Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cmitros.exe, Totrux, desktop.ini and other Malware


  • Please log in to reply
11 replies to this topic

#1 NicoForce

NicoForce

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:58 AM

Posted 18 January 2017 - 09:06 PM

I've recently noticed my computer is full of different malware.

 

I found cmitros.exe lying in my Roaming folder, Totrux in my firefox folders and recently, when I turn on my computer, a notepad called desktop appears with the following content:

 

"
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787
"

 

I've searched regarding these on the internet and how to deal with them but they are still bugging me. My usb has been infected as well.

I even tried looking for the registries but didn't find anything.

I have malwarebytes and Ccleaner installed but they don't seem to help.

 

I hope to receive some advice. Thanks in advance.



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:58 AM

Posted 18 January 2017 - 09:36 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 NicoForce

NicoForce
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:58 AM

Posted 19 January 2017 - 06:38 PM

Results of screen317's Security Check version 1.014 --- 12/23/15 

 Windows 7 Service Pack 1 x64 (UAC is enabled) 

 Internet Explorer 11 

``````````````Antivirus/Firewall Check:``````````````

Microsoft Security Essentials  

  (On Access scanning disabled!)

 Error obtaining update status for antivirus! 

`````````Anti-malware/Other Utilities Check:`````````

 Java 8 Update 111 

 Java version 32-bit out of Date!

 Adobe Flash Player 23.0.0.207 

 Mozilla Firefox (50.1.0)

 Google Chrome (55.0.2883.87)

 Google Chrome (SetupMetrics...)

````````Process Check: objlist.exe by Laurent```````` 

 Microsoft Security Essentials MSMpEng.exe

 Microsoft Security Essentials msseces.exe

`````````````````System Health check`````````````````

 Total Fragmentation on Drive C: 4%

````````````````````End of Log``````````````````````

Farbar Service Scanner Version: 27-01-2016

Ran by Nicco (administrator) on 19-01-2017 at 16:59:32

Running from "C:\Users\Nicco\Downloads"

Microsoft Windows 7 Ultimate  Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy:

==================

 

 

System Restore:

============

 

System Restore Policy:

========================

 

 

Action Center:

============

 

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy:

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

 

 

Windows Defender Disabled Policy:

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\SDRSVC.dll => File is digitally signed

C:\Windows\System32\vssvc.exe => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

C:\Windows\System32\ipnathlp.dll => File is digitally signed

C:\Windows\System32\iphlpsvc.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

 

 

**** End of log ****

MiniToolBox by Farbar  Version: 17-06-2016

Ran by Nicco (administrator) on 19-01-2017 at 17:01:33

Running from "C:\Users\Nicco\Downloads"

Microsoft Windows 7 Ultimate  Service Pack 1 (X64)

Model: VPCEK20AL Manufacturer: Sony Corporation

Boot Mode: Normal

***************************************************************************

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

 

========================= FF Proxy Settings: ==============================

 

========================= Hosts content: =================================

========================= IP Configuration: ================================

 

Qualcomm Atheros AR9285 Wireless Network Adapter = Conexión de red inalámbrica (Connected)

VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)

VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)

Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Conexión de área local (Media disconnected)

 

 

# ----------------------------------

# Configuraci¢n de IPv4

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled taskoffload=disabled

add route prefix=0.0.0.0/0 interface="Conexi¢n de  rea local* 8-AppEx Accelerator LWF-0000" nexthop=25.0.0.1 publish=S¡

set interface interface="Conexi¢n de  rea local* 8-AppEx Accelerator LWF-0000" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled

 

 

popd

# Fin de la configuraci¢n de IPv4

 

 

 

Configuraci¢n IP de Windows

 

   Nombre de host. . . . . . . . . : Nicco-PC

   Sufijo DNS principal  . . . . . :

   Tipo de nodo. . . . . . . . . . : h¡brido

   Enrutamiento IP habilitado. . . : no

   Proxy WINS habilitado . . . . . : no

 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

 

   Sufijo DNS espec¡fico para la conexi¢n. . :

   Descripci¢n . . . . . . . . . . . . . . . : Qualcomm Atheros AR9285 Wireless Network Adapter

   Direcci¢n f¡sica. . . . . . . . . . . . . : 64-27-37-B6-C7-55

   DHCP habilitado . . . . . . . . . . . . . : s¡

   Configuraci¢n autom tica habilitada . . . : s¡

   V¡nculo: direcci¢n IPv6 local. . . : fe80::a88f:76e1:ed3c:b931%12(Preferido)

   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.106(Preferido)

   M scara de subred . . . . . . . . . . . . : 255.255.255.0

   Concesi¢n obtenida. . . . . . . . . . . . : jueves, 19 de enero de 2017 02:58:41 p.m.

   La concesi¢n expira . . . . . . . . . . . : domingo, 22 de enero de 2017 02:58:41 p.m.

   Puerta de enlace predeterminada . . . . . : 192.168.1.1

   Servidor DHCP . . . . . . . . . . . . . . : 192.168.1.1

   IAID DHCPv6 . . . . . . . . . . . . . . . : 325330743

   DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-1C-5E-F6-18-78-84-3C-B8-19-BD

   Servidores DNS. . . . . . . . . . . . . . : 192.168.1.1

   NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

 

Adaptador de Ethernet Conexi¢n de  rea local:

 

   Estado de los medios. . . . . . . . . . . : medios desconectados

   Sufijo DNS espec¡fico para la conexi¢n. . :

   Descripci¢n . . . . . . . . . . . . . . . : Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)

   Direcci¢n f¡sica. . . . . . . . . . . . . : 78-84-3C-B8-19-BD

   DHCP habilitado . . . . . . . . . . . . . : s¡

   Configuraci¢n autom tica habilitada . . . : s¡

 

Adaptador de Ethernet VMware Network Adapter VMnet1:

 

   Sufijo DNS espec¡fico para la conexi¢n. . :

   Descripci¢n . . . . . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1

   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-50-56-C0-00-01

   DHCP habilitado . . . . . . . . . . . . . : s¡

   Configuraci¢n autom tica habilitada . . . : s¡

   V¡nculo: direcci¢n IPv6 local. . . : fe80::6d25:e139:fbbb:139c%19(Preferido)

   Direcci¢n IPv4 de configuraci¢n autom tica: 169.254.19.156(Preferido)

   M scara de subred . . . . . . . . . . . . : 255.255.0.0

   Puerta de enlace predeterminada . . . . . :

   IAID DHCPv6 . . . . . . . . . . . . . . . : 536891478

   DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-1C-5E-F6-18-78-84-3C-B8-19-BD

   Servidores DNS. . . . . . . . . . . . . . : fec0:0:0:ffff::1%1

                                       fec0:0:0:ffff::2%1

                                       fec0:0:0:ffff::3%1

   NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

 

Adaptador de Ethernet VMware Network Adapter VMnet8:

 

   Sufijo DNS espec¡fico para la conexi¢n. . :

   Descripci¢n . . . . . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8

   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-50-56-C0-00-08

   DHCP habilitado . . . . . . . . . . . . . : s¡

   Configuraci¢n autom tica habilitada . . . : s¡

   V¡nculo: direcci¢n IPv6 local. . . : fe80::ddd2:f5c8:a38d:bdf4%20(Preferido)

   Direcci¢n IPv4 de configuraci¢n autom tica: 169.254.189.244(Preferido)

   M scara de subred . . . . . . . . . . . . : 255.255.0.0

   Puerta de enlace predeterminada . . . . . :

   IAID DHCPv6 . . . . . . . . . . . . . . . : 570445910

   DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-1C-5E-F6-18-78-84-3C-B8-19-BD

   Servidores DNS. . . . . . . . . . . . . . : fec0:0:0:ffff::1%1

                                       fec0:0:0:ffff::2%1

                                       fec0:0:0:ffff::3%1

   NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

 

Adaptador de t£nel isatap.{3AAEF0BF-8EDE-4F65-806C-6D827CD266EF}:

 

   Estado de los medios. . . . . . . . . . . : medios desconectados

   Sufijo DNS espec¡fico para la conexi¢n. . :

   Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft

   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP habilitado . . . . . . . . . . . . . : no

   Configuraci¢n autom tica habilitada . . . : s¡

 

Adaptador de t£nel Conexi¢n de  rea local* 12:

 

   Estado de los medios. . . . . . . . . . . : medios desconectados

   Sufijo DNS espec¡fico para la conexi¢n. . :

   Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft #3

   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP habilitado . . . . . . . . . . . . . : no

   Configuraci¢n autom tica habilitada . . . : s¡

 

Adaptador de t£nel isatap.{34118141-5776-4989-BF0E-94C178B6A06A}:

 

   Estado de los medios. . . . . . . . . . . : medios desconectados

   Sufijo DNS espec¡fico para la conexi¢n. . :

   Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft #4

   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP habilitado . . . . . . . . . . . . . : no

   Configuraci¢n autom tica habilitada . . . : s¡

 

Adaptador de t£nel isatap.{22BF5684-DD33-405A-BC42-E9EE84D6DC1B}:

 

   Estado de los medios. . . . . . . . . . . : medios desconectados

   Sufijo DNS espec¡fico para la conexi¢n. . :

   Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft #5

   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP habilitado . . . . . . . . . . . . . : no

   Configuraci¢n autom tica habilitada . . . : s¡

Servidor:  UnKnown

Address:  192.168.1.1

 

Nombre:  google.com

Addresses:  2607:f8b0:4008:808::200e

                  216.58.219.78

 

 

Haciendo ping a google.com [216.58.219.78] con 32 bytes de datos:

Respuesta desde 216.58.219.78: bytes=32 tiempo=84ms TTL=250

Respuesta desde 216.58.219.78: bytes=32 tiempo=96ms TTL=250

 

Estad¡sticas de ping para 216.58.219.78:

    Paquetes: enviados = 2, recibidos = 2, perdidos = 0

    (0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

    M¡nimo = 84ms, M ximo = 96ms, Media = 90ms

Servidor:  UnKnown

Address:  192.168.1.1

 

Nombre:  yahoo.com

Addresses:  2001:4998:44:204::a7

                  2001:4998:58:c02::a9

                  2001:4998:c:a06::2:4008

                  98.138.253.109

                  206.190.36.45

                  98.139.183.24

 

 

Haciendo ping a yahoo.com [98.139.183.24] con 32 bytes de datos:

Respuesta desde 98.139.183.24: bytes=32 tiempo=119ms TTL=250

Respuesta desde 98.139.183.24: bytes=32 tiempo=119ms TTL=250

 

Estad¡sticas de ping para 98.139.183.24:

    Paquetes: enviados = 2, recibidos = 2, perdidos = 0

    (0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

    M¡nimo = 119ms, M ximo = 119ms, Media = 119ms

 

Haciendo ping a 127.0.0.1 con 32 bytes de datos:

Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128

Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128

 

Estad¡sticas de ping para 127.0.0.1:

    Paquetes: enviados = 2, recibidos = 2, perdidos = 0

    (0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

    M¡nimo = 0ms, M ximo = 0ms, Media = 0ms

===========================================================================

ILista de interfaces

 12...64 27 37 b6 c7 55 ......Qualcomm Atheros AR9285 Wireless Network Adapter

 11...78 84 3c b8 19 bd ......Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)

 19...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1

 20...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8

  1...........................Software Loopback Interface 1

 17...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft

 23...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft #3

 21...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft #4

 22...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft #5

===========================================================================

 

IPv4 Tabla de enrutamiento

===========================================================================

Rutas activas:

Destino de red        M scara de red   Puerta de enlace   Interfaz  M‚trica

          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.106     25

        127.0.0.0        255.0.0.0      En v¡nculo         127.0.0.1    306

        127.0.0.1  255.255.255.255      En v¡nculo         127.0.0.1    306

  127.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306

      169.254.0.0      255.255.0.0      En v¡nculo   169.254.189.244    276

      169.254.0.0      255.255.0.0      En v¡nculo    169.254.19.156    276

   169.254.19.156  255.255.255.255      En v¡nculo    169.254.19.156    276

  169.254.189.244  255.255.255.255      En v¡nculo   169.254.189.244    276

  169.254.255.255  255.255.255.255      En v¡nculo   169.254.189.244    276

  169.254.255.255  255.255.255.255      En v¡nculo    169.254.19.156    276

      192.168.1.0    255.255.255.0      En v¡nculo     192.168.1.106    281

    192.168.1.106  255.255.255.255      En v¡nculo     192.168.1.106    281

    192.168.1.255  255.255.255.255      En v¡nculo     192.168.1.106    281

        224.0.0.0        240.0.0.0      En v¡nculo         127.0.0.1    306

        224.0.0.0        240.0.0.0      En v¡nculo    169.254.19.156    276

        224.0.0.0        240.0.0.0      En v¡nculo   169.254.189.244    276

        224.0.0.0        240.0.0.0      En v¡nculo     192.168.1.106    281

  255.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306

  255.255.255.255  255.255.255.255      En v¡nculo    169.254.19.156    276

  255.255.255.255  255.255.255.255      En v¡nculo   169.254.189.244    276

  255.255.255.255  255.255.255.255      En v¡nculo     192.168.1.106    281

===========================================================================

Rutas persistentes:

  Direcci¢n de red  M scara de red  Direcci¢n de puerta de enlace  M‚trica

          0.0.0.0          0.0.0.0         25.0.0.1  Predeterminada

===========================================================================

 

IPv6 Tabla de enrutamiento

===========================================================================

Rutas activas:

 Cuando destino de red m‚trica      Puerta de enlace

  1    306 ::1/128                  En v¡nculo

 19    276 fe80::/64                En v¡nculo

 20    276 fe80::/64                En v¡nculo

 12    281 fe80::/64                En v¡nculo

 19    276 fe80::6d25:e139:fbbb:139c/128

                                    En v¡nculo

 12    281 fe80::a88f:76e1:ed3c:b931/128

                                    En v¡nculo

 20    276 fe80::ddd2:f5c8:a38d:bdf4/128

                                    En v¡nculo

  1    306 ff00::/8                 En v¡nculo

 19    276 ff00::/8                 En v¡nculo

 20    276 ff00::/8                 En v¡nculo

 12    281 ff00::/8                 En v¡nculo

===========================================================================

Rutas persistentes:

 Cuando destino de red m‚trica      Puerta de enlace

  0 4294967295 2620:9b::/96             En v¡nculo

  0   9000 ::/0                     2620:9b::1900:1

===========================================================================

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 11 C:\Windows\SysWOW64\vsocklib.dll [65008] (VMware, Inc.)

Catalog9 12 C:\Windows\SysWOW64\vsocklib.dll [65008] (VMware, Inc.)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\vsocklib.dll [69104] (VMware, Inc.)

x64-Catalog9 12 C:\Windows\System32\vsocklib.dll [69104] (VMware, Inc.)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (01/19/2017 03:01:38 PM) (Source: MsiInstaller) (User: Nicco-PC)

Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\Nicco\AppData\Local\Akamai\rswinui.exe.  Error del sistema 0. Compruebe que dispone de acceso a ese directorio.

 

Error: (01/19/2017 03:01:11 PM) (Source: MsiInstaller) (User: Nicco-PC)

Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\Nicco\AppData\Local\Akamai\rswinui.exe.  Error del sistema 0. Compruebe que dispone de acceso a ese directorio.

 

Error: (01/19/2017 03:00:09 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (01/19/2017 02:58:55 PM) (Source: Application Error) (User: )

Description: Nombre de la aplicación con errores: Connect.Service.ContentService.exe, versión: 3.1.3.0, marca de tiempo: 0x50ca58a4

Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.18869, marca de tiempo: 0x556363bc

Código de excepción: 0xe0434352

Desplazamiento de errores: 0x0000c42d

Id. del proceso con errores: 0x700

Hora de inicio de la aplicación con errores: 0xConnect.Service.ContentService.exe0

Ruta de acceso de la aplicación con errores: Connect.Service.ContentService.exe1

Ruta de acceso del módulo con errores: Connect.Service.ContentService.exe2

Id. del informe: Connect.Service.ContentService.exe3

 

Error: (01/19/2017 02:58:52 PM) (Source: .NET Runtime) (User: )

Description: Aplicación: Connect.Service.ContentService.exe

Versión de Framework: v4.0.30319

Descripción: el proceso terminó debido a una excepción no controlada.

Información de la excepción: System.Data.SqlServerCe.SqlCeException

Pila:

   en System.Data.SqlServerCe.SqlCeConnection.ProcessResults(Int32)

   en System.Data.SqlServerCe.SqlCeConnection.Open(Boolean)

   en System.Data.SqlServerCe.SqlCeConnection.Open()

   en Connect.MetaStore.TransactionContext..ctor(Boolean, Connect.MetaStore.Database)

   en Connect.Scheduler.JobStore.GetNextFutureJob()

   en Connect.Scheduler.JobWorker.DoWork()

   en System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

   en System.Threading.ThreadHelper.ThreadStart()

 

Error: (01/19/2017 02:58:51 PM) (Source: Autodesk Content Service) (User: )

Description: UNHANDLED EXCEPTION.  Process is terminating: True.

 EXCEPTION: Otro usuario ya ha abierto la base de datos. [ Db name = \\?\C:\ProgramData\Autodesk\Content Service\Server\ContentServiceDB\Connect.MetaStore.sdf ]

 

Error: (01/19/2017 06:07:00 AM) (Source: MsiInstaller) (User: Nicco-PC)

Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\Nicco\AppData\Local\Akamai\rswinui.exe.  Error del sistema 0. Compruebe que dispone de acceso a ese directorio.

 

Error: (01/19/2017 06:06:22 AM) (Source: MsiInstaller) (User: Nicco-PC)

Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\Nicco\AppData\Local\Akamai\rswinui.exe.  Error del sistema 0. Compruebe que dispone de acceso a ese directorio.

 

Error: (01/19/2017 05:57:41 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (01/18/2017 11:50:11 PM) (Source: MsiInstaller) (User: Nicco-PC)

Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\Nicco\AppData\Local\Akamai\rswinui.exe.  Error del sistema 0. Compruebe que dispone de acceso a ese directorio.

 

 

System errors:

=============

Error: (01/19/2017 03:00:17 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: específico de la aplicaciónLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (con LRPC)

 

Error: (01/19/2017 02:59:45 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: específico de la aplicaciónLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSERVICIO LOCALS-1-5-19LocalHost (con LRPC)

 

Error: (01/19/2017 02:59:41 PM) (Source: Service Control Manager) (User: )

Description: El servicio Autodesk Content Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

 

Error: (01/19/2017 02:58:34 PM) (Source: BTHUSB) (User: )

Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

 

Error: (01/19/2017 05:57:24 AM) (Source: DCOM) (User: NT AUTHORITY)

Description: específico de la aplicaciónLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSERVICIO LOCALS-1-5-19LocalHost (con LRPC)

 

Error: (01/19/2017 05:56:14 AM) (Source: BTHUSB) (User: )

Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

 

Error: (01/18/2017 08:50:39 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: específico de la aplicaciónLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (con LRPC)

 

Error: (01/18/2017 08:50:22 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: específico de la aplicaciónLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSERVICIO LOCALS-1-5-19LocalHost (con LRPC)

 

Error: (01/18/2017 08:15:52 PM) (Source: Service Control Manager) (User: )

Description: El servicio Enumerador de bus IP PnP-X depende del servicio Host de proveedor de detección de función, el cual no pudo iniciarse debido al siguiente error:

%%1068 = No se puede iniciar el servicio o grupo de dependencia.

 

 

Error: (01/18/2017 08:14:20 PM) (Source: DCOM) (User: )

Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

 

Microsoft Office Sessions:

=========================

Error: (01/19/2017 03:01:38 PM) (Source: MsiInstaller)(User: Nicco-PC)

Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\Nicco\AppData\Local\Akamai\rswinui.exe.  Error del sistema 0. Compruebe que dispone de acceso a ese directorio.(NULL)(NULL)(NULL)(NULL)(NULL)

 

Error: (01/19/2017 03:01:11 PM) (Source: MsiInstaller)(User: Nicco-PC)

Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\Nicco\AppData\Local\Akamai\rswinui.exe.  Error del sistema 0. Compruebe que dispone de acceso a ese directorio.(NULL)(NULL)(NULL)(NULL)(NULL)

 

Error: (01/19/2017 03:00:09 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (01/19/2017 02:58:55 PM) (Source: Application Error)(User: )

Description: Connect.Service.ContentService.exe3.1.3.050ca58a4KERNELBASE.dll6.1.7601.18869556363bce04343520000c42d70001d2728e6f308128C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exeC:\Windows\syswow64\KERNELBASE.dllb4f2b50e-de81-11e6-aa99-005056c00008

 

Error: (01/19/2017 02:58:52 PM) (Source: .NET Runtime)(User: )

Description: Aplicación: Connect.Service.ContentService.exe

Versión de Framework: v4.0.30319

Descripción: el proceso terminó debido a una excepción no controlada.

Información de la excepción: System.Data.SqlServerCe.SqlCeException

Pila:

   en System.Data.SqlServerCe.SqlCeConnection.ProcessResults(Int32)

   en System.Data.SqlServerCe.SqlCeConnection.Open(Boolean)

   en System.Data.SqlServerCe.SqlCeConnection.Open()

   en Connect.MetaStore.TransactionContext..ctor(Boolean, Connect.MetaStore.Database)

   en Connect.Scheduler.JobStore.GetNextFutureJob()

   en Connect.Scheduler.JobWorker.DoWork()

   en System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

   en System.Threading.ThreadHelper.ThreadStart()

 

Error: (01/19/2017 02:58:51 PM) (Source: Autodesk Content Service)(User: )

Description: UNHANDLED EXCEPTION.  Process is terminating: True.

 EXCEPTION: Otro usuario ya ha abierto la base de datos. [ Db name = \\?\C:\ProgramData\Autodesk\Content Service\Server\ContentServiceDB\Connect.MetaStore.sdf ]

 

Error: (01/19/2017 06:07:00 AM) (Source: MsiInstaller)(User: Nicco-PC)

Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\Nicco\AppData\Local\Akamai\rswinui.exe.  Error del sistema 0. Compruebe que dispone de acceso a ese directorio.(NULL)(NULL)(NULL)(NULL)(NULL)

 

Error: (01/19/2017 06:06:22 AM) (Source: MsiInstaller)(User: Nicco-PC)

Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\Nicco\AppData\Local\Akamai\rswinui.exe.  Error del sistema 0. Compruebe que dispone de acceso a ese directorio.(NULL)(NULL)(NULL)(NULL)(NULL)

 

Error: (01/19/2017 05:57:41 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (01/18/2017 11:50:11 PM) (Source: MsiInstaller)(User: Nicco-PC)

Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\Nicco\AppData\Local\Akamai\rswinui.exe.  Error del sistema 0. Compruebe que dispone de acceso a ese directorio.(NULL)(NULL)(NULL)(NULL)(NULL)

 

 

=========================== Installed Programs ============================

 

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated)

Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)

AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)

Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)

Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)

Altitude (HKLM\...\Steam App 41300) (Version:  - Nimbly Games)

AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)

Apple Application Support (32 bits) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)

Apple Application Support (64 bits) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)

Arduino (HKLM-x32\...\Arduino) (Version: 1.6.12 - Arduino LLC)

AutoCAD 2014 - Español (Spanish) (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden

AutoCAD 2014 - Español (Spanish) (HKLM\...\{5783F2D7-D001-040A-2102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden

AutoCAD 2014  Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-D001-040A-1102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden

Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)

Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)

Autodesk AutoCAD 2014 - Español (Spanish) (HKLM\...\AutoCAD 2014 - Español (Spanish)) (Version: 19.1.18.0 - Autodesk)

Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk)

Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden

Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)

Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden

Autodesk Design Review 2013 (HKLM-x32\...\{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}) (Version: 13.0.0.82 - Autodesk, Inc.) Hidden

Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)

Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk)

Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)

Autodesk Inventor Professional 2016 - English (HKLM\...\Autodesk Inventor Professional 2016) (Version: 20.0.13800.0000 - Autodesk)

Autodesk Inventor Professional 2016 (HKLM\...\{7F4DD591-2064-0001-0000-7107D70F3DB4}) (Version: 20.0.13800.0000 - Autodesk) Hidden

Autodesk Inventor Professional 2016 English Language Pack (HKLM\...\{7F4DD591-2064-0001-1033-7107D70F3DB4}) (Version: 20.0.13800.0000 - Autodesk) Hidden

Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)

Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)

Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)

Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)

Autodesk Material Library Low Resolution Image Library 2016 (HKLM-x32\...\{FA5DF4D1-CD59-4183-B3D4-779A56498786}) (Version: 6.3.0.15 - Autodesk)

Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.11.0 - Autodesk)

Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden

Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)

Autodesk ReCap Language Pack-English (HKLM\...\{31ABA3F2-0010-1033-0102-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden

Autodesk Revit Interoperability for Inventor 2016 (HKLM\...\{0BB716E0-1600-0210-0000-097DC2F354DF}) (Version: 16.0.421.0 - Autodesk) Hidden

Autodesk Revit Interoperability for Inventor 2016 (HKLM\...\Autodesk Revit Interoperability for Inventor 2016) (Version: 16.0.421.0 - Autodesk)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Block'hood (HKLM\...\Steam App 416210) (Version:  - Plethora-Project LLC)

Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)

CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)

Cisco Packet Tracer 6.2 Student (HKLM-x32\...\Cisco Packet Tracer 6.2 Student_is1) (Version:  - Cisco Systems, Inc.)

CodeBlocks (HKCU\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)

CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

Crystal Reports for Visual Studio (HKLM-x32\...\{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}) (Version: 12.51.0.240 - SAP) Hidden

DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)

Darkest Dungeon (HKLM\...\Steam App 262060) (Version:  - Red Hook Studios)

Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )

Don't Starve (HKLM\...\Steam App 219740) (Version:  - Klei Entertainment)

Don't Starve Together (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)

Dotfuscator Software Services - Community Edition - ESN (HKLM-x32\...\{8C2F1F30-8F72-4A0E-A1D0-E9AED20BBAC2}) (Version: 5.0.2300.0 - PreEmptive Solutions)

Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)

Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)

Duelyst (HKLM\...\Steam App 291410) (Version:  - Counterplay Games Inc.)

DWG TrueView 2016 - English (HKLM\...\{5783F2D7-F028-0409-0100-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden

Eco Materials Adviser for Autodesk Inventor 2016 (64-bit) (HKLM\...\{1A56BE00-916E-432D-A576-EB00D2FF8450}) (Version: 5.6.4.44 - Granta Design Limited)

Enter the Gungeon (HKLM\...\Steam App 311690) (Version:  - Dodge Roll)

FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)

FARO LS 1.1.501.0 (HKLM-x32\...\{8F196892-666A-4A40-8587-6AE38F78A5C2}) (Version: 5.1.0.30630 - FARO Scanner Production)

FileZilla Client 3.16.0 (HKLM-x32\...\FileZilla Client) (Version: 3.16.0 - Tim Kosse)

FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version:  - Subset Games)

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden

Governor of Poker 3 (HKLM-x32\...\Steam App 436150) (Version:  - OrangeGames)

Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)

Half-Life: Source (HKLM-x32\...\Steam App 280) (Version:  - Valve)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

HiAlgo BOOST 5.0 (HKCU\...\HiAlgoBOOST) (Version: 5.0 - HiAlgo Inc.)

HP Deskjet 3540 series Software básico del dispositivo (HKLM\...\{37F7BADF-64F5-4A21-84EC-28E85BC2241B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)

Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation)

Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)

Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)

Marco trabajo apl. capa datos de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{B65527FD-47DD-4A07-9E07-64DA91B0A34A}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft ASP.NET MVC 2 - ESN (HKLM-x32\...\{B0DF0057-EF87-471D-A80A-DC1F0463BA19}) (Version: 2.0.50331.0 - Microsoft Corporation)

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - ESN (HKLM-x32\...\{4F19E81D-168E-4E0B-A4B7-AA246FBE3FBB}) (Version: 2.0.50414.0 - Microsoft Corporation)

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)

Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)

Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)

Microsoft Silverlight 3 SDK - Español (HKLM-x32\...\{8D8C5BD0-7FC7-4680-B527-218F63920E03}) (Version: 3.0.40818.0 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{F188B6ED-4537-4CAC-A4DE-3BD30E6114C6}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{7419AE1A-D1A5-4B24-BD78-C7ABCC26016F}) (Version: 10.52.4000.0 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{6C239446-F196-44DC-9148-8D912895D097}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)

Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{2A78694E-ACFE-4D5A-9B0F-C0EBEFA3F280}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 ESN (HKLM\...\{24965A31-311D-462D-BAA8-B482ABA115D8}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{46878B08-238C-4F28-9194-9D8604A7F52E}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (x64) (HKLM\...\{CD9B2BA6-F699-4700-81B9-CD28C0BC693C}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)

Microsoft Sync Framework Runtime v1.0 SP1 (x64) es (HKLM\...\{2D6232BE-CDB4-4EE7-AFCB-1541E12041E9}) (Version: 1.0.3010.0 - Microsoft Corporation)

Microsoft Sync Framework SDK v1.0 SP1 es (HKLM-x32\...\{EF948EA2-FA97-4312-BA36-88D76048CCE8}) (Version: 1.0.3010.0 - Microsoft Corporation)

Microsoft Sync Framework Services v1.0 SP1 (x64) es (HKLM\...\{C69733F2-4140-440F-938E-2D47C6CB1C70}) (Version: 1.0.3010.0 - Microsoft Corporation)

Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) es (HKLM\...\{1C3998E1-8501-455C-B829-5031520EBC94}) (Version: 2.0.3010.0 - Microsoft Corporation)

Microsoft Visio Premium 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{61B42D05-EBFA-3896-A267-B71CD3025BC5}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{5c75eda4-d029-43bf-a70b-a73d380f52ee}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)

Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{817C2DCF-4DD7-3C32-8A8E-7CEFF137E543}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{0FD01537-C14D-30DE-9B6F-9FCA85E9EA9C}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio 2010 Ultimate - ESN (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ESN) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio Macro Tools - ESN Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - ESN Language Pack) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Modelo de objetos de Microsoft Team Foundation Server 2010 - ESN (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ESN) (Version: 10.0.30319 - Microsoft Corporation)

Moonbase Alpha (HKLM\...\Steam App 39000) (Version:  - Virtual Heroes)

Mozilla Firefox 50.1.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 es-ES)) (Version: 50.1.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)

MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)

NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)

Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team)

NVIDIA PhysX v8.10.29 (HKLM-x32\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)

Objetos de administración de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{6438BDAD-CE12-4D38-B1C4-42F94F08408F}) (Version: 10.50.1447.4 - Microsoft Corporation)

Objetos de administración de Microsoft SQL Server 2008 R2 (x64) (HKLM\...\{2040D407-91F5-48F3-9A81-B084573D0577}) (Version: 10.50.1447.4 - Microsoft Corporation)

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Oracle Database 11g Express Edition (HKLM\...\{05A7B662-80A3-4EB9-AE1D-89A62449431C}) (Version: 11.2.0 - Oracle Corporation) Hidden

Oracle Database 11g Express Edition (HKLM-x32\...\InstallShield_{05A7B662-80A3-4EB9-AE1D-89A62449431C}) (Version: 11.2.0 - Oracle Corporation)

osu! (HKLM-x32\...\{5354234b-b600-410a-80a0-de66120662f8}) (Version: latest - ppy Pty Ltd)

Paquete de idioma de Microsoft .NET Framework 4.5 ESN (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50709 - Microsoft Corporation)

Paquete de idioma de Microsoft Visual F# 2.0 Runtime - ESN (HKLM-x32\...\{7CCA8BD3-005C-3195-806B-501E6D3D242B}) (Version: 10.0.30319 - Microsoft Corporation)

Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)

Paquete de idioma del Visor de Ayuda de Microsoft 3.0 - ESN (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - ESN) (Version: 1.0.30319 - Microsoft Corporation)

PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)

Plague Inc: Evolved (HKLM\...\Steam App 246620) (Version:  - Ndemic Creations)

Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.80 - Realtek Semiconductor Corp.)

Relic Hunters Zero (HKLM\...\Steam App 382490) (Version:  - Rogue Snail)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0015-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{97AADA87-2EF3-4145-A3DE-302D1C565850}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0016-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{97AADA87-2EF3-4145-A3DE-302D1C565850}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0018-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{97AADA87-2EF3-4145-A3DE-302D1C565850}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0019-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{97AADA87-2EF3-4145-A3DE-302D1C565850}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001A-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{97AADA87-2EF3-4145-A3DE-302D1C565850}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{97AADA87-2EF3-4145-A3DE-302D1C565850}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0403-1000-0000000FF1CE}_Office14.PRJPRO_{D55FFFDD-FB59-40BC-958A-43EC119F7119}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0403-1000-0000000FF1CE}_Office14.PROPLUS_{D55FFFDD-FB59-40BC-958A-43EC119F7119}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0403-1000-0000000FF1CE}_Office14.VISIO_{D55FFFDD-FB59-40BC-958A-43EC119F7119}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PRJPRO_{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.VISIO_{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PRJPRO_{77A8B979-11B0-4774-8003-574EE8A4BC22}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{77A8B979-11B0-4774-8003-574EE8A4BC22}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.VISIO_{77A8B979-11B0-4774-8003-574EE8A4BC22}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0416-1000-0000000FF1CE}_Office14.PRJPRO_{3FE5480B-28E8-44EF-BC2C-BEDC366EBF31}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0416-1000-0000000FF1CE}_Office14.PROPLUS_{3FE5480B-28E8-44EF-BC2C-BEDC366EBF31}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0416-1000-0000000FF1CE}_Office14.VISIO_{3FE5480B-28E8-44EF-BC2C-BEDC366EBF31}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-042D-1000-0000000FF1CE}_Office14.PRJPRO_{5EAC5C0E-E8CB-44A2-9361-F6E67D092247}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-042D-1000-0000000FF1CE}_Office14.PROPLUS_{5EAC5C0E-E8CB-44A2-9361-F6E67D092247}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-042D-1000-0000000FF1CE}_Office14.VISIO_{5EAC5C0E-E8CB-44A2-9361-F6E67D092247}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0456-1000-0000000FF1CE}_Office14.PRJPRO_{5A9F07E2-E66E-44DD-AC71-CC3FF764B9A8}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0456-1000-0000000FF1CE}_Office14.PROPLUS_{5A9F07E2-E66E-44DD-AC71-CC3FF764B9A8}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0456-1000-0000000FF1CE}_Office14.VISIO_{5A9F07E2-E66E-44DD-AC71-CC3FF764B9A8}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PRJPRO_{05916788-991E-417B-A8F3-77F90A2B8271}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{05916788-991E-417B-A8F3-77F90A2B8271}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.VISIO_{05916788-991E-417B-A8F3-77F90A2B8271}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-002C-0C0A-1000-0000000FF1CE}_Office14.PRJPRO_{369FB297-0E3B-4971-AADE-C2C9E7EF6DDE}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-002C-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{369FB297-0E3B-4971-AADE-C2C9E7EF6DDE}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-002C-0C0A-1000-0000000FF1CE}_Office14.VISIO_{369FB297-0E3B-4971-AADE-C2C9E7EF6DDE}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPRO_{DC528101-617D-4E9F-B131-F8F8C52E649B}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PRJPRO_{F3FAAB68-7697-4B1F-A23A-72312565AEAB}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F3FAAB68-7697-4B1F-A23A-72312565AEAB}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIO_{F3FAAB68-7697-4B1F-A23A-72312565AEAB}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0C0A-1000-0000000FF1CE}_Office14.PRJPRO_{FFC3A661-25B3-4D5F-B4F6-B7B1D5F60787}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{FFC3A661-25B3-4D5F-B4F6-B7B1D5F60787}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0C0A-1000-0000000FF1CE}_Office14.VISIO_{FFC3A661-25B3-4D5F-B4F6-B7B1D5F60787}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0044-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{97AADA87-2EF3-4145-A3DE-302D1C565850}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0054-0C0A-1000-0000000FF1CE}_Office14.VISIO_{7538A5E7-5E76-4AEB-B3B9-D547AC472A29}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{3C578F10-F74F-4655-B2A6-9F88A6C415E8}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-006E-0C0A-1000-0000000FF1CE}_Office14.PRJPRO_{602B1FD7-5E66-40B3-9A70-D193D358C7FD}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-006E-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{602B1FD7-5E66-40B3-9A70-D193D358C7FD}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-006E-0C0A-1000-0000000FF1CE}_Office14.VISIO_{602B1FD7-5E66-40B3-9A70-D193D358C7FD}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00A1-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{97AADA87-2EF3-4145-A3DE-302D1C565850}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00B4-0C0A-1000-0000000FF1CE}_Office14.PRJPRO_{B65184FD-4CD0-4761-B259-FD7A46ECBB8A}) (Version:  - Microsoft) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00BA-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{97AADA87-2EF3-4145-A3DE-302D1C565850}) (Version:  - Microsoft) Hidden

Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)

Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - Firaxis Games)

Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)

SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)

Skype Meetings App (HKLM-x32\...\{69A802E3-8264-43D0-B160-6D25CD7AFB1A}) (Version: 16.2.0.96 - Microsoft Corporation)

Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)

SQL Server 2008 R2 Management Studio (HKLM-x32\...\{020617D7-2F72-4D02-BF59-A5CBC1761177}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden

SQL Server 2008 R2 Management Studio (HKLM-x32\...\{121475F5-2598-4574-8801-8F6B3D6A99BB}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden

SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden

SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden

SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden

SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden

SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden

SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden

Sql Server Customer Experience Improvement Program (HKLM-x32\...\{93998800-1608-403F-9A51-420A77D23C25}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)

Sven Co-op (HKLM-x32\...\Steam App 225840) (Version:  - Sven Co-op Team)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)

System Shock 2 (HKLM-x32\...\GOGPACKSSHOCK2_is1) (Version: 2.0.0.9 - GOG.com)

Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)

The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )

The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)

Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)

UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version:  - )

Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.6.3f1 - Unity Technologies ApS)

Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual Studio 2010 Prerequisites - English (HKLM\...\{95480F46-25D7-31D1-ACD2-D8722B133A0C}) (Version: 10.0.30319 - Microsoft Corporation)

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{CF72A524-84BD-4AB7-B3C6-2C358672CD15}) (Version: 4.0.8080.0 - Microsoft Corporation)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

VMware Workstation (HKLM\...\{5FCB317B-2ABC-4AB1-871D-1675492F9A68}) (Version: 12.5.0 - VMware, Inc.)

Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)

WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

WinZip (HKLM-x32\...\WinZip) (Version:  8.1 SR-1  (5266) - WinZip Computing, Inc.)

X-Mouse Button Control 2.14 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.14 - Highresolution Enterprises)

 

========================= Devices: ================================

 

Name: Teredo Tunneling Pseudo-Interface

Description: Adaptador de tunelización Teredo de Microsoft

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Device ID: ROOT\*TEREDO\0000

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 51%

Total physical RAM: 3690.9 MB

Available physical RAM: 1779.93 MB

Total Virtual: 7380.01 MB

Available Virtual: 5295.86 MB

 

========================= Partitions: =====================================

 

1 Drive c: () (Fixed) (Total:455.56 GB) (Free:219.44 GB) NTFS

4 Drive f: (NICOLAS) (Removable) (Total:14.45 GB) (Free:14.36 GB) NTFS

 

========================= Users: ========================================

 

Cuentas de usuario de \\NICCO-PC

 

Administrador            Invitado                 Nicco                   

Se ha completado el comando correctamente.

 

========================= Restore Points ==================================

 

19-01-2017 20:09:55 Windows Update

 

**** End of log ****

Malwarebytes

www.malwarebytes.com

 

-Detalles del registro-

Fecha del análisis: 19/1/17

Hora del análisis: 17:10

Archivo de registro: asd.txt

Administrador: Sí

 

-Información del software-

Versión: 3.0.5.1299

Versión de los componentes: 1.0.43

Versión del paquete de actualización: 1.0.1059

Licencia: Caducado

 

-Información del sistema-

SO: Windows 7 Service Pack 1

CPU: x64

Sistema de archivos: NTFS

Usuario: Nicco-PC\Nicco

 

-Resumen del análisis-

Tipo de análisis: Análisis de amenazas

Resultado: Completado

Objetos analizados: 414491

Tiempo transcurrido: 14 min, 34 seg

 

-Opciones de análisis-

Memoria: Activado

Inicio: Activado

Sistema de archivos: Activado

Archivo: Activado

Rootkits: Desactivado

Heurística: Activado

PUP: Activado

PUM: Activado

 

-Detalles del análisis-

Proceso: 0

(No hay elementos maliciosos detectados)

 

Módulo: 0

(No hay elementos maliciosos detectados)

 

Clave del registro: 0

(No hay elementos maliciosos detectados)

 

Valor del registro: 0

(No hay elementos maliciosos detectados)

 

Secuencia de datos: 0

(No hay elementos maliciosos detectados)

 

Carpeta: 0

(No hay elementos maliciosos detectados)

 

Archivo: 0

(No hay elementos maliciosos detectados)

 

Sector físico: 0

(No hay elementos maliciosos detectados)

 

 

(end)

Malwarebytes Anti-Rootkit BETA 1.9.3.1001

www.malwarebytes.org

 

Database version:

  main:    v2017.01.19.07

  rootkit: v2016.11.20.01

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.17691

Nicco :: NICCO-PC [administrator]

 

19/01/2017 05:33:11 p.m.

mbar-log-2017-01-19 (17-33-11).txt

 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled:

Objects scanned: 348902

Time elapsed: 44 minute(s), 24 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

Physical Sectors Detected: 0

(No malicious items detected)

 

(end)

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.09.3.1001

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

 

Account is Administrative

 

Internet Explorer version: 11.0.9600.17691

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 1.645000 GHz

Memory total: 3870191616, free: 2142597120

 

Downloaded database version: v2017.01.19.07

Downloaded database version: v2016.11.20.01

Downloaded database version: v2016.12.16.01

=======================================

Initializing...

------------ Kernel report ------------

     01/19/2017 17:32:41

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_AuthenticAMD.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\system32\DRIVERS\iusb3hcs.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\compbatt.sys

\SystemRoot\system32\DRIVERS\BATTC.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\DRIVERS\vmci.sys

\SystemRoot\system32\DRIVERS\vsock.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\msahci.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\system32\DRIVERS\amd_sata.sys

\SystemRoot\system32\DRIVERS\storport.sys

\SystemRoot\system32\DRIVERS\amd_xata.sys

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\system32\DRIVERS\MpFilter.sys

\SystemRoot\system32\drivers\CLASSPNP.SYS

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\vmstorfl.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\drivers\disk.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\system32\DRIVERS\vmkbd.sys

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\XQHDrv.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\system32\drivers\csc.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\amdppm.sys

\SystemRoot\system32\DRIVERS\atikmpag.sys

\SystemRoot\system32\DRIVERS\atikmdag.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\system32\DRIVERS\L1C62x64.sys

\SystemRoot\system32\DRIVERS\RtsPStor.sys

\SystemRoot\system32\DRIVERS\athrx.sys

\SystemRoot\system32\DRIVERS\vwifibus.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\drivers\kbdclass.sys

\SystemRoot\system32\DRIVERS\SynTP.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\SFEP.sys

\SystemRoot\system32\DRIVERS\wmiacpi.sys

\SystemRoot\system32\DRIVERS\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\rdpbus.sys

\SystemRoot\system32\DRIVERS\serscan.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\dtlitescsibus.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\btath_bus.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\vmnetadapter.sys

\SystemRoot\system32\DRIVERS\VMNET.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\AtihdW76.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\CHDRT64.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_diskdump.sys

\SystemRoot\System32\Drivers\dump_amd_sata.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\System32\Drivers\usbvideo.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\SystemRoot\system32\DRIVERS\vmnetbridge.sys

\SystemRoot\system32\DRIVERS\appexDrv.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\DRIVERS\vmx86.sys

\SystemRoot\system32\DRIVERS\hcmon.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\SysWOW64\drivers\vstor2-mntapi20-shared.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\WUDFRd.sys

\SystemRoot\system32\DRIVERS\asyncmac.sys

\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\sechost.dll

\Windows\System32\lpk.dll

\Windows\System32\gdi32.dll

\Windows\System32\imagehlp.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\Wldap32.dll

\Windows\System32\nsi.dll

\Windows\System32\setupapi.dll

\Windows\System32\urlmon.dll

\Windows\System32\usp10.dll

\Windows\System32\shell32.dll

\Windows\System32\ws2_32.dll

\Windows\System32\difxapi.dll

\Windows\System32\iertutil.dll

\Windows\System32\kernel32.dll

\Windows\System32\msctf.dll

\Windows\System32\user32.dll

\Windows\System32\ole32.dll

\Windows\System32\comdlg32.dll

\Windows\System32\psapi.dll

\Windows\System32\normaliz.dll

\Windows\System32\shlwapi.dll

\Windows\System32\msvcrt.dll

\Windows\System32\wininet.dll

\Windows\System32\imm32.dll

\Windows\System32\advapi32.dll

\Windows\System32\oleaut32.dll

\Windows\System32\clbcatq.dll

\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

\Windows\System32\KernelBase.dll

\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

\Windows\System32\comctl32.dll

\Windows\System32\wintrust.dll

\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

\Windows\System32\devobj.dll

\Windows\System32\userenv.dll

\Windows\System32\crypt32.dll

\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

\Windows\System32\msasn1.dll

\Windows\System32\profapi.dll

\Windows\SysWOW64\normaliz.dll

----------- End -----------

Done!

 

Scan started

Database versions:

  main:    v2017.01.19.07

  rootkit: v2016.11.20.01

 

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

Done!

Drive 0

This is a System drive

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 423B1F7F

 

Partition information:

 

    Partition 0 type is Other (0x27)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 2048  Numsec = 21188608

    Partition is bootable

    Partition file system is NTFS

 

    Partition 1 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 21190656  Numsec = 204800

    Partition is bootable

    Partition file system is NTFS

 

    Partition 2 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 21395456  Numsec = 955375616

    Partition is not bootable

    Partition file system is NTFS

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

Disk Size: 500107862016 bytes

Sector size: 512 bytes

 

Done!

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xfffffa800531c790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8005204040, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800531c790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800531c060, DeviceName: \Device\0000008e\, DriverName: \Driver\USBSTOR\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: CAD4EBEA

 

Partition information:

 

    Partition 0 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

    Partition 3 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 256  Numsec = 30301952

    Partition is not bootable

    Partition file system is NTFS

 

Disk Size: 15514730496 bytes

Sector size: 512 bytes

 

Done!

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.7C" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A04A4540679B5204C78E991CD8E7870BE8754B41.bin.83" is compressed (flags = 1)

Scan finished

=======================================

 

 

Removal queue found; removal started

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-21190656-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-2-21395456-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-3-256-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...

Removal finished

Rkill 2.8.4 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2017 BleepingComputer.com

More Information about Rkill can be found at this link:

 http://www.bleepingcomputer.com/forums/topic308364.html

 

Program started at: 01/19/2017 06:31:47 PM in x64 mode.

Windows Version: Windows 7 Ultimate Service Pack 1

 

Checking for Windows services to stop:

 

 * No malware services found to stop.

 

Checking for processes to terminate:

 

 * No malware processes found to kill.

 

Checking Registry for malware related settings:

 

 * No issues found in the Registry.

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaneous checks:

 

 * No issues found.

 

Checking Windows Service Integrity:

 

 * No issues found.

 

Searching for Missing Digital Signatures:

 

 * No issues found.

 

Checking HOSTS File:

 

 * No issues found.

 

Program finished at: 01/19/2017 06:34:54 PM

Execution time: 0 hours(s), 3 minute(s), and 7 seconds(s)



#4 NicoForce

NicoForce
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:58 AM

Posted 19 January 2017 - 06:41 PM

I'm sorry, some spanish content may be hard to read. I didn't expect the logs to give the information in my native language.



#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:58 AM

Posted 19 January 2017 - 09:04 PM

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 NicoForce

NicoForce
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:58 AM

Posted 20 January 2017 - 03:32 PM

# AdwCleaner v6.042 - Archivo de registro creado 19/01/2017 en 23:16:12

# Actualizado en 06/01/2017 por Malwarebytes

# Base de datos : 2017-01-18.1 [Servidor]

# Sistema Operativo : Windows 7 Ultimate Service Pack 1 (X64)

# Nombre de usuario : Nicco - NICCO-PC

# Ejecutado desde : C:\Users\Nicco\Downloads\AdwCleaner.exe

# Modo: Limpiar

# Soporte : https://www.malwarebytes.com/support

 

 

 

***** [ Servicios ] *****

 

 

 

***** [ Carpetas ] *****

 

[-] Carpeta eliminada: C:\Users\Nicco\AppData\Roaming\DownloadManager

[-] Carpeta eliminada: C:\ProgramData\My Web Shield

[-] Carpeta eliminada: C:\ProgramData\Thunder Network

[#] Carpeta eliminada al reiniciar: C:\ProgramData\Application Data\My Web Shield

[#] Carpeta eliminada al reiniciar: C:\ProgramData\Application Data\Thunder Network

[-] Carpeta eliminada: C:\Users\Nicco\AppData\Roaming\Mozilla\Firefox\naweriweentcofise

 

 

***** [ Archivos ] *****

 

 

 

***** [ DLL ] *****

 

 

 

***** [ WMI ] *****

 

 

 

***** [ Accesos directos ] *****

 

 

 

***** [ Tareas programadas ] *****

 

[-] Tarea eliminada: 29bcfb03d5160021cb4ef88bedf73db7

 

 

***** [ Registro ] *****

 

[-] Llave eliminada: HKLM\SOFTWARE\Classes\AppID\{3E0DB45B-9FCC-4064-B48C-080BD03A99A4}

[-] Llave eliminada: HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}

[-] Llave eliminada: HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}

[-] Llave eliminada: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}

[-] Llave eliminada: HKU\.DEFAULT\Software\jhtrsq

[#] Llave eliminada al reiniciar: HKU\S-1-5-18\Software\jhtrsq

[-] Llave eliminada: HKLM\SOFTWARE\jhtrsq

[-] Llave eliminada: [x64] HKLM\SOFTWARE\jhtrsq

 

 

***** [ Navegadores ] *****

 

[-] Se limpian las preferencias de Firefox: "browser.search.hiddenOneOffs" -  "Yahoo,Bing,Diccionario RAE,DuckDuckGo,trotux,Twitter,Wikipedia (es)"

[-] [C:\Users\Nicco\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [startup_urls] Eliminado: hxxp://www.trotux.com/?z=abfb4dc839a5c4db9b74e56g6z4bez7m1q9b9o8o4m&from=isr&uid=HitachiXHTS547550A9E384_J2110051DNYV8BDNYV8BX&type=hp

[-] [C:\Users\Nicco\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [homepage] Eliminado: hxxp://www.trotux.com/?z=abfb4dc839a5c4db9b74e56g6z4bez7m1q9b9o8o4m&from=isr&uid=HitachiXHTS547550A9E384_J2110051DNYV8BDNYV8BX&type=hp

 

 

*************************

 

:: Llaves "Tracing" eliminadas

:: Se han borrado los ajustes de Winsock

 

*************************

 

C:\AdwCleaner\AdwCleaner[C0].txt - [2541 Bytes] - [19/01/2017 23:16:11]

C:\AdwCleaner\AdwCleaner[S0].txt - [2785 Bytes] - [19/01/2017 23:11:56]

 

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2687 Bytes] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.1.0 (12.05.2016)

Operating System: Windows 7 Ultimate x64

Ran by Nicco (Administrator) on 19/01/2017 at 23:23:03.20

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

File System: 9

 

Successfully deleted: C:\Users\Public\thunder network (Folder)

Successfully deleted: C:\Users\Nicco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7I7VQZTE (Temporary Internet Files Folder)

Successfully deleted: C:\Users\Nicco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJQUO9SL (Temporary Internet Files Folder)

Successfully deleted: C:\Users\Nicco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FKNDC0X1 (Temporary Internet Files Folder)

Successfully deleted: C:\Users\Nicco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y4PGJ8EH (Temporary Internet Files Folder)

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7I7VQZTE (Temporary Internet Files Folder)

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJQUO9SL (Temporary Internet Files Folder)

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FKNDC0X1 (Temporary Internet Files Folder)

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y4PGJ8EH (Temporary Internet Files Folder)

 

 

 

Registry: 0

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 19/01/2017 at 23:27:31.00

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2017-01-20 04:37:56.771               Sophos Virus Removal Tool version 2.5.6

2017-01-20 04:37:56.771               Copyright © 2009-2016 Sophos Limited. All rights reserved.

 

2017-01-20 04:37:56.772               This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

 

2017-01-20 04:37:56.772               Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64

2017-01-20 04:37:56.782               Checking for updates...

2017-01-20 04:38:27.382               Option all = no

2017-01-20 04:38:27.382               Option recurse = yes

2017-01-20 04:38:27.383               Option archive = no

2017-01-20 04:38:27.383               Option service = yes

2017-01-20 04:38:27.383               Option confirm = yes

2017-01-20 04:38:27.383               Option sxl = yes

2017-01-20 04:38:27.388               Option max-data-age = 35

2017-01-20 04:38:27.389               Option vdl-logging = yes

2017-01-20 04:38:27.403               Customer ID:     094260ca9b3af99f9d4a3909fc47a743

2017-01-20 04:38:27.403               Machine ID:       f88d5bb28eac4fb9b7486a0287c91674

2017-01-20 04:38:27.405               Component SVRTcli.exe version 2.5.6

2017-01-20 04:38:27.406               Component control.dll version 2.5.6

2017-01-20 04:38:27.406               Component SVRTservice.exe version 2.5.6

2017-01-20 04:38:27.407               Component engine\osdp.dll version 1.44.1.2270

2017-01-20 04:38:27.407               Component engine\veex.dll version 3.67.0.2270

2017-01-20 04:38:27.407               Component engine\savi.dll version 9.0.5.2270

2017-01-20 04:38:27.408               Component rkdisk.dll version 1.5.31.1

2017-01-20 04:38:27.409               Version info:     Product version               2.5.6

2017-01-20 04:38:27.413               Version info:     Detection engine            3.67.0

2017-01-20 04:38:27.413               Version info:     Detection data 5.32

2017-01-20 04:38:27.413               Version info:     Build date           04/10/2016

2017-01-20 04:38:27.413               Version info:     Data files added              678

2017-01-20 04:38:27.414               Version info:     Last successful update  (not yet updated)

2017-01-20 04:39:48.648               Update progress: proxy server not available

2017-01-20 04:40:18.742               Downloading updates...

2017-01-20 04:40:18.750               Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1

2017-01-20 04:40:18.750               Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=

2017-01-20 04:40:18.750               Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=

2017-01-20 04:40:18.750               Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]

2017-01-20 04:40:18.750               Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=

2017-01-20 04:40:18.751               Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=

2017-01-20 04:40:18.751               Update progress: [I49502] sdds.data0910.xml: found supplement IDE533 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]

2017-01-20 04:40:18.751               Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE533 LATEST path=

2017-01-20 04:40:18.751               Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE533 LATEST path=

2017-01-20 04:40:18.751               Update progress: [I49502] sdds.data0910.xml: found supplement IDE534 LATEST path= baseVersion= [included from product IDE533 LATEST path=]

2017-01-20 04:40:18.751               Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE534 LATEST path=

2017-01-20 04:40:18.751               Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE534 LATEST path=

2017-01-20 04:40:18.751               Update progress: [I49502] sdds.data0910.xml: found supplement IDE535 LATEST path= baseVersion= [included from product IDE534 LATEST path=]

2017-01-20 04:40:18.751               Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE535 LATEST path=

2017-01-20 04:40:18.751               Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE535 LATEST path=

2017-01-20 04:40:18.752               Update progress: [I49502] sdds.data0910.xml: found supplement IDE536 LATEST path= baseVersion= [included from product IDE535 LATEST path=]

2017-01-20 04:40:18.752               Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE536 LATEST path=

2017-01-20 04:40:18.752               Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE536 LATEST path=

2017-01-20 04:40:18.752               Update progress: [I49502] sdds.data0910.xml: found supplement IDE537 LATEST path= baseVersion= [included from product IDE536 LATEST path=]

2017-01-20 04:40:18.752               Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE537 LATEST path=

2017-01-20 04:40:18.752               Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE537 LATEST path=

2017-01-20 04:40:18.752               Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=

2017-01-20 04:40:19.309               Update progress: [I19463] Syncing product SAVIW32 LATEST path=

2017-01-20 04:40:19.309               Update progress: [I19463] Product download size 151003858 bytes

2017-01-20 04:40:25.934               Update progress: [I19463] Syncing product IDE533 LATEST path=

2017-01-20 04:40:25.934               Update progress: [I19463] Product download size 2192549 bytes

2017-01-20 04:40:27.647               Update progress: [I19463] Syncing product IDE534 LATEST path=

2017-01-20 04:40:27.648               Update progress: [I19463] Product download size 2006903 bytes

2017-01-20 04:40:29.321               Update progress: [I19463] Syncing product IDE535 LATEST path=

2017-01-20 04:40:29.321               Update progress: [I19463] Product download size 1915695 bytes

2017-01-20 04:40:31.169               Update progress: [I19463] Syncing product IDE536 LATEST path=

2017-01-20 04:40:31.169               Update progress: [I19463] Product download size 3527452 bytes

2017-01-20 04:40:33.698               Update progress: [I19463] Syncing product IDE537 LATEST path=

2017-01-20 04:40:33.698               Update progress: [I19463] Product download size 649396 bytes

2017-01-20 04:40:34.763               Installing updates...

2017-01-20 04:40:36.164               Error level 1

2017-01-20 04:41:31.893               Update successful

2017-01-20 04:42:13.633               Option all = no

2017-01-20 04:42:13.633               Option recurse = yes

2017-01-20 04:42:13.633               Option archive = no

2017-01-20 04:42:13.633               Option service = yes

2017-01-20 04:42:13.633               Option confirm = yes

2017-01-20 04:42:13.633               Option sxl = yes

2017-01-20 04:42:13.638               Option max-data-age = 35

2017-01-20 04:42:13.638               Option vdl-logging = yes

2017-01-20 04:42:13.648               Customer ID:     094260ca9b3af99f9d4a3909fc47a743

2017-01-20 04:42:13.648               Machine ID:       f88d5bb28eac4fb9b7486a0287c91674

2017-01-20 04:42:13.650               Component SVRTcli.exe version 2.5.6

2017-01-20 04:42:13.651               Component control.dll version 2.5.6

2017-01-20 04:42:13.651               Component SVRTservice.exe version 2.5.6

2017-01-20 04:42:13.651               Component engine\osdp.dll version 1.44.1.2270

2017-01-20 04:42:13.652               Component engine\veex.dll version 3.67.0.2270

2017-01-20 04:42:13.652               Component engine\savi.dll version 9.0.5.2270

2017-01-20 04:42:13.653               Component rkdisk.dll version 1.5.31.1

2017-01-20 04:42:13.654               Version info:     Product version               2.5.6

2017-01-20 04:42:13.658               Version info:     Detection engine            3.67.0

2017-01-20 04:42:13.659               Version info:     Detection data 5.32

2017-01-20 04:42:13.659               Version info:     Build date           04/10/2016

2017-01-20 04:42:13.659               Version info:     Data files added              678

2017-01-20 04:42:13.659               Version info:     Last successful update  19/01/2017 11:41:31 p.m.

 

2017-01-20 05:17:53.061               Error level 0

 

2017-01-20 05:17:57.860               Scan cancelled by user.

2017-01-20 05:17:57.860              

 

------------------------------------------------------------

 

2017-01-20 14:41:59.224               Sophos Virus Removal Tool version 2.5.6

2017-01-20 14:41:59.224               Copyright © 2009-2016 Sophos Limited. All rights reserved.

 

2017-01-20 14:41:59.224               This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

 

2017-01-20 14:41:59.224               Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64

2017-01-20 14:41:59.270               Checking for updates...

2017-01-20 14:42:02.687               Update progress: proxy server not available

2017-01-20 14:43:41.350               Downloading updates...

2017-01-20 14:43:41.350               Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1

2017-01-20 14:43:41.351               Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=

2017-01-20 14:43:41.351               Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=

2017-01-20 14:43:41.351               Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]

2017-01-20 14:43:41.351               Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=

2017-01-20 14:43:41.351               Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=

2017-01-20 14:43:41.351               Update progress: [I49502] sdds.data0910.xml: found supplement IDE533 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]

2017-01-20 14:43:41.351               Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE533 LATEST path=

2017-01-20 14:43:41.351               Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE533 LATEST path=

2017-01-20 14:43:41.351               Update progress: [I49502] sdds.data0910.xml: found supplement IDE534 LATEST path= baseVersion= [included from product IDE533 LATEST path=]

2017-01-20 14:43:41.351               Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE534 LATEST path=

2017-01-20 14:43:41.351               Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE534 LATEST path=

2017-01-20 14:43:41.352               Update progress: [I49502] sdds.data0910.xml: found supplement IDE535 LATEST path= baseVersion= [included from product IDE534 LATEST path=]

2017-01-20 14:43:41.352               Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE535 LATEST path=

2017-01-20 14:43:41.352               Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE535 LATEST path=

2017-01-20 14:43:41.352               Update progress: [I49502] sdds.data0910.xml: found supplement IDE536 LATEST path= baseVersion= [included from product IDE535 LATEST path=]

2017-01-20 14:43:41.352               Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE536 LATEST path=

2017-01-20 14:43:41.352               Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE536 LATEST path=

2017-01-20 14:43:41.352               Update progress: [I49502] sdds.data0910.xml: found supplement IDE537 LATEST path= baseVersion= [included from product IDE536 LATEST path=]

2017-01-20 14:43:41.352               Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE537 LATEST path=

2017-01-20 14:43:41.352               Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE537 LATEST path=

2017-01-20 14:43:41.352               Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=

2017-01-20 14:43:41.623               Update progress: [I19463] Syncing product SAVIW32 LATEST path=

2017-01-20 14:43:41.931               Update progress: [I19463] Syncing product IDE533 LATEST path=

2017-01-20 14:43:42.256               Update progress: [I19463] Syncing product IDE534 LATEST path=

2017-01-20 14:43:42.919               Update progress: [I19463] Syncing product IDE535 LATEST path=

2017-01-20 14:43:43.141               Update progress: [I19463] Syncing product IDE536 LATEST path=

2017-01-20 14:43:43.278               Update progress: [I19463] Syncing product IDE537 LATEST path=

2017-01-20 14:43:43.278               Update progress: [I19463] Product download size 8973 bytes

2017-01-20 14:43:43.844               Installing updates...

2017-01-20 14:43:59.366               Option all = no

2017-01-20 14:44:00.645               Option recurse = yes

2017-01-20 14:44:00.645               Option archive = no

2017-01-20 14:44:00.649               Option service = yes

2017-01-20 14:44:00.649               Option confirm = yes

2017-01-20 14:44:00.649               Option sxl = yes

2017-01-20 14:44:00.649               Option max-data-age = 35

2017-01-20 14:44:00.650               Option vdl-logging = yes

2017-01-20 14:44:00.650               Customer ID:     094260ca9b3af99f9d4a3909fc47a743

2017-01-20 14:44:00.650               Machine ID:       f88d5bb28eac4fb9b7486a0287c91674

2017-01-20 14:44:00.650               Component SVRTcli.exe version 2.5.6

2017-01-20 14:44:00.650               Component control.dll version 2.5.6

2017-01-20 14:44:00.650               Component SVRTservice.exe version 2.5.6

2017-01-20 14:44:00.651               Component engine\osdp.dll version 1.44.1.2270

2017-01-20 14:44:00.654               Component engine\veex.dll version 3.67.0.2270

2017-01-20 14:44:00.654               Component engine\savi.dll version 9.0.5.2270

2017-01-20 14:44:00.654               Component rkdisk.dll version 1.5.31.1

2017-01-20 14:44:00.655               Version info:     Product version               2.5.6

2017-01-20 14:44:00.655               Version info:     Detection engine            3.67.0

2017-01-20 14:44:00.655               Version info:     Detection data 5.32

2017-01-20 14:44:00.655               Version info:     Build date           04/10/2016

2017-01-20 14:44:00.655               Version info:     Data files added              678

2017-01-20 14:44:00.656               Version info:     Last successful update  19/01/2017 11:41:31 p.m.

2017-01-20 14:44:00.656               Error level 1

2017-01-20 14:44:02.291               Update successful

2017-01-20 14:44:33.336               Option all = no

2017-01-20 14:44:33.336               Option recurse = yes

2017-01-20 14:44:33.336               Option archive = no

2017-01-20 14:44:33.336               Option service = yes

2017-01-20 14:44:33.336               Option confirm = yes

2017-01-20 14:44:33.336               Option sxl = yes

2017-01-20 14:44:33.340               Option max-data-age = 35

2017-01-20 14:44:33.340               Option vdl-logging = yes

2017-01-20 14:44:33.350               Customer ID:     094260ca9b3af99f9d4a3909fc47a743

2017-01-20 14:44:33.350               Machine ID:       f88d5bb28eac4fb9b7486a0287c91674

2017-01-20 14:44:33.352               Component SVRTcli.exe version 2.5.6

2017-01-20 14:44:33.352               Component control.dll version 2.5.6

2017-01-20 14:44:33.353               Component SVRTservice.exe version 2.5.6

2017-01-20 14:44:33.353               Component engine\osdp.dll version 1.44.1.2270

2017-01-20 14:44:33.353               Component engine\veex.dll version 3.67.0.2270

2017-01-20 14:44:33.353               Component engine\savi.dll version 9.0.5.2270

2017-01-20 14:44:33.354               Component rkdisk.dll version 1.5.31.1

2017-01-20 14:44:33.354               Version info:     Product version               2.5.6

2017-01-20 14:44:33.358               Version info:     Detection engine            3.67.0

2017-01-20 14:44:33.358               Version info:     Detection data 5.32

2017-01-20 14:44:33.358               Version info:     Build date           04/10/2016

2017-01-20 14:44:33.358               Version info:     Data files added              679

2017-01-20 14:44:33.359               Version info:     Last successful update  20/01/2017 09:44:02 a.m.

 

2017-01-20 16:19:46.255               Could not open C:\hiberfil.sys

2017-01-20 16:21:46.668               Could not open C:\pagefile.sys

2017-01-20 17:58:00.571               >>> Virus 'Troj/Agent-AJTU' found in file C:\Program Files (x86)\The Sims 4\Game\Bin\rld.dll

2017-01-20 17:58:13.505               >>> Virus 'Troj/Agent-AJTQ' found in file C:\Program Files (x86)\The Sims 4\Game\Bin\RldOrigin.dll

2017-01-20 17:58:19.641               >>> Virus 'Mal/Scribble-D' found in file C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe

2017-01-20 17:58:19.641               Disinfection not offered

2017-01-20 18:02:24.237               Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}

2017-01-20 18:02:24.238               Could not open C:\System Volume Information\{4d40b835-dec7-11e6-8cea-005056c00008}{3808876b-c176-4e48-b7ae-04046e6cc752}

2017-01-20 18:02:24.239               Could not open C:\System Volume Information\{4d40b83a-dec7-11e6-8cea-005056c00008}{3808876b-c176-4e48-b7ae-04046e6cc752}

2017-01-20 18:02:24.240               Could not open C:\System Volume Information\{99ff3ee0-de81-11e6-aa99-005056c00008}{3808876b-c176-4e48-b7ae-04046e6cc752}

2017-01-20 18:02:24.241               Could not open C:\System Volume Information\{99ff3f85-de81-11e6-aa99-005056c00008}{3808876b-c176-4e48-b7ae-04046e6cc752}

2017-01-20 19:02:48.941               Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb

2017-01-20 19:02:48.944               Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb

2017-01-20 19:03:01.869               Could not open C:\Windows\System32\config\RegBack\DEFAULT

2017-01-20 19:03:01.894               Could not open C:\Windows\System32\config\RegBack\SAM

2017-01-20 19:03:01.939               Could not open C:\Windows\System32\config\RegBack\SECURITY

2017-01-20 19:03:01.945               Could not open C:\Windows\System32\config\RegBack\SOFTWARE

2017-01-20 19:03:01.950               Could not open C:\Windows\System32\config\RegBack\SYSTEM

2017-01-20 19:46:20.145               Could not open LOGICAL:0003:00000000

2017-01-20 19:46:20.150               Could not open D:\

2017-01-20 19:46:20.150               Could not open LOGICAL:0004:00000000

2017-01-20 19:46:20.151               Could not open E:\

2017-01-20 19:46:22.140               The following items will be cleaned up:

2017-01-20 19:46:22.140               Troj/Agent-AJTU

2017-01-20 19:46:22.140               Troj/Agent-AJTQ

2017-01-20 19:46:22.141               Mal/Scribble-D



#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:58 AM

Posted 20 January 2017 - 08:32 PM

Update your Java version here: http://www.java.com/en/download/manual.jsp
Alternate download: http://www.filehippo.com/search?q=java

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

 

=============================================

 

Your computer is clean p3879546.jpg

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download 51a5ce45263de-delfix.pngDelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

7. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

8. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

9. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

10. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry3187642

11. Please, let me know, how your computer is doing.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 NicoForce

NicoForce
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:58 AM

Posted 21 January 2017 - 12:37 AM

I'm actually amazed by how clean mi pc is now. I'm really thankful thus far.

 

However, I still have this desktop.ini problem with the description I mentioned in my very first post:

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787
 

The problem that has just arised is, when I actually tracked down this notepad that showed in every boot and deleted it, some process called onedrivesetup.exe automatically started after 20 secs of doing so.

I killed the process since I believed it could have been installing something into my computer. I actually have tracked every single desktop.ini in my pc but, in order to get rid of it, do I just need to delete them all?

 

Thanks in advance.

 



#9 NicoForce

NicoForce
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:58 AM

Posted 21 January 2017 - 12:49 AM

I just wrote onedrive in the search tab in order to look for any installed programs. A desktop.ini popped as well. Even some "OneDrive" programs which I've never installed willingly. And, I soon as I tried to uninstall it, it just vanished, without an uninstalling process/prompt.

 

 



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:58 AM

Posted 21 January 2017 - 08:21 PM

See here: https://support.microsoft.com/en-us/help/330132/notepad-starts-with-.shellclassinfo-localizedresourcename-systemroot-system32-shell32.dll,-21787-when-you-start-your-computer


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 NicoForce

NicoForce
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:58 AM

Posted 23 January 2017 - 12:32 PM

Thanks for your help. It actually fixed my problem.



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:58 AM

Posted 23 January 2017 - 08:30 PM

Way to go!! p4193510.gif
Good luck and stay safe :)
 


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users