Dark Energy Digital Ltd
2012-08-05 19:20:56 . 2012-08-05 19:21:02    --------    d--h--w-    C:\Windows\msdownld.tmp
2012-08-05 19:03:51 . 2012-08-05 19:03:51    --------    d-----w-    C:\Program Files\VictorVal
2012-08-05 04:57:26 . 2012-08-06 02:23:21    --------    d-----w-    C:\Program Files\JDownloader
2012-08-05 04:52:56 . 2012-08-05 04:52:56    --------    d-----w-    C:\Windows\Sun
2012-08-05 04:44:24 . 2012-08-05 04:44:24    --------    d-----w-    C:\Users\EmmChio\AppData\Roaming\SeriousBit
2012-08-05 04:44:19 . 2012-08-05 04:44:21    --------    d-----w-    C:\Program Files\EnhanceMySe7en
2012-08-04 23:47:15 . 2012-08-04 23:47:16    --------    d-----w-    C:\Users\EmmChio\AppData\Local\Ilivid Player
2012-08-03 15:11:21 . 2012-08-03 15:11:21    3968368    ----a-w-    C:\Windows\system32\ntkrnlpa.exe
2012-08-03 15:11:21 . 2012-08-03 15:11:21    3913072    ----a-w-    C:\Windows\system32\ntoskrnl.exe
2012-08-03 15:10:36 . 2012-08-03 15:10:36    2048    ----a-w-    C:\Windows\system32\msxml3r.dll
2012-08-03 15:10:36 . 2012-08-03 15:10:36    1236992    ----a-w-    C:\Windows\system32\msxml3.dll
2012-08-03 15:10:35 . 2012-08-03 15:10:36    1390080    ----a-w-    C:\Windows\system32\msxml6.dll
2012-08-03 15:10:17 . 2012-08-03 15:10:17    67440    ----a-w-    C:\Windows\system32\drivers\ksecdd.sys
2012-08-03 15:10:17 . 2012-08-03 15:10:17    369336    ----a-w-    C:\Windows\system32\drivers\cng.sys
2012-08-03 15:10:17 . 2012-08-03 15:10:17    225280    ----a-w-    C:\Windows\system32\schannel.dll
2012-08-03 15:10:17 . 2012-08-03 15:10:17    219136    ----a-w-    C:\Windows\system32\ncrypt.dll
2012-08-03 15:10:17 . 2012-08-03 15:10:17    134000    ----a-w-    C:\Windows\system32\drivers\ksecpkg.sys
2012-08-03 15:09:42 . 2012-08-03 15:09:42    2345984    ----a-w-    C:\Windows\system32\win32k.sys
2012-08-03 15:09:19 . 2012-08-03 15:09:19    805376    ----a-w-    C:\Windows\system32\cdosys.dll
2012-08-03 15:09:19 . 2012-08-03 15:09:19    57344    ----a-w-    C:\Program Files\Common Files\System\ado\msador15.dll
2012-08-03 15:09:19 . 2012-08-03 15:09:19    372736    ----a-w-    C:\Program Files\Common Files\System\ado\msadox.dll
2012-08-03 15:09:19 . 2012-08-03 15:09:19    352256    ----a-w-    C:\Program Files\Common Files\System\ado\msadomd.dll
2012-08-03 15:09:19 . 2012-08-03 15:09:19    212992    ----a-w-    C:\Program Files\Common Files\System\msadc\msadco.dll
2012-08-03 15:09:19 . 2012-08-03 15:09:19    143360    ----a-w-    C:\Program Files\Common Files\System\ado\msjro.dll
2012-08-03 15:09:19 . 2012-08-03 15:09:19    1019904    ----a-w-    C:\Program Files\Common Files\System\ado\msado15.dll
2012-08-03 15:08:35 . 2012-08-03 15:08:35    8192    ----a-w-    C:\Windows\system32\rdrmemptylst.exe
2012-08-03 15:08:35 . 2012-08-03 15:08:35    58880    ----a-w-    C:\Windows\system32\rdpwsx.dll
2012-08-03 15:08:35 . 2012-08-03 15:08:35    129536    ----a-w-    C:\Windows\system32\rdpcorekmts.dll
2012-08-03 15:08:26 . 2012-08-03 15:08:26    919040    ----a-w-    C:\Windows\system32\rdpcorets.dll
2012-08-03 15:08:26 . 2012-08-03 15:08:26    183808    ----a-w-    C:\Windows\system32\drivers\rdpwd.sys
2012-08-03 15:08:19 . 2012-08-03 15:08:19    56176    ----a-w-    C:\Windows\system32\drivers\partmgr.sys
2012-08-03 15:08:11 . 2012-08-03 15:08:11    1291632    ----a-w-    C:\Windows\system32\drivers\tcpip.sys
2012-08-03 15:06:53 . 2012-08-03 15:06:53    314880    ----a-w-    C:\Windows\system32\webio.dll
2012-08-03 15:05:58 . 2012-08-03 15:05:58    94208    ----a-w-    C:\Program Files\Common Files\System\Ole DB\msdaosp.dll
2012-08-03 15:04:55 . 2012-08-03 15:04:55    1164288    ----a-w-    C:\Windows\system32\mfc42u.dll
2012-08-03 15:04:55 . 2012-08-03 15:04:55    1137664    ----a-w-    C:\Windows\system32\mfc42.dll
2012-08-03 15:04:46 . 2012-08-03 15:04:46    850944    ----a-w-    C:\Windows\system32\sbe.dll
2012-08-03 15:04:46 . 2012-08-03 15:04:46    642048    ----a-w-    C:\Windows\system32\CPFilters.dll
2012-08-03 15:04:46 . 2012-08-03 15:04:46    199680    ----a-w-    C:\Windows\system32\mpg2splt.ax
2012-08-03 15:04:23 . 2012-08-03 15:04:23    542208    ----a-w-    C:\Windows\system32\kerberos.dll
2012-08-03 01:58:03 . 2012-08-11 02:43:16    --------    d-----w-    C:\Program Files\IP Locator
2012-08-02 22:45:43 . 2012-08-03 22:47:13    --------    d-----w-    C:\Program Files\uTorrent
2012-08-02 22:44:35 . 2012-08-04 16:21:13    --------    d-----w-    C:\Users\EmmChio\AppData\Roaming\uTorrent
2012-08-01 01:58:01 . 2012-08-01 01:58:01    --------    d-----w-    C:\Program Files\EPSON
2012-08-01 00:56:30 . 2012-08-01 01:58:15    --------    d-----w-    C:\ProgramData\EPSON
2012-08-01 00:48:02 . 2006-12-08 06:34:00    76800    ----a-w-    C:\Windows\system32\E_FLBCDL.DLL
2012-08-01 00:48:02 . 2006-04-19 06:30:00    62976    ----a-w-    C:\Windows\system32\E_FD4BCDL.DLL
2012-07-26 17:58:09 . 2012-05-24 15:17:58    21888    ----a-w-    C:\Windows\system32\RegistryDefragBootTime.exe
2012-07-26 17:45:05 . 2012-07-26 17:45:05    --------    d-----w-    C:\ProgramData\IObit
2012-07-26 17:44:57 . 2012-07-30 18:39:17    --------    d-----w-    C:\Users\EmmChio\AppData\Roaming\IObit
2012-07-26 17:44:52 . 2012-07-26 17:44:52    --------    d-----w-    C:\Program Files\IObit
2012-07-25 20:06:41 . 2012-07-25 20:06:41    --------    d-----w-    C:\Users\UpdatusUser\AppData\Roaming\vlc
2012-07-25 20:06:41 . 2012-07-25 20:06:41    --------    d-----w-    C:\Users\Invitado
2012-07-25 20:06:41 . 2012-07-25 20:06:41    --------    d-----w-    C:\Users\EmmChio\AppData\Roaming\vlc
2012-07-25 20:06:41 . 2012-07-25 20:06:41    --------    d-----w-    C:\Users\Administrador\AppData\Roaming\vlc
2012-07-25 00:26:50 . 2012-07-25 01:16:49    --------    d-----w-    C:\Users\EmmChio\AppData\Local\Origin
2012-07-24 16:01:40 . 2012-07-24 16:03:34    409088    ----a-w-    C:\Windows\system32\systemcplx86.dll
2012-07-24 04:19:16 . 2012-07-24 04:19:16    --------    d-----w-    C:\Users\EmmChio\temp
2012-07-24 04:19:15 . 2012-07-24 04:19:15    --------    d-----w-    C:\Users\EmmChio\AppData\Roaming\TeamViewer
2012-07-24 03:12:25 . 2012-08-12 02:49:51    --------    d-----w-    C:\Users\EmmChio\AppData\Roaming\TS3Client
2012-07-24 03:12:01 . 2012-07-24 03:12:05    --------    d-----w-    C:\Program Files\TeamSpeak 3 Client
2012-07-18 21:42:06 . 2012-08-05 22:09:31    --------    d-----w-    C:\Users\EmmChio\AppData\Local\SKIDROW
2012-07-13 22:18:08 . 2012-07-13 22:18:08    --------    d-----w-    C:\Windows\H.A.W.X. Black Edition
.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-08-03 23:11:32 . 2012-06-12 02:50:34    70344    ----a-w-    C:\Windows\system32\FlashPlayerCPLApp.cpl
2012-08-03 23:11:32 . 2012-06-12 02:50:34    426184    ----a-w-    C:\Windows\system32\FlashPlayerApp.exe
2012-07-03 18:16:44 . 2012-06-12 01:48:44    22344    ----a-w-    C:\Windows\system32\drivers\mbam.sys
2012-06-24 03:42:20 . 2011-03-28 23:06:46    19736    ----a-w-    C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-02 22:19:33 . 2012-06-28 16:26:34    53784    ----a-w-    C:\Windows\system32\wuauclt.exe
2012-06-02 22:19:33 . 2012-06-28 16:26:34    45080    ----a-w-    C:\Windows\system32\wups2.dll
2012-06-02 22:19:32 . 2012-06-28 16:26:26    35864    ----a-w-    C:\Windows\system32\wups.dll
2012-06-02 22:19:23 . 2012-06-28 16:26:26    577048    ----a-w-    C:\Windows\system32\wuapi.dll
2012-06-02 22:19:17 . 2012-06-28 16:26:34    1933848    ----a-w-    C:\Windows\system32\wuaueng.dll
2012-06-02 22:12:32 . 2012-06-28 16:26:34    2422272    ----a-w-    C:\Windows\system32\wucltux.dll
2012-06-02 22:12:13 . 2012-06-28 16:26:26    88576    ----a-w-    C:\Windows\system32\wudriver.dll
2012-06-02 19:49:42 . 2012-06-28 16:26:18    171904    ----a-w-    C:\Windows\system32\wuwebv.dll
2012-06-02 19:42:20 . 2012-06-28 16:26:18    33792    ----a-w-    C:\Windows\system32\wuapp.exe
2012-05-31 16:55:14 . 2012-06-12 02:13:58    237072    ------w-    C:\Windows\system32\MpSigStub.exe
2012-05-15 10:26:00 . 2012-06-12 04:40:58    61248    ----a-w-    C:\Windows\system32\OpenCL.dll
2012-05-15 10:26:00 . 2012-06-12 04:36:45    883008    ----a-w-    C:\Windows\system32\nvgenco32.dll
2012-05-15 10:26:00 . 2012-06-12 04:36:45    8105280    ----a-w-    C:\Windows\system32\nvwgf2um.dll
2012-05-15 10:26:00 . 2012-06-12 04:36:45    5982528    ----a-w-    C:\Windows\system32\nvcuda.dll
2012-05-15 10:26:00 . 2012-06-12 04:36:45    2524992    ----a-w-    C:\Windows\system32\nvcuvid.dll
2012-05-15 10:26:00 . 2012-06-12 04:36:45    2445120    ----a-w-    C:\Windows\system32\nvcuvenc.dll
2012-05-15 10:26:00 . 2012-06-12 04:36:45    19607872    ----a-w-    C:\Windows\system32\nvoglv32.dll
2012-05-15 10:26:00 . 2012-06-12 04:36:45    15322432    ----a-w-    C:\Windows\system32\nvd3dum.dll
2012-05-15 10:26:00 . 2012-06-12 04:36:45    11354944    ----a-w-    C:\Windows\system32\drivers\nvlddmkm.sys
2012-05-15 10:26:00 . 2012-06-12 04:36:45    1000768    ----a-w-    C:\Windows\system32\nvdispco32.dll
2012-05-15 10:26:00 . 2012-06-12 04:36:43    2368832    ----a-w-    C:\Windows\system32\nvapi.dll
2012-05-15 10:26:00 . 2012-06-12 04:36:43    17551680    ----a-w-    C:\Windows\system32\nvcompiler.dll
2012-05-15 09:28:50 . 2012-06-12 04:41:23    2561344    ----a-w-    C:\Windows\system32\nvsvcr.dll
2012-05-15 09:28:49 . 2012-06-12 04:41:23    645440    ----a-w-    C:\Windows\system32\nvvsvc.exe
2012-05-15 09:28:49 . 2012-06-12 04:41:23    62272    ----a-w-    C:\Windows\system32\nvshext.dll
2012-05-15 09:28:49 . 2012-06-12 04:41:23    108352    ----a-w-    C:\Windows\system32\nvmctray.dll
2012-05-15 09:28:48 . 2012-06-12 04:41:23    3931456    ----a-w-    C:\Windows\system32\nvcpl.dll
2012-05-15 09:27:28 . 2012-06-12 04:41:23    2759488    ----a-w-    C:\Windows\system32\nvsvc.dll
2012-05-15 06:51:50 . 2012-05-15 06:51:50    423744    ----a-w-    C:\Windows\system32\nvStreaming.exe

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-12-04 07:48:54 1728512]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2012-05-15 09:28:48 3931456]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ       kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53:50    843712    ----a-w-    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2012-02-02 15:55:22    3209216    ----a-w-    C:\Program Files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-06-12 02:01:13    116648    ----atw-    C:\Users\EmmChio\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-07-03 18:16:44    462920    ----a-w-    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 15:37:54    252296    ----a-w-    C:\Program Files\Common Files\Java\Java Update\jusched.exe

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AsrCDDrv;AsrCDDrv; [x]
R3 cpuz134;cpuz134;C:\Users\EmmChio\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x]
R3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys [x]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\system32\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU; [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 AsrOcDrv;AsrOcDrv;C:\Windows\system32\Drivers\AsrOcDrv.sys [x]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt86win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys [x]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ASROCDRV
*Deregistered* - RivaTuner32

Contents of the 'Scheduled Tasks' folder

2012-08-12 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 02:50:34 . 2012-08-03 23:11:34]

2012-08-12 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-476293004-1738655125-3981867584-1000Core.job
- C:\Users\EmmChio\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-12 02:01:13 . 2012-06-12 02:01:13]

2012-08-12 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-476293004-1738655125-3981867584-1000UA.job
- C:\Users\EmmChio\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-12 02:01:13 . 2012-06-12 02:01:13]

------- Supplementary Scan -------

IE: &Enviar a OneNote - C:\Program Files\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xportar a Microsoft Excel - C:\Program Files\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
 

jbex

El que peca y reza empata
Administrador
Descarga OTL a tu escritorio.

Asegúrese de cerrar todas sus programas antes de ejecutarlo y déjelo correr sin interrumpirlo hasta que termine el Análisis.

Haz doble clic en icono OTL para ejecutarlo.

Cuando la interfaz aparezca, marca las siguientes opciones:

  • Buscar LOP y Buscar Purity.
  • Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
  • No cambies el resto de la configuración.


Copia y pega el siguiente texto abajo de la barra azul de "Análisis Personalizados":

c:\windows\msdownld.tmp
c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
Presione el botón. Por favor No cambies el resto de la configuración a menos que te lo solicitemos. El examen no tardará mucho.

Una vez termine, abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue grabado.

Haz el favor de copiar y pegar el contenido de estos informes en tu próxima respuesta.
 
Estado
Cerrado para nuevas respuestas
Arriba Pie