Podrían ayudarme con un reporte de OTL

wendybatriani · #1 (**permalink**) 25/06/2012, 10:14

Es sobre el virus de la policía y tengo los reportes pero no sé qué hacer con ellos. Agradecería cualquier tipo de ayuda

REPORTE (lo tengo que enviar en varios trozos porque no me deja entero)

OTL logfile created on: 22/06/2012 12:52:33 - Run 1
OTL by OldTimer - Version 3.2.50.0 Folder = G:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 83,76% Memory free
4,21 Gb Paging File | 4,04 Gb Available in Paging File | 95,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 25,28 Gb Free Space | 36,23% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 54,33 Gb Free Space | 78,15% Space Free | Partition Type: NTFS
Drive G: | 3,62 Gb Total Space | 3,62 Gb Free Space | 99,96% Space Free | Partition Type: FAT32

Computer Name: PABLO1 | User Name: pablo | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - G:\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (odserv) -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Archivos de programa\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Programador de LiveUpdate automático) -- C:\Archivos de programa\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
SRV - (IAANTMON) Intel(R) -- C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (NETw4v32) Controlador del adaptador Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Archivos de programa\Acer Arcade Deluxe\Play Movie\000.fcl (Cyberlink Corp.)
DRV - (DritekPortIO) -- C:\Archivos de programa\Launch Manager\DPortIO.sys (Dritek System Inc.)
DRV - (NETw3v32) Controlador de adaptador Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://es.es.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://es.es.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://es.rd.yahoo.com/customize/ycomp/defaults/sp/*http://es.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Archivos de programa\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{2640BDD8-049E-4DD0-BD80-487F7D432B93}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=W3I4&o=100000022&src=kw&q={s earchTerms}&locale=es_ES&apn_ptnrs=^A9R&apn_dtid=^ YYYYYY^YY^ES&apn_uid=5D5EEA94-B457-4F82-A913-43D1BDF09EA7&apn_sauid=FC8477E5-87D5-4A57-93CE-8820557B1A9D
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B3590D48-8F90-474A-8EB1-AEB1EB91FC85}&mid=cb97a0a4c30847d1a040d1527e8c3730-10ad2444e55f80be5dd3b86128dbf1a0965191b5&lang=en&d s=tg026&pr=sa&d=2011-08-22 22:02:35&v=8.0.0.33&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{E56B0685-48BC-4D54-B4F5-DA1528A34AD0}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

wendybatriani · #2 (**permalink**) 25/06/2012, 10:17

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\pablo\AppData\Local\Google\Update\1.3.21. 111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\pablo\AppData\Local\Google\Update\1.3.21. 111\npGoogleUpdate3.dll (Google Inc.)

[2011/08/21 21:42:06 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google:originalQueryForSuggestion}{go ogle:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEnco ding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pablo\AppData\Local\Google\Chrome\Applica tion\16.0.912.75\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Users\pablo\AppData\Local\Google\Chrome\Applica tion\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\pablo\AppData\Local\Google\Chrome\Applica tion\16.0.912.75\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\pablo\AppData\Local\Google\Update\1.3.21. 67\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Archivos de programa\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Archivos de programa\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Archivos de programa\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Acer Tour Reminder] File not found
O4 - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableRegedit = 0
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.60.205.175 213.60.205.173 212.51.32.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{B57AC52E-2CF6-4EEE-A4C5-8BF450548C2E}: DhcpNameServer = 213.60.205.175 213.60.205.173 212.51.32.254
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer)
O20 - HKLM Winlogon: Shell - (C:\Users\pablo\AppData\Roaming\ServiceVBOX.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Users\pablo\AppData\Roaming\ServiceVBOX.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\pablo\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel tapiz de Galería fotográfica de Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\pablo\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel tapiz de Galería fotográfica de Windows.jpg
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5af3c3b8-39e6-11e0-8e83-001b3868dec3}\Shell - "" = AutoRun
O33 - MountPoints2\{5af3c3b8-39e6-11e0-8e83-001b3868dec3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

wendybatriani · #3 (**permalink**) 25/06/2012, 10:18

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe - (Acer Inc.)
MsConfig - StartUpReg: 5Pl92n0RaPnn1Gf - hkey= - key= - File not found
MsConfig - StartUpReg: Acer Tour Reminder - hkey= - key= - C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ApnUpdater - hkey= - key= - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
MsConfig - StartUpReg: Apoint - hkey= - key= - C:\Archivos de programa\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: eAudio - hkey= - key= - C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\pablo\AppData\Local\Google\Update\GoogleU pdate.exe (Google Inc.)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found
MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
MsConfig - StartUpReg: IgfxTray - hkey= - key= - File not found
MsConfig - StartUpReg: JustVoip - hkey= - key= - C:\Program Files\JustVoip.com\JustVoip\JustVoip.exe (JustVoip)
MsConfig - StartUpReg: LManager - hkey= - key= - C:\Archivos de programa\Launch Manager\LManager.exe (Dritek System Inc.)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: Persistence - hkey= - key= - File not found
MsConfig - StartUpReg: PlayMovie - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.)
MsConfig - StartUpReg: PLFSetL - hkey= - key= - C:\Windows\PLFSetL.exe (sonix)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: SetPanel - hkey= - key= - File not found
MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: Smart PC Cleaner - hkey= - key= - C:\Archivos de programa\Smart PC Cleaner\SPCLauncher.exe (Avanquest Software)
MsConfig - StartUpReg: Symantec PIF AlertEng - hkey= - key= - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
MsConfig - StartUpReg: WarReg_PopUp - hkey= - key= - C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Archivos de programa\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "startup" - 1

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

========== Files/Folders - Created Within 30 Days ==========

[2012/06/03 15:31:46 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0

========== Files - Modified Within 30 Days ==========

[2012/06/22 12:50:59 | 002,097,152 | -HS- | M] () -- C:\Users\pablo\ntuser.dat
[2012/06/22 12:49:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/21 17:54:42 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/06/21 17:54:37 | 000,524,288 | -HS- | M] () -- C:\Users\pablo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regt rans-ms
[2012/06/21 17:54:37 | 000,065,536 | -HS- | M] () -- C:\Users\pablo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2012/06/21 17:51:08 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/21 17:51:08 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/21 17:50:55 | 000,303,536 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/13 12:22:01 | 001,505,374 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012/06/13 12:22:01 | 000,672,836 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2012/06/13 12:22:01 | 000,600,080 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/13 12:22:01 | 000,131,326 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2012/06/13 12:22:01 | 000,107,962 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/03 18:20:04 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3142792375-882652808-447352954-1000UA.job
[2012/05/25 16:20:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3142792375-882652808-447352954-1000Core.job

========== Files Created - No Company Name ==========

[2012/04/15 16:18:47 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/04/01 16:08:09 | 002,169,499 | -H-- | C] () -- C:\Users\pablo\AppData\Local\IconCache.db
[2011/08/23 03:23:27 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.b in
[2011/08/23 03:02:59 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/08/23 03:02:58 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/08/23 03:01:48 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2011/05/18 00:18:35 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini
[2011/02/16 23:55:32 | 000,001,356 | ---- | C] () -- C:\Users\pablo\AppData\Local\d3d9caps.dat
[2011/01/08 13:58:55 | 000,008,999 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2011/01/08 01:50:41 | 000,050,176 | ---- | C] () -- C:\Users\pablo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/07 07:25:54 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2011/01/07 07:25:40 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2011/01/06 23:57:19 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2011/01/06 23:12:21 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2011/01/06 23:12:21 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2011/01/06 23:00:09 | 000,070,672 | ---- | C] () -- C:\Users\pablo\AppData\Local\GDIPFONTCACHEV1.DAT
[2011/01/06 21:35:32 | 001,749,376 | ---- | C] () -- C:\Windows\System32\snp2uvc.sys
[2011/01/06 21:35:32 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2011/01/06 21:35:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2011/01/06 21:35:32 | 000,028,032 | ---- | C] () -- C:\Windows\System32\sncduvc.sys
[2011/01/06 21:35:32 | 000,000,131 | ---- | C] () -- C:\Windows\System32\PidList.ini
[2011/01/06 21:35:32 | 000,000,131 | ---- | C] () -- C:\Windows\PidList.ini

========== LOP Check ==========

[2011/08/22 18:17:35 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\Blue Tea Games
[2011/08/22 21:21:35 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\DAEMON Tools Lite
[2011/08/22 21:16:44 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\DAEMON Tools Pro
[2011/08/24 19:07:16 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\DailyMagic
[2011/08/24 18:43:25 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\EleFun Games
[2011/08/24 03:52:39 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\Elephant Games
[2011/09/04 01:30:06 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\ERS Game Studios
[2011/10/18 20:22:55 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\Genieo
[2012/05/06 23:56:35 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\JustVoip
[2011/08/22 21:20:50 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\OpenCandy
[2011/11/05 16:40:47 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\SecondLife
[2012/04/15 16:48:05 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\Smart PC Cleaner
[2012/01/19 18:45:34 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\Systweak
[2012/06/21 17:54:43 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< nesvcs >

< %SYSTEMDRIVE%\*.* >
[2007/08/13 22:46:26 | 000,003,380 | ---- | M] () -- C:\-20070813.log
[2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007/08/14 06:03:47 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/12/14 18:27:46 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/08/16 09:49:12 | 000,040,960 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\junction.exe
[2006/11/29 17:35:22 | 000,000,512 | ---- | M] () -- C:\MDR.iss
[2011/12/14 18:27:46 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/06/22 12:48:24 | 2450,800,640 | -HS- | M] () -- C:\pagefile.sys
[2012/06/18 22:52:10 | 000,003,887 | ---- | M] () -- C:\PoliFix.txt
[2007/08/13 21:47:39 | 000,000,420 | ---- | M] () -- C:\RHDSetup.log
[2007/08/13 22:32:22 | 000,000,178 | ---- | M] () -- C:\setup.log
[2007/08/13 22:43:49 | 001,711,456 | ---- | M] () -- C:\vcredist_x86.log

< End of report >

wendybatriani · #4 (**permalink**) 25/06/2012, 10:21

EXTRAS:
Ahora los extras:

OTL Extras logfile created on: 22/06/2012 12:52:33 - Run 1
OTL by OldTimer - Version 3.2.50.0 Folder = G:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 83,76% Memory free
4,21 Gb Paging File | 4,04 Gb Available in Paging File | 95,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 25,28 Gb Free Space | 36,23% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 54,33 Gb Free Space | 78,15% Space Free | Partition Type: NTFS
Drive G: | 3,62 Gb Total Space | 3,62 Gb Free Space | 99,96% Space Free | Partition Type: FAT32

Computer Name: PABLO1 | User Name: pablo | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{04001031-7852-4DA2-9602-6A6662BB07AE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{39F7BF42-91D8-4DC3-9F3D-AA508D28805F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{16A99BFB-78C5-4BF1-B666-8B79763B56BD}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |
"{2CA10275-D996-4DF4-A288-B6861E6CBFEA}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{3DA6B8A7-3EB3-4B67-BA22-44B1C7A6850F}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
"{7429A5C0-6317-4894-BAC4-514768C1A9F5}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |
"{89F29083-B930-4B0F-B5C6-84B08C088DD7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{93896FA8-F796-4F88-A3A2-B3BB7E0EA730}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |
"{B361D734-4D34-4AFD-BED1-0BFC774E062E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C32C3FDB-8D97-47B6-9FC7-E81010E52677}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{C3C3E2C9-8EA3-46D2-BD96-267847099334}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |
"{D7E69BA1-96A9-4574-AF50-23732DE9BE32}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E3B9A1B8-F132-42B1-9D56-01E10A1BAA1F}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{F2752869-B9BE-47A9-8050-F14A96B611F9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{02C29D42-673A-4099-A634-2643D74982F7}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{1DE6E01F-4756-482D-AF4D-A0E8F8D65AED}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5E7F1B4E-C782-4D97-B171-8BE3067A2DC7}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{7CA05BE2-C838-4AAB-A034-CBA7588AF95B}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |
"TCP Query User{929A4CBA-B510-4317-B313-F8680D92C726}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{B734CE55-3B10-48B2-97D2-9C4F794541AD}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{C0BEA41B-4DB9-4EB2-9E45-28B74929A54D}C:\program files\justvoip.com\justvoip\justvoip.exe" = protocol=6 | dir=in | app=c:\program files\justvoip.com\justvoip\justvoip.exe |
"TCP Query User{CE00CCFB-5357-4410-9647-B50BAD1CEC5D}C:\program files\justvoip.com\justvoip\justvoip.exe" = protocol=6 | dir=in | app=c:\program files\justvoip.com\justvoip\justvoip.exe |
"UDP Query User{48E3D35C-C09B-4104-8BDA-47D5380EADB3}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{62188FBA-3E8E-4E08-BAB8-A998787ED8A1}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{71595ABF-CF55-4F74-A181-7FA8D8A9AA7D}C:\program files\justvoip.com\justvoip\justvoip.exe" = protocol=17 | dir=in | app=c:\program files\justvoip.com\justvoip\justvoip.exe |
"UDP Query User{A7BBB105-1180-43D7-B5AB-4E7EBF4C1C38}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{C23D70F7-7278-4001-87A6-09DFC737D656}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{C9FFECD3-69FF-41FF-92DC-C42E58D84BB7}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F40E885F-03C0-4380-A461-FAADE01A7C98}C:\program files\justvoip.com\justvoip\justvoip.exe" = protocol=17 | dir=in | app=c:\program files\justvoip.com\justvoip\justvoip.exe |
"UDP Query User{FA441BC3-D46C-4BBD-9163-3FEF8737F3C5}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |

wendybatriani · #5 (**permalink**) 25/06/2012, 10:22

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1BF14E04-85DE-480C-9A04-EB36744C66C3}_is1" = Open Freely
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Herramienta de carga de Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2A36D329-0C71-D161-7DED-68ABB9651F94}" = FlipToast
"{2B83A043-BA8C-4164-98AA-29529D0BE756}" = Windows Live Essentials
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye Webcam Video Class Camera
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Compatibilidad con Aplicaciones de Apple
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7593234B-2AEB-4FC9-B02D-C9B30D86084C}" = Windows Live Asistente para el inicio de sesión
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{80DDC39C-8CB5-49de-9748-36C990922110}" = Microsoft Works
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111310630}" = Big Kahuna Reef 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111730193}" = Star Defender 3
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8924FD04-AFF1-4387-B08B-6A979485F2BD}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_HOMESTUDENTR_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_HOMESTUDENTR_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92E4A65F-7007-3357-A69A-167F71A337BD}" = Microsoft .NET Framework 3.5 Language Pack SP1 - esn
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC1ACE88-C471-494E-B5FA-0B7C21F22E4F}" = Orion
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer 3.72
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C4156B59-DD7E-40DF-AF08-E568A27A6409}" = Windows Live Messenger
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_11 8" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.w3i.FlipToast" = FlipToast
"DAEMON Tools Lite" = DAEMON Tools Lite
"eMule" = eMule
"GridVista" = Acer GridVista
"Hallowed Legends Samhain 1.00" = Hallowed Legends Samhain 1.00
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"JustVoip_is1" = JustVoip
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Standard)
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versión 1.60.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - esn" = Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"PPTView97" = Microsoft PowerPoint Viewer 97
"SecondLifeViewer2" = SecondLifeViewer2 (remove only)
"Smart PC Cleaner_is1" = Smart PC Cleaner v3.0
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"YTdetect" = Yahoo! Detect

wendybatriani · #6 (**permalink**) 25/06/2012, 10:22

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/05/2012 18:26:47 | Computer Name = pablo1 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 11/05/2012 18:28:20 | Computer Name = pablo1 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 11/05/2012 18:28:20 | Computer Name = pablo1 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 15/05/2012 10:38:20 | Computer Name = pablo1 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 18/05/2012 20:15:08 | Computer Name = pablo1 | Source = Application Error | ID = 1000
Description = Aplicación con errores iexplore.exe, versión 9.0.8112.16421, marca
de hora 0x4d76255d, módulo con errores Flash11e.ocx, versión 11.1.102.55, marca
de tiempo 0x4eaf89fc, código de excepción 0xc0000005, desplazamiento con errores
0x0016da1a, Id. de proceso 0x9b4, hora de inicio de la aplicación 0x01cd3553d973811c.

Error - 18/05/2012 20:15:32 | Computer Name = pablo1 | Source = Application Error | ID = 1000
Description = Aplicación con errores iexplore.exe, versión 9.0.8112.16421, marca
de hora 0x4d76255d, módulo con errores Flash11e.ocx, versión 11.1.102.55, marca
de tiempo 0x4eaf89fc, código de excepción 0xc0000005, desplazamiento con errores
0x0016da1a, Id. de proceso 0x16b0, hora de inicio de la aplicación 0x01cd35547dc38f8c.

Error - 18/05/2012 20:15:47 | Computer Name = pablo1 | Source = Application Error | ID = 1000
Description = Aplicación con errores iexplore.exe, versión 9.0.8112.16421, marca
de hora 0x4d76255d, módulo con errores Flash11e.ocx, versión 11.1.102.55, marca
de tiempo 0x4eaf89fc, código de excepción 0xc0000005, desplazamiento con errores
0x0016da1a, Id. de proceso 0x7c0, hora de inicio de la aplicación 0x01cd355487217abc.

Error - 18/05/2012 20:16:27 | Computer Name = pablo1 | Source = Application Error | ID = 1000
Description = Aplicación con errores iexplore.exe, versión 9.0.8112.16421, marca
de hora 0x4d76255d, módulo con errores Flash11e.ocx, versión 11.1.102.55, marca
de tiempo 0x4eaf89fc, código de excepción 0xc0000005, desplazamiento con errores
0x0016da1a, Id. de proceso 0xf6c, hora de inicio de la aplicación 0x01cd35549b3b818c.

Error - 18/05/2012 20:16:44 | Computer Name = pablo1 | Source = Application Error | ID = 1000
Description = Aplicación con errores iexplore.exe, versión 9.0.8112.16421, marca
de hora 0x4d76255d, módulo con errores Flash11e.ocx, versión 11.1.102.55, marca
de tiempo 0x4eaf89fc, código de excepción 0xc0000005, desplazamiento con errores
0x0016da1a, Id. de proceso 0x153c, hora de inicio de la aplicación 0x01cd3554a66a0e0c.

Error - 18/05/2012 20:18:35 | Computer Name = pablo1 | Source = Application Error | ID = 1000
Description = Aplicación con errores iexplore.exe, versión 9.0.8112.16421, marca
de hora 0x4d76255d, módulo con errores Flash11e.ocx, versión 11.1.102.55, marca
de tiempo 0x4eaf89fc, código de excepción 0xc0000005, desplazamiento con errores
0x0016da1a, Id. de proceso 0x15f8, hora de inicio de la aplicación 0x01cd3554df6e279c.

[ System Events ]
Error - 22/06/2012 6:50:18 | Computer Name = pablo1 | Source = Service Control Manager | ID = 7001
Description =

Error - 22/06/2012 6:50:18 | Computer Name = pablo1 | Source = Service Control Manager | ID = 7001
Description =

Error - 22/06/2012 6:50:18 | Computer Name = pablo1 | Source = Service Control Manager | ID = 7001
Description =

Error - 22/06/2012 6:50:18 | Computer Name = pablo1 | Source = Service Control Manager | ID = 7001
Description =

Error - 22/06/2012 6:50:18 | Computer Name = pablo1 | Source = Service Control Manager | ID = 7001
Description =

Error - 22/06/2012 6:50:18 | Computer Name = pablo1 | Source = Service Control Manager | ID = 7001
Description =

Error - 22/06/2012 6:50:18 | Computer Name = pablo1 | Source = Service Control Manager | ID = 7001
Description =

Error - 22/06/2012 6:50:18 | Computer Name = pablo1 | Source = Service Control Manager | ID = 7001
Description =

Error - 22/06/2012 6:50:18 | Computer Name = pablo1 | Source = Service Control Manager | ID = 7001
Description =

Error - 22/06/2012 6:50:18 | Computer Name = pablo1 | Source = Service Control Manager | ID = 7026
Description =

< End of report >

superlucas12 · #7 (**permalink**) 27/07/2012, 21:47

Copia y pega esto en el codigo de reparacion. Pegame el informe nuevo que te gner ( cuando termine de reparar ) y pegame el de Polifix.

:OTL
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Archivos de programa\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{2640BDD8-049E-4DD0-BD80-487F7D432B93}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=W3I4&o=100000022&src=kw&q={s earchTerms}&locale=es_ES&apn_ptnrs=^A9R&apn_dtid=^ YYYYYY^YY^ES&apn_uid=5D5EEA94-B457-4F82-A913-43D1BDF09EA7&apn_sauid=FC8477E5-87D5-4A57-93CE-8820557B1A9D
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B3590D48-8F90-474A-8EB1-AEB1EB91FC85}&mid=cb97a0a4c30847d1a040d1527e8c3730-10ad2444e55f80be5dd3b86128dbf1a0965191b5&lang=en&d s=tg026&pr=sa&d=2011-08-22 22:02:35&v=8.0.0.33&sap=dsp&q={searchTerms}
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Archivos de programa\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Archivos de programa\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Archivos de programa\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O20 - HKLM Winlogon: Shell - (C:\Users\pablo\AppData\Roaming\ServiceVBOX.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Users\pablo\AppData\Roaming\ServiceVBOX.exe) - File not found
O33 - MountPoints2\{5af3c3b8-39e6-11e0-8e83-001b3868dec3}\Shell - "" = AutoRun
O33 - MountPoints2\{5af3c3b8-39e6-11e0-8e83-001b3868dec3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5af3c3b8-39e6-11e0-8e83-001b3868dec3}\Shell - "" = AutoRun
O33 - MountPoints2\{5af3c3b8-39e6-11e0-8e83-001b3868dec3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
[2012/04/15 16:48:05 | 000,000,000 | ---D | M] -- C:\Users\pablo\AppData\Roaming\Smart PC Cleaner