• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 11

    PC lenta y envenenamiento de cache dns

    Hola ,desde hace algunos dias he tenido muchos problemas con mi pc, Uno de los problemas es que esta demasiado lenta y otra es que constantemente recibo avisos de mi antivirus Envenenamiento de cache dns ...

    1. #1
      Usuario Avatar de Lus Nara
      Registrado
      feb 2013
      Ubicación
      Mexico
      Mensajes
      78

      PC lenta y envenenamiento de cache dns

      Hola ,desde hace algunos dias he tenido muchos problemas con mi pc,
      Uno de los problemas es que esta demasiado lenta y otra es que constantemente recibo avisos de mi antivirus

      Envenenamiento de cache dns
      Direccion IP 8.8.8.8 y 8.8.4.4

      Tengo eset smart secirity 5 y se que las direcciones ip que aparecen ahi son las de los dns de google,
      He hecho escaneos con eset smart security y malware bytes antimalware en modo seguro y todo sigue igual,
      Incluso he intentado cambiar los dns pero ya no puedo,ya que el boton de propiedades en protocolo de internet version 4 TCP/IPV4 ha desaparecido

      Les dejo una captura



      Me gustaria poder eliminar esos molestos mensajes y de ser posible recuperar el boton de propiedades para cambiar los dns,de antemano muchas gracias.

    2. #2
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: PC lenta y envenenamiento de cache dns

      Buenas


      Es importante que leas con atención el siguiente procedimiento:


      1.- Muy importante: en primer lugar desconecte el ordenador de Internet.

      2. En la parte trasera del Modem vera un pequeña ranura al lado del botón de apagado; Dicho botón se utiliza para retesar al mismo introduciendo un objeto puntiagudo. Procede a resetearlo

      3. Restablecer los parametros de navegacion/ configuración de DNS de la conexión a Internet:

      • Vaya a Inicio -> Panel de control -> Haga doble clic en redes e internet -> redes y recursos compartidos-> cambiar configuración del adaptador
      • Haga clic derecho sobre la conexión por defecto (en Conexión de área local o general, la conexión de red inalámbrica) y seleccione Propiedades.
      • Haga doble clic en Protocolo Internet (TCP / IPv4).
        • En la pestaña General:
        • Seleccione "Obtener una dirección IP automáticamente".
        • Seleccione "Obtener la dirección del servidor DNS automáticamente".


      • Haga clic en Aceptar dos veces para guardar la configuración.
      • Reinicie si tiene que cambiar cualquier configuración.


      4. Renovar el caché de DNS:

      • Haga clic en de inicioHaga clic en Ejecutar
      • En la ventana de comandos de copia / pega el siguiente texto:




      Código:
        ipconfig / flushdns
      A continuación, pulsa enter. Salga de la ventana de comandos.

      5. Vuelva a conectar: Una vez que haya seguido todos los pasos anteriores puede volver a conectar su ordenador a Internet.

      si advierte problemas de navegacion comunicarce con el proveedor de Internet para restaurar los valores del DNS.


      6.-Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas y programas
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones. Si pide actualizar "Update" aceptas.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación, de no ser así lo reinicias manualmente.
        • Al finalizar el trabajo Comobofix generara un registro en C:\ComboFix.txt.



      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.






      En tu Próxima respuesta necesitamos la siguiente Información



      • El reporte de Combofix que se encuentra en C:\ComboFix.txt lo pegas en este mismo tema.
      • Comentar como esta funcionado tu sistema en relacion al problema inicial.


      Saludos.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Lus Nara
      Registrado
      feb 2013
      Ubicación
      Mexico
      Mensajes
      78

      Re: PC lenta y envenenamiento de cache dns

      Hola amigo,gracias por responder,

      Primeramente ya hice todo hasta el paso 4,
      Excepto el paso 3 ya que al dar doble click sobre Protocolo Internet (TCP / IPv4) no sucede nada

      Aqui te dejo el log del combofix

      ComboFix 13-02-15.01 - Jose Luis 15/02/2013 19:50:30.1.2 - x86
      Microsoft Windows 7 Enterprise 6.1.7600.0.1252.52.3082.18.1013.255 [GMT -7:00]
      Running from: E:\Users\Jose Luis\Desktop\ComboFix.exe
      AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
      FW: Cortafuegos personal de ESET *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
      SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
      SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point


      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


      E:\install.exe
      E:\LIN
      E:\LIN\Common\OPERATION7.ini
      E:\Program Files\WinPCap
      E:\Windows\Install
      E:\Windows\system32\URTTemp
      E:\Windows\system32\URTTemp\regtlib.exe
      E:\Windows\win32


      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      -------\Legacy_NPF


      ((((((((((((((((((((((((( Files Created from 2013-01-16 to 2013-02-16 )))))))))))))))))))))))))))))))


      2013-02-16 02:59:46 . 2013-02-16 03:01:48 -------- d-----w- E:\Users\Jose Luis\AppData\Local\temp
      2013-02-14 23:36:15 . 2013-02-15 00:01:57 -------- d-----w- E:\Users\Jose Luis\.msf4
      2013-02-14 21:54:24 . 2013-02-14 21:59:48 -------- d-----w- E:\Users\Admin
      2013-02-14 02:08:12 . 2013-02-14 02:08:26 -------- d-----w- E:\Users\Jose Luis\Wireshark
      2013-02-13 00:40:22 . 2013-02-15 01:41:09 -------- d-----w- E:\Program Files\Nmap
      2013-02-07 01:07:56 . 2013-02-07 01:07:56 -------- d-----w- E:\Program Files\SystemRequirementsLab
      2013-02-04 19:36:56 . 2013-02-04 19:36:49 94112 ----a-w- E:\Windows\system32\WindowsAccessBridge.dll
      2013-02-02 22:12:48 . 2013-02-02 22:13:17 -------- d-----w- E:\Program Files\Music Editor Free
      2013-01-31 21:06:12 . 2013-02-14 22:21:18 -------- d-----w- E:\Users\Jose Luis\AppData\Roaming\mIRC
      2013-01-25 23:27:01 . 2013-02-14 02:29:34 -------- d-----w- E:\Program Files\Cain
      2013-01-19 23:09:38 . 2013-01-19 23:09:38 -------- d-----w- E:\Program Files\Common Files\Java
      2013-01-18 03:37:00 . 2013-01-18 03:37:03 -------- d-----w- E:\Users\Jose Luis\AppData\Local\Ares
      .


      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

      2013-02-04 19:36:41 . 2012-07-01 17:23:36 861088 ----a-w- E:\Windows\system32\npDeployJava1.dll
      2013-02-04 19:36:40 . 2012-07-01 17:23:36 782240 ----a-w- E:\Windows\system32\deployJava1.dll
      2013-01-03 01:43:28 . 2013-01-03 01:43:28 1060864 ----a-w- E:\Windows\system32\mfc71.dll
      2013-01-03 01:43:27 . 2013-01-03 01:43:27 1700352 ----a-w- E:\Windows\system32\gdiplus.dll
      2012-12-19 21:37:24 . 2012-11-17 04:06:11 73656 ----a-w- E:\Windows\system32\FlashPlayerCPLApp.cpl
      2012-12-19 21:37:24 . 2012-11-17 04:06:11 697272 ----a-w- E:\Windows\system32\FlashPlayerApp.exe
      2012-12-14 23:49:28 . 2012-10-12 00:22:37 21104 ----a-w- E:\Windows\system32\drivers\mbam.sys
      2012-12-09 07:11:21 . 2012-02-01 20:34:46 239168 ----a-w- E:\Windows\system32\drivers\dtsoftbus01.sys


      ------- Sigcheck -------
      Note: Unsigned files aren't necessarily malware.

      [-] 2009-07-14 01:16:17 . 8626F0C30D4E3564FFDD25C90F4426F1 . 811520 . . [6.1.7600.16385 (win7_rtm.090713-1255)] . . E:\Windows\System32\user32.dll
      [7] 2009-07-14 01:16:17 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385 (win7_rtm.090713-1255)] . . E:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll

      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RtHDVCpl"="E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-01-19 02:47:04 10025576]
      "egui"="E:\Program Files\ESET\ESET Smart Security\egui.exe" [2011-09-22 19:03:02 3080264]
      "IgfxTray"="E:\Windows\system32\igfxtray.exe" [2009-09-24 01:30:48 141848]
      "HotKeysCmds"="E:\Windows\system32\hkcmd.exe" [2009-09-24 01:30:48 173592]
      "Persistence"="E:\Windows\system32\igfxpers.exe" [2009-09-24 01:30:48 150552]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableLUA"= 0 (0x0)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
      2012-11-29 22:41:52 138096 ----atw- E:\Users\Jose Luis\AppData\Local\Facebook\Update\FacebookUpdate.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
      2013-02-14 10:14:04 1597864 ----a-w- E:\Program Files\Steam\steam.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "UnlockerAssistant"="E:\Program Files\Unlocker\UnlockerAssistant.exe"
      "Persistence"=E:\Windows\system32\igfxpers.exe
      "IgfxTray"=E:\Windows\system32\igfxtray.exe
      "HotKeysCmds"=E:\Windows\system32\hkcmd.exe
      "SunJavaUpdateSched"="E:\Program Files\Common Files\Java\Java Update\jusched.exe"

      R1 SBRE;SBRE;E:\Windows\system32\drivers\SBREdrv.sys [x]
      R2 MBAMService;MBAMService;E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
      R3 EagleXNt;EagleXNt;E:\Windows\system32\drivers\EagleXNt.sys [x]
      R3 epmntdrv;epmntdrv;E:\Windows\system32\epmntdrv.sys [x]
      R3 EuGdiDrv;EuGdiDrv;E:\Windows\system32\EuGdiDrv.sys [x]
      R3 GGSAFERDriver;GGSAFER Driver;E:\Program Files\Garena Plus\Room\safedrv.sys [x]
      R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;E:\Windows\system32\DRIVERS\sbfwim.sys [x]
      R3 sbhips;sbhips;E:\Windows\system32\drivers\sbhips.sys [x]
      R3 SQTECH913D;913D Camera;E:\Windows\system32\Drivers\Capt913D.sys [x]
      R3 XDva397;XDva397;E:\Windows\system32\XDva397.sys [x]
      R3 XDva399;XDva399;E:\Windows\system32\XDva399.sys [x]
      R3 XDva400;XDva400;E:\Windows\system32\XDva400.sys [x]
      S0 epfwwfp;epfwwfp;E:\Windows\system32\DRIVERS\epfwwfp.sys [x]
      S1 ehdrv;ehdrv;E:\Windows\system32\DRIVERS\ehdrv.sys [x]
      S1 EpfwLWF;Epfw NDIS LightWeight Filter;E:\Windows\system32\DRIVERS\EpfwLWF.sys [x]
      S1 HssDRV6;Hotspot Shield Routing Driver 6;E:\Windows\system32\DRIVERS\hssdrv6.sys [x]
      S1 SbFw;SbFw;E:\Windows\system32\drivers\SbFw.sys [x]
      S1 SbTis;SbTis;E:\Windows\system32\drivers\sbtis.sys [x]
      S2 eamonm;eamonm;E:\Windows\system32\DRIVERS\eamonm.sys [x]
      S2 ekrn;ESET Service;E:\Program Files\ESET\ESET Smart Security\ekrn.exe [x]
      S2 MBAMScheduler;MBAMScheduler;E:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
      S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;E:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [x]
      S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;E:\Windows\system32\DRIVERS\dtsoftbus01.sys [x]
      S3 MBAMProtector;MBAMProtector;E:\Windows\system32\drivers\mbam.sys [x]
      S3 RTL8167;Controlador NT de Realtek 8167;E:\Windows\system32\DRIVERS\Rt86win7.sys [x]
      S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;E:\Windows\system32\DRIVERS\SBFWIM.sys [x]
      S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;E:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [x]


      --- Other Services/Drivers In Memory ---

      *NewlyCreated* - WS2IFSL

      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2013-01-23 20:49:33 1607120 ----a-w- E:\Program Files\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe

      Contents of the 'Scheduled Tasks' folder

      2012-11-30 E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2487106643-3305291670-313990136-1000Core.job
      - E:\Users\Jose Luis\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-29 22:41:58 . 2012-11-29 22:41:52]

      2012-11-30 E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2487106643-3305291670-313990136-1000UA.job
      - E:\Users\Jose Luis\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-29 22:41:58 . 2012-11-29 22:41:52]

      2013-01-27 E:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
      - E:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-01 20:39:22 . 2012-12-01 20:39:20]

      2013-01-27 E:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
      - E:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-01 20:39:22 . 2012-12-01 20:39:20]


      ------- Supplementary Scan -------

      uStart Page = hxxp://es.ask.com/?l=dis&o=14672
      uInternet Settings,ProxyOverride = <local>
      uSearchAssistant = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      TCP: DhcpNameServer = 192.168.1.254
      TCP: Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}: NameServer = 8.8.8.8,8.8.4.4
      TCP: Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}\94E46494E4944555D4033424135444: NameServer = 8.8.8.8,8.8.4.4
      TCP: Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}\94E46494E4944555D423733353: NameServer = 8.8.8.8,8.8.4.4
      TCP: Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}\94E46494E4944555D4440313144393: NameServer = 8.8.8.8,8.8.4.4

      - - - - ORPHANS REMOVED - - - -

      MSConfigStartUp-LogMeIn Hamachi Ui - E:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
      AddRemove-{C1080852-065E-4991-9260-F3756E3CC182} - E:\ProgramData\{F148F899-0B83-4870-A256-3994552CE73E}\CursorFX_setup.exe

    4. #4
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: PC lenta y envenenamiento de cache dns

      Buenas.


      Descargá OTL By OldTimer a Tu escritorio

      Ejecutá OTL

      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo hasta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.




      Nos traes el reporte de OTL.


      Saludos.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Lus Nara
      Registrado
      feb 2013
      Ubicación
      Mexico
      Mensajes
      78

      Re: PC lenta y envenenamiento de cache dns

      Aqui tienes el reporte de OTL.txt

      OTL logfile created on: 16/02/2013 13:08:49 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = E:\Users\Jose Luis\Desktop
      Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7600.16385)
      Locale: 00000c0a | Country: México | Language: ESM | Date Format: dd/MM/yyyy

      1013,49 Mb Total Physical Memory | 450,01 Mb Available Physical Memory | 44,40% Memory free
      1,99 Gb Paging File | 1,45 Gb Available in Paging File | 72,88% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
      Drive C: | 28,64 Gb Total Space | 9,85 Gb Free Space | 34,39% Space Free | Partition Type: NTFS
      Drive D: | 47,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
      Drive E: | 74,50 Gb Total Space | 23,26 Gb Free Space | 31,22% Space Free | Partition Type: NTFS

      Computer Name: ANDROID-2885773 | User Name: Jose Luis | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Quick Scan
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - E:\Users\Jose Luis\Desktop\OTL.exe (OldTimer Tools)
      PRC - E:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - E:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software)
      PRC - E:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
      PRC - E:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
      PRC - E:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
      PRC - E:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - E:\Windows\explorer.exe (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - E:\Archivos de programa\WinRAR\RarExt.dll ()


      ========== Services (SafeList) ==========

      SRV - (MBAMService) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (TuneUp.UtilitiesSvc) -- E:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
      SRV - (ekrn) -- E:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
      SRV - (Steam Client Service) -- E:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
      SRV - (StorSvc) -- E:\Windows\System32\StorSvc.dll (Microsoft Corporation)
      SRV - (SensrSvc) -- E:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- E:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- E:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (XDva400) -- E:\Windows\system32\XDva400.sys File not found
      DRV - (XDva399) -- E:\Windows\system32\XDva399.sys File not found
      DRV - (XDva397) -- E:\Windows\system32\XDva397.sys File not found
      DRV - (SQTECH913D) -- System32\Drivers\Capt913D.sys File not found
      DRV - (SBRE) -- E:\Windows\system32\drivers\SBREdrv.sys File not found
      DRV - (GGSAFERDriver) -- E:\Program Files\Garena Plus\Room\safedrv.sys File not found
      DRV - (EuGdiDrv) -- E:\Windows\system32\EuGdiDrv.sys File not found
      DRV - (epmntdrv) -- E:\Windows\system32\epmntdrv.sys File not found
      DRV - (EagleXNt) -- E:\Windows\system32\drivers\EagleXNt.sys File not found
      DRV - (catchme) -- E:\Users\JOSELU~1\AppData\Local\Temp\catchme.sys File not found
      DRV - (MBAMProtector) -- E:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (dtsoftbus01) -- E:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV - (TuneUpUtilitiesDrv) -- E:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
      DRV - (HssDRV6) -- E:\Windows\System32\drivers\hssdrv6.sys (AnchorFree Inc.)
      DRV - (taphss) -- E:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
      DRV - (eamonm) -- E:\Windows\System32\drivers\eamonm.sys (ESET)
      DRV - (epfw) -- E:\Windows\System32\drivers\epfw.sys (ESET)
      DRV - (epfwwfp) -- E:\Windows\System32\drivers\epfwwfp.sys (ESET)
      DRV - (EpfwLWF) -- E:\Windows\System32\drivers\EpfwLWF.sys (ESET)
      DRV - (ehdrv) -- E:\Windows\System32\drivers\ehdrv.sys (ESET)
      DRV - (SbFw) -- E:\Windows\System32\drivers\SbFw.sys (Sunbelt Software, Inc.)
      DRV - (sbhips) -- E:\Windows\System32\drivers\sbhips.sys (Sunbelt Software, Inc.)
      DRV - (SbTis) -- E:\Windows\System32\drivers\sbtis.sys (Sunbelt Software, Inc.)
      DRV - (SBFWIMCLMP) -- E:\Windows\System32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
      DRV - (SBFWIMCL) -- E:\Windows\System32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
      DRV - (athr) -- E:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
      DRV - (vmbus) -- E:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- E:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- E:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (RMCAST) -- E:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
      DRV - (WinUsb) -- E:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (s3cap) -- E:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- E:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (hamachi) -- E:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{4CA7A89B-B509-4CBF-AB97-6307132C0EF3}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{D0196D2A-1578-4CC2-8692-9F617C64D184}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Ask.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}&src=IE-SearchBox&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IE8SSC&market={Language}
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{112CFC4D-9AA8-41AE-87DF-24E7C1E89EE7}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYMX&apn_uid=5739fcee-cdb5-4a8a-8231-46964bf8cf37&apn_sauid=D8E4CF65-659B-48D0-8CF1-22AC6EB03678
      IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{4CA7A89B-B509-4CBF-AB97-6307132C0EF3}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{D0196D2A-1578-4CC2-8692-9F617C64D184}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultengine: "http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q="
      FF - prefs.js..browser.search.defaultenginename: "Google"
      FF - prefs.js..browser.search.defaultthis.engineName: "Google"
      FF - prefs.js..browser.search.defaulturl: "http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q="
      FF - prefs.js..browser.search.order.1: "Google"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.search.selectedEngineURL: "http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q="
      FF - prefs.js..extensions.enabledAddons: [email protected]:0.9.0
      FF - prefs.js..keyword.URL: "http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q="


      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: E:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: E:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: E:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: e:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
      FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: E:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/11/07 19:14:47 | 000,000,000 | ---D | M]

      [2012/11/17 20:43:28 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Jose Luis\AppData\Roaming\mozilla\Extensions
      [2013/01/16 17:23:57 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Jose Luis\AppData\Roaming\mozilla\Firefox\Profiles\l7ph63p6.default\extensions
      [2013/01/16 17:23:57 | 000,089,481 | ---- | M] () (No name found) -- E:\Users\Jose Luis\AppData\Roaming\mozilla\firefox\profiles\l7ph63p6.default\extensions\[email protected]
      [2012/12/05 13:49:10 | 000,002,079 | ---- | M] () -- E:\Users\Jose Luis\AppData\Roaming\mozilla\firefox\profiles\l7ph63p6.default\searchplugins\google.xml

      ========== Chrome ==========

      CHR - homepage: Google
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = E:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = E:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = E:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
      CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = E:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
      CHR - plugin: Google Update (Enabled) = E:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = E:\Windows\system32\npDeployJava1.dll
      CHR - plugin: Pando Web Plugin (Enabled) = E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = e:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
      CHR - Extension: Taringa! emoticons! = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\acfbcejobfaihohadhifbohhgkmpbbpf\3.1_0\
      CHR - Extension: Google Drive = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
      CHR - Extension: YouTube = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
      CHR - Extension: B\u00FAsqueda de Google = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
      CHR - Extension: AdBlock = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.60_0\
      CHR - Extension: Descarga tus videos = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkglaboababckmiklpfggkomcpmhcdh\1.3.6_0\
      CHR - Extension: Gmail = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

      O1 HOSTS File: ([2013/02/15 20:01:35 | 000,000,027 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O4 - HKLM..\Run: [egui] E:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}: NameServer = 8.8.8.8,8.8.4.4
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (E:\Windows\system32\userinit.exe) - E:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/02/16 13:03:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Users\Jose Luis\Desktop\OTL.exe
      [2013/02/15 20:03:50 | 000,000,000 | -HSD | C] -- E:\$RECYCLE.BIN
      [2013/02/15 19:59:46 | 000,000,000 | ---D | C] -- E:\Windows\temp
      [2013/02/15 19:59:46 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\AppData\Local\temp
      [2013/02/15 19:48:01 | 000,518,144 | ---- | C] (SteelWerX) -- E:\Windows\SWREG.exe
      [2013/02/15 19:48:01 | 000,406,528 | ---- | C] (SteelWerX) -- E:\Windows\SWSC.exe
      [2013/02/15 19:48:01 | 000,060,416 | ---- | C] (NirSoft) -- E:\Windows\NIRCMD.exe
      [2013/02/15 19:47:55 | 000,000,000 | ---D | C] -- E:\ComboFix
      [2013/02/15 19:47:48 | 000,000,000 | ---D | C] -- E:\Qoobox
      [2013/02/15 19:47:32 | 000,000,000 | ---D | C] -- E:\Windows\erdnt
      [2013/02/15 19:40:49 | 005,033,715 | R--- | C] (Swearware) -- E:\Users\Jose Luis\Desktop\ComboFix.exe
      [2013/02/14 16:36:15 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\.msf4
      [2013/02/13 1919 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\Desktop\WiresharkPortable
      [2013/02/13 19:08:12 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\Wireshark
      [2013/02/13 17:37:16 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
      [2013/02/13 17:37:16 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
      [2013/02/13 17:36:58 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software
      [2013/02/12 17:40:22 | 000,000,000 | ---D | C] -- E:\Program Files\Nmap
      [2013/02/06 18:07:56 | 000,000,000 | ---D | C] -- E:\Program Files\SystemRequirementsLab
      [2013/02/02 15:13:08 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Editor Free
      [2013/02/02 15:12:48 | 000,000,000 | ---D | C] -- E:\Program Files\Music Editor Free
      [2013/02/02 15:01:15 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\Desktop\audacity-win-2-0-3
      [2013/01/31 14:06:12 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\AppData\Roaming\mIRC
      [2013/01/25 16:27:07 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
      [2013/01/25 16:27:01 | 000,000,000 | ---D | C] -- E:\Program Files\Cain
      [2013/01/19 16:09:38 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Java
      [2013/01/17 20:37:00 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\AppData\Local\Ares
      [1 E:\Windows\*.tmp files -> E:\Windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/02/16 13:08:33 | 000,007,594 | ---- | M] () -- E:\Users\Jose Luis\AppData\Local\Resmon.ResmonCfg
      [2013/02/16 13:03:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\Jose Luis\Desktop\OTL.exe
      [2013/02/16 13:00:08 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
      [2013/02/16 00:55:10 | 000,014,544 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/02/16 00:55:09 | 000,014,544 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/02/15 20:01:35 | 000,000,027 | ---- | M] () -- E:\Windows\System32\drivers\etc\hosts
      [2013/02/15 19:47:21 | 005,033,715 | R--- | M] (Swearware) -- E:\Users\Jose Luis\Desktop\ComboFix.exe
      [2013/02/14 19:16:36 | 001,241,312 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT
      [2013/02/14 19:08:49 | 000,000,036 | ---- | M] () -- E:\Users\Jose Luis\AppData\Local\housecall.guid.cache
      [2013/02/13 17:36:59 | 000,001,080 | ---- | M] () -- E:\Users\Public\Desktop\Debut Video Capture Software.lnk
      [2013/02/13 14:38:17 | 000,039,304 | ---- | M] () -- E:\Users\Jose Luis\Desktop\spy.JPG
      [2013/02/07 23:27:23 | 000,012,964 | -HS- | M] () -- E:\Users\Jose Luis\Documents\Folder.jpg
      [2013/02/07 23:27:23 | 000,012,964 | -HS- | M] () -- E:\Users\Jose Luis\Documents\AlbumArt_{F8D752AC-C75E-409E-94C4-9A7AC27D713E}_Large.jpg
      [2013/02/07 23:27:22 | 000,003,023 | -HS- | M] () -- E:\Users\Jose Luis\Documents\AlbumArtSmall.jpg
      [2013/02/07 23:27:22 | 000,003,023 | -HS- | M] () -- E:\Users\Jose Luis\Documents\AlbumArt_{F8D752AC-C75E-409E-94C4-9A7AC27D713E}_Small.jpg
      [2013/02/04 18:23:49 | 000,754,588 | ---- | M] () -- E:\Windows\System32\perfh00A.dat
      [2013/02/04 18:23:49 | 000,660,218 | ---- | M] () -- E:\Windows\System32\perfh009.dat
      [2013/02/04 18:23:49 | 000,162,822 | ---- | M] () -- E:\Windows\System32\perfc00A.dat
      [2013/02/04 18:23:49 | 000,124,408 | ---- | M] () -- E:\Windows\System32\perfc009.dat
      [2013/02/02 15:13:09 | 000,001,861 | ---- | M] () -- E:\Users\Jose Luis\Desktop\Music Editor Free.lnk
      [2013/01/27 14:14:39 | 000,001,030 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/01/27 14:14:39 | 000,001,026 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/01/24 00:06:40 | 014,264,143 | ---- | M] () -- E:\Users\Jose Luis\Desktop\Homenaje a Sergío Vega -El Shaka- †. (JULIO 2010).mp3
      [2013/01/19 17:36:29 | 000,037,610 | ---- | M] () -- E:\Users\Jose Luis\Desktop\ala.JPG
      [1 E:\Windows\*.tmp files -> E:\Windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/02/15 19:48:01 | 000,256,000 | ---- | C] () -- E:\Windows\PEV.exe
      [2013/02/15 19:48:01 | 000,208,896 | ---- | C] () -- E:\Windows\MBR.exe
      [2013/02/15 19:48:01 | 000,098,816 | ---- | C] () -- E:\Windows\sed.exe
      [2013/02/15 19:48:01 | 000,080,412 | ---- | C] () -- E:\Windows\grep.exe
      [2013/02/15 19:48:01 | 000,068,096 | ---- | C] () -- E:\Windows\zip.exe
      [2013/02/14 19:08:49 | 000,000,036 | ---- | C] () -- E:\Users\Jose Luis\AppData\Local\housecall.guid.cache
      [2013/02/13 17:36:59 | 000,001,080 | ---- | C] () -- E:\Users\Public\Desktop\Debut Video Capture Software.lnk
      [2013/02/13 14:38:16 | 000,039,304 | ---- | C] () -- E:\Users\Jose Luis\Desktop\spy.JPG
      [2013/02/13 14:19:58 | 001,241,312 | ---- | C] () -- E:\Windows\System32\FNTCACHE.DAT
      [2013/02/07 23:27:23 | 000,012,964 | -HS- | C] () -- E:\Users\Jose Luis\Documents\Folder.jpg
      [2013/02/07 23:27:23 | 000,012,964 | -HS- | C] () -- E:\Users\Jose Luis\Documents\AlbumArt_{F8D752AC-C75E-409E-94C4-9A7AC27D713E}_Large.jpg
      [2013/02/07 23:27:23 | 000,003,023 | -HS- | C] () -- E:\Users\Jose Luis\Documents\AlbumArtSmall.jpg
      [2013/02/07 23:27:23 | 000,003,023 | -HS- | C] () -- E:\Users\Jose Luis\Documents\AlbumArt_{F8D752AC-C75E-409E-94C4-9A7AC27D713E}_Small.jpg
      [2013/02/02 15:13:08 | 000,001,861 | ---- | C] () -- E:\Users\Jose Luis\Desktop\Music Editor Free.lnk
      [2013/01/24 14:09:59 | 014,264,143 | ---- | C] () -- E:\Users\Jose Luis\Desktop\Homenaje a Sergío Vega -El Shaka- †. (JULIO 2010).mp3
      [2013/01/19 15:35:01 | 000,037,610 | ---- | C] () -- E:\Users\Jose Luis\Desktop\ala.JPG
      [2012/12/03 14:00:56 | 000,000,016 | ---- | C] () -- E:\Windows\System32\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193}
      [2012/11/29 13:12:45 | 000,758,018 | ---- | C] () -- E:\Windows\System32\xvidcore.dll
      [2012/11/29 13:12:45 | 000,180,224 | ---- | C] () -- E:\Windows\System32\xvidvfw.dll
      [2012/11/26 14:49:45 | 000,216,064 | ---- | C] ( ) -- E:\Windows\System32\LAGARITH.DLL
      [2012/10/30 16:38:42 | 107,732,683 | ---- | C] () -- E:\Users\Jose Luis\AppData\Roaming\.minecraft.rar
      [2012/10/05 12:17:28 | 000,137,464 | ---- | C] () -- E:\Windows\System32\drivers\PnkBstrK.sys
      [2012/10/04 23:45:38 | 000,214,520 | ---- | C] () -- E:\Windows\System32\PnkBstrB.exe
      [2012/10/04 23:45:21 | 000,075,064 | ---- | C] () -- E:\Windows\System32\PnkBstrA.exe
      [2012/10/03 23:27:21 | 000,000,319 | ---- | C] () -- E:\Windows\game.ini
      [2012/10/03 19:36:05 | 000,015,360 | ---- | C] () -- E:\Windows\System32\BASSMOD.dll
      [2012/08/06 19:40:41 | 000,007,594 | ---- | C] () -- E:\Users\Jose Luis\AppData\Local\Resmon.ResmonCfg
      [2012/07/10 23:40:21 | 000,140,288 | ---- | C] () -- E:\Windows\System32\igfxtvcx.dll
      [2012/07/03 22:53:31 | 000,178,688 | ---- | C] () -- E:\Windows\System32\unrar.dll
      [2012/07/03 20:29:02 | 000,004,608 | ---- | C] () -- E:\Users\Jose Luis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/06/29 15:40:31 | 000,000,097 | ---- | C] () -- E:\Users\Jose Luis\AppData\Local\fusioncache.dat
      [2012/06/27 23:34:41 | 000,045,270 | ---- | C] () -- E:\Users\Jose Luis\AppData\Roaming\room_v3.dat

      ========== ZeroAccess Check ==========

      [2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- E:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 18:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 18:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2013/02/08 18:46:37 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\.minecraft
      [2012/08/30 13:19:39 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Ambient Design
      [2013/02/11 16:22:40 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Audacity
      [2012/12/10 02:33:09 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Bitcoin
      [2012/07/22 10:26:21 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\BsPicture
      [2012/11/03 21:06:20 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\CEZEO software
      [2012/06/27 16:38:32 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\ESET
      [2012/07/20 14:16:51 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\EurekaLog
      [2012/07/21 1247 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Foxit Software
      [2012/11/01 14:12:35 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\FreeAudioPack
      [2012/06/27 23:17:02 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\GameRanger
      [2012/10/10 15:48:01 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\GarenaPlus
      [2012/11/22 16:22:43 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\HandBrake
      [2012/08/01 14:23:48 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Jubler
      [2013/02/11 16:21:30 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Music Editor Free
      [2012/12/10 02:35:26 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\poclbm
      [2012/07/04 13:33:46 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Publish Providers
      [2012/11/22 13:21:46 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Rovio
      [2012/07/10 23:49:31 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\SecondLife
      [2012/07/04 20:02:06 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Sony
      [2012/10/23 14:37:21 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\TuneUp Software
      [2013/02/14 18:07:37 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\uTorrent

      ========== Purity Check ==========



      < End of report >

    6. #6
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: PC lenta y envenenamiento de cache dns

      Buenas.



      • Desconecta tu Equipo de Internet.


      Ejecutá OTL.exe

      1.-
      Copiar el siguiente texto (excluyendo la palabra Código):
      Código:
      :OTL
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}: NameServer = 8.8.8.8,8.8.4.4
      
      :Files
      ipconfig /flushdns /c
      
      
      :Commands
      [PURITY] 
      [RESETHOSTS]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [CREATERESTOREPOINT]
      2.- Pegar el contenido sobre el apartado: Análisis Personalizados /Código de Reparación.


      3.- Presionar el botón Reparar para comenzar el procedimiento. Presionar OK.


      OTL va a reiniciar el ordenador para completar el procedimiento.

      Guardar el nuevo reporte generado. Copiar y pegarlo en su próxima respuesta, comentando como funciona el Sistema.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de Lus Nara
      Registrado
      feb 2013
      Ubicación
      Mexico
      Mensajes
      78

      Re: PC lenta y envenenamiento de cache dns

      Aqui esta el nuevo reporte

      All processes killed
      ========== OTL ==========
      HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
      HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}\\DhcpNameServer| /E : value set successfully!
      HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}\\NameServer| /E : value set successfully!
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      E:\Users\Jose Luis\Desktop\cmd.bat deleted successfully.
      E:\Users\Jose Luis\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      E:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: Admin

      User: All Users

      User: Default

      User: Default User

      User: Jose Luis
      ->Flash cache emptied: 546 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: Admin
      ->Temporary Internet Files folder emptied: 0 bytes

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Jose Luis
      ->Temp folder emptied: 2312 bytes
      ->Temporary Internet Files folder emptied: 639994 bytes
      ->Java cache emptied: 295450 bytes
      ->FireFox cache emptied: 34150444 bytes
      ->Google Chrome cache emptied: 280183734 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 411 bytes
      RecycleBin emptied: 1471903 bytes

      Total Files Cleaned = 302,00 mb

      Restore point Set: OTL Restore Point

      OTL by OldTimer - Version 3.2.69.0 log created on 02162013_135249

      Files\Folders moved on Reboot...

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...


      Y el ordenador va bien pero el boton de propiedades sigue sin aparecer.

    8. #8
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: PC lenta y envenenamiento de cache dns

      Buenas.

      Ya lo he leído en algún otro tema ese mismo problema, lo importante es que el dns este limpio. Saca otro log de OTL para verificar.

      Salu2.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de Lus Nara
      Registrado
      feb 2013
      Ubicación
      Mexico
      Mensajes
      78

      Re: PC lenta y envenenamiento de cache dns

      Aqui esta el nuevo log

      OTL logfile created on: 16/02/2013 14:48:00 - Run 4
      OTL by OldTimer - Version 3.2.69.0 Folder = E:\Users\Jose Luis\Desktop
      Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7600.16385)
      Locale: 00000c0a | Country: México | Language: ESM | Date Format: dd/MM/yyyy

      1013,49 Mb Total Physical Memory | 361,40 Mb Available Physical Memory | 35,66% Memory free
      1,99 Gb Paging File | 1,41 Gb Available in Paging File | 70,70% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
      Drive C: | 28,64 Gb Total Space | 9,85 Gb Free Space | 34,39% Space Free | Partition Type: NTFS
      Drive D: | 47,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
      Drive E: | 74,50 Gb Total Space | 23,29 Gb Free Space | 31,27% Space Free | Partition Type: NTFS

      Computer Name: ANDROID-2885773 | User Name: Jose Luis | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - E:\Users\Jose Luis\Desktop\OTL.exe (OldTimer Tools)
      PRC - E:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - E:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software)
      PRC - E:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
      PRC - E:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
      PRC - E:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
      PRC - E:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - E:\Windows\explorer.exe (Microsoft Corporation)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV - (MBAMService) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (TuneUp.UtilitiesSvc) -- E:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
      SRV - (ekrn) -- E:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
      SRV - (Steam Client Service) -- E:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
      SRV - (StorSvc) -- E:\Windows\System32\StorSvc.dll (Microsoft Corporation)
      SRV - (SensrSvc) -- E:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- E:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- E:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (XDva400) -- E:\Windows\system32\XDva400.sys File not found
      DRV - (XDva399) -- E:\Windows\system32\XDva399.sys File not found
      DRV - (XDva397) -- E:\Windows\system32\XDva397.sys File not found
      DRV - (SQTECH913D) -- System32\Drivers\Capt913D.sys File not found
      DRV - (SBRE) -- E:\Windows\system32\drivers\SBREdrv.sys File not found
      DRV - (GGSAFERDriver) -- E:\Program Files\Garena Plus\Room\safedrv.sys File not found
      DRV - (EuGdiDrv) -- E:\Windows\system32\EuGdiDrv.sys File not found
      DRV - (epmntdrv) -- E:\Windows\system32\epmntdrv.sys File not found
      DRV - (EagleXNt) -- E:\Windows\system32\drivers\EagleXNt.sys File not found
      DRV - (catchme) -- E:\Users\JOSELU~1\AppData\Local\Temp\catchme.sys File not found
      DRV - (MBAMProtector) -- E:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (dtsoftbus01) -- E:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV - (TuneUpUtilitiesDrv) -- E:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
      DRV - (HssDRV6) -- E:\Windows\System32\drivers\hssdrv6.sys (AnchorFree Inc.)
      DRV - (taphss) -- E:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
      DRV - (eamonm) -- E:\Windows\System32\drivers\eamonm.sys (ESET)
      DRV - (epfw) -- E:\Windows\System32\drivers\epfw.sys (ESET)
      DRV - (epfwwfp) -- E:\Windows\System32\drivers\epfwwfp.sys (ESET)
      DRV - (EpfwLWF) -- E:\Windows\System32\drivers\EpfwLWF.sys (ESET)
      DRV - (ehdrv) -- E:\Windows\System32\drivers\ehdrv.sys (ESET)
      DRV - (SbFw) -- E:\Windows\System32\drivers\SbFw.sys (Sunbelt Software, Inc.)
      DRV - (sbhips) -- E:\Windows\System32\drivers\sbhips.sys (Sunbelt Software, Inc.)
      DRV - (SbTis) -- E:\Windows\System32\drivers\sbtis.sys (Sunbelt Software, Inc.)
      DRV - (SBFWIMCLMP) -- E:\Windows\System32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
      DRV - (SBFWIMCL) -- E:\Windows\System32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
      DRV - (athr) -- E:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
      DRV - (vmbus) -- E:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- E:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- E:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (RMCAST) -- E:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
      DRV - (WinUsb) -- E:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (s3cap) -- E:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- E:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (hamachi) -- E:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{4CA7A89B-B509-4CBF-AB97-6307132C0EF3}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{D0196D2A-1578-4CC2-8692-9F617C64D184}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Ask.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}&src=IE-SearchBox&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IE8SSC&market={Language}
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{112CFC4D-9AA8-41AE-87DF-24E7C1E89EE7}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYMX&apn_uid=5739fcee-cdb5-4a8a-8231-46964bf8cf37&apn_sauid=D8E4CF65-659B-48D0-8CF1-22AC6EB03678
      IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{4CA7A89B-B509-4CBF-AB97-6307132C0EF3}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{D0196D2A-1578-4CC2-8692-9F617C64D184}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultengine: "http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q="
      FF - prefs.js..browser.search.defaultenginename: "Google"
      FF - prefs.js..browser.search.defaultthis.engineName: "Google"
      FF - prefs.js..browser.search.defaulturl: "http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q="
      FF - prefs.js..browser.search.order.1: "Google"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.search.selectedEngineURL: "http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q="
      FF - prefs.js..extensions.enabledAddons: [email protected]:0.9.0
      FF - prefs.js..keyword.URL: "http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q="


      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: E:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: E:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: E:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: e:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
      FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: E:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/11/07 19:14:47 | 000,000,000 | ---D | M]

      [2012/11/17 20:43:28 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Jose Luis\AppData\Roaming\mozilla\Extensions
      [2013/01/16 17:23:57 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Jose Luis\AppData\Roaming\mozilla\Firefox\Profiles\l7ph63p6.default\extensions
      [2013/01/16 17:23:57 | 000,089,481 | ---- | M] () (No name found) -- E:\Users\Jose Luis\AppData\Roaming\mozilla\firefox\profiles\l7ph63p6.default\extensions\[email protected]
      [2012/12/05 13:49:10 | 000,002,079 | ---- | M] () -- E:\Users\Jose Luis\AppData\Roaming\mozilla\firefox\profiles\l7ph63p6.default\searchplugins\google.xml

      ========== Chrome ==========

      CHR - homepage: Google
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = E:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = E:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = E:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
      CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = E:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
      CHR - plugin: Google Update (Enabled) = E:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = E:\Windows\system32\npDeployJava1.dll
      CHR - plugin: Pando Web Plugin (Enabled) = E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = e:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
      CHR - Extension: Taringa! emoticons! = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\acfbcejobfaihohadhifbohhgkmpbbpf\3.1_0\
      CHR - Extension: Google Drive = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
      CHR - Extension: YouTube = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
      CHR - Extension: B\u00FAsqueda de Google = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
      CHR - Extension: AdBlock = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.60_0\
      CHR - Extension: Descarga tus videos = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkglaboababckmiklpfggkomcpmhcdh\1.3.6_0\
      CHR - Extension: Gmail = E:\Users\Jose Luis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

      O1 HOSTS File: ([2013/02/16 13:52:52 | 000,000,098 | ---- | M]) - E:\Windows\System32\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: ::1 localhost
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O4 - HKLM..\Run: [egui] E:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB658D3C-D7C0-45D7-A336-6E8928E8EA68}: DhcpNameServer = 192.168.1.254
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (E:\Windows\system32\userinit.exe) - E:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/02/16 13:52:49 | 000,000,000 | ---D | C] -- E:\_OTL
      [2013/02/16 13:03:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Users\Jose Luis\Desktop\OTL.exe
      [2013/02/15 20:03:50 | 000,000,000 | -HSD | C] -- E:\$RECYCLE.BIN
      [2013/02/15 19:59:46 | 000,000,000 | ---D | C] -- E:\Windows\temp
      [2013/02/15 19:59:46 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\AppData\Local\temp
      [2013/02/15 19:48:01 | 000,518,144 | ---- | C] (SteelWerX) -- E:\Windows\SWREG.exe
      [2013/02/15 19:48:01 | 000,406,528 | ---- | C] (SteelWerX) -- E:\Windows\SWSC.exe
      [2013/02/15 19:48:01 | 000,060,416 | ---- | C] (NirSoft) -- E:\Windows\NIRCMD.exe
      [2013/02/15 19:47:55 | 000,000,000 | ---D | C] -- E:\ComboFix
      [2013/02/15 19:47:48 | 000,000,000 | ---D | C] -- E:\Qoobox
      [2013/02/15 19:47:32 | 000,000,000 | ---D | C] -- E:\Windows\erdnt
      [2013/02/15 19:40:49 | 005,033,715 | R--- | C] (Swearware) -- E:\Users\Jose Luis\Desktop\ComboFix.exe
      [2013/02/14 16:36:15 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\.msf4
      [2013/02/13 1919 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\Desktop\WiresharkPortable
      [2013/02/13 19:08:12 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\Wireshark
      [2013/02/13 17:37:16 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
      [2013/02/13 17:37:16 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
      [2013/02/13 17:36:58 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software
      [2013/02/12 17:40:22 | 000,000,000 | ---D | C] -- E:\Program Files\Nmap
      [2013/02/06 18:07:56 | 000,000,000 | ---D | C] -- E:\Program Files\SystemRequirementsLab
      [2013/02/02 15:13:08 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Editor Free
      [2013/02/02 15:12:48 | 000,000,000 | ---D | C] -- E:\Program Files\Music Editor Free
      [2013/02/02 15:01:15 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\Desktop\audacity-win-2-0-3
      [2013/01/31 14:06:12 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\AppData\Roaming\mIRC
      [2013/01/25 16:27:07 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
      [2013/01/25 16:27:01 | 000,000,000 | ---D | C] -- E:\Program Files\Cain
      [2013/01/19 16:09:38 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Java
      [2013/01/17 20:37:00 | 000,000,000 | ---D | C] -- E:\Users\Jose Luis\AppData\Local\Ares

      ========== Files - Modified Within 30 Days ==========

      [2013/02/16 14:24:08 | 000,007,594 | ---- | M] () -- E:\Users\Jose Luis\AppData\Local\Resmon.ResmonCfg
      [2013/02/16 13:55:02 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
      [2013/02/16 13:52:52 | 000,000,098 | ---- | M] () -- E:\Windows\System32\drivers\etc\Hosts
      [2013/02/16 13:03:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\Jose Luis\Desktop\OTL.exe
      [2013/02/16 00:55:10 | 000,014,544 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/02/16 00:55:09 | 000,014,544 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/02/15 19:47:21 | 005,033,715 | R--- | M] (Swearware) -- E:\Users\Jose Luis\Desktop\ComboFix.exe
      [2013/02/14 19:16:36 | 001,241,312 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT
      [2013/02/14 19:08:49 | 000,000,036 | ---- | M] () -- E:\Users\Jose Luis\AppData\Local\housecall.guid.cache
      [2013/02/13 17:36:59 | 000,001,080 | ---- | M] () -- E:\Users\Public\Desktop\Debut Video Capture Software.lnk
      [2013/02/13 14:38:17 | 000,039,304 | ---- | M] () -- E:\Users\Jose Luis\Desktop\spy.JPG
      [2013/02/07 23:27:23 | 000,012,964 | -HS- | M] () -- E:\Users\Jose Luis\Documents\Folder.jpg
      [2013/02/07 23:27:23 | 000,012,964 | -HS- | M] () -- E:\Users\Jose Luis\Documents\AlbumArt_{F8D752AC-C75E-409E-94C4-9A7AC27D713E}_Large.jpg
      [2013/02/07 23:27:22 | 000,003,023 | -HS- | M] () -- E:\Users\Jose Luis\Documents\AlbumArtSmall.jpg
      [2013/02/07 23:27:22 | 000,003,023 | -HS- | M] () -- E:\Users\Jose Luis\Documents\AlbumArt_{F8D752AC-C75E-409E-94C4-9A7AC27D713E}_Small.jpg
      [2013/02/04 18:23:49 | 000,754,588 | ---- | M] () -- E:\Windows\System32\perfh00A.dat
      [2013/02/04 18:23:49 | 000,660,218 | ---- | M] () -- E:\Windows\System32\perfh009.dat
      [2013/02/04 18:23:49 | 000,162,822 | ---- | M] () -- E:\Windows\System32\perfc00A.dat
      [2013/02/04 18:23:49 | 000,124,408 | ---- | M] () -- E:\Windows\System32\perfc009.dat
      [2013/02/02 15:13:09 | 000,001,861 | ---- | M] () -- E:\Users\Jose Luis\Desktop\Music Editor Free.lnk
      [2013/01/27 14:14:39 | 000,001,030 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/01/27 14:14:39 | 000,001,026 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/01/24 00:06:40 | 014,264,143 | ---- | M] () -- E:\Users\Jose Luis\Desktop\Homenaje a Sergío Vega -El Shaka- †. (JULIO 2010).mp3
      [2013/01/19 17:36:29 | 000,037,610 | ---- | M] () -- E:\Users\Jose Luis\Desktop\ala.JPG

      ========== Files Created - No Company Name ==========

      [2013/02/15 19:48:01 | 000,256,000 | ---- | C] () -- E:\Windows\PEV.exe
      [2013/02/15 19:48:01 | 000,208,896 | ---- | C] () -- E:\Windows\MBR.exe
      [2013/02/15 19:48:01 | 000,098,816 | ---- | C] () -- E:\Windows\sed.exe
      [2013/02/15 19:48:01 | 000,080,412 | ---- | C] () -- E:\Windows\grep.exe
      [2013/02/15 19:48:01 | 000,068,096 | ---- | C] () -- E:\Windows\zip.exe
      [2013/02/14 19:08:49 | 000,000,036 | ---- | C] () -- E:\Users\Jose Luis\AppData\Local\housecall.guid.cache
      [2013/02/13 17:36:59 | 000,001,080 | ---- | C] () -- E:\Users\Public\Desktop\Debut Video Capture Software.lnk
      [2013/02/13 14:38:16 | 000,039,304 | ---- | C] () -- E:\Users\Jose Luis\Desktop\spy.JPG
      [2013/02/13 14:19:58 | 001,241,312 | ---- | C] () -- E:\Windows\System32\FNTCACHE.DAT
      [2013/02/07 23:27:23 | 000,012,964 | -HS- | C] () -- E:\Users\Jose Luis\Documents\Folder.jpg
      [2013/02/07 23:27:23 | 000,012,964 | -HS- | C] () -- E:\Users\Jose Luis\Documents\AlbumArt_{F8D752AC-C75E-409E-94C4-9A7AC27D713E}_Large.jpg
      [2013/02/07 23:27:23 | 000,003,023 | -HS- | C] () -- E:\Users\Jose Luis\Documents\AlbumArtSmall.jpg
      [2013/02/07 23:27:23 | 000,003,023 | -HS- | C] () -- E:\Users\Jose Luis\Documents\AlbumArt_{F8D752AC-C75E-409E-94C4-9A7AC27D713E}_Small.jpg
      [2013/02/02 15:13:08 | 000,001,861 | ---- | C] () -- E:\Users\Jose Luis\Desktop\Music Editor Free.lnk
      [2013/01/24 14:09:59 | 014,264,143 | ---- | C] () -- E:\Users\Jose Luis\Desktop\Homenaje a Sergío Vega -El Shaka- †. (JULIO 2010).mp3
      [2013/01/19 15:35:01 | 000,037,610 | ---- | C] () -- E:\Users\Jose Luis\Desktop\ala.JPG
      [2012/12/03 14:00:56 | 000,000,016 | ---- | C] () -- E:\Windows\System32\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193}
      [2012/11/29 13:12:45 | 000,758,018 | ---- | C] () -- E:\Windows\System32\xvidcore.dll
      [2012/11/29 13:12:45 | 000,180,224 | ---- | C] () -- E:\Windows\System32\xvidvfw.dll
      [2012/11/26 14:49:45 | 000,216,064 | ---- | C] ( ) -- E:\Windows\System32\LAGARITH.DLL
      [2012/10/30 16:38:42 | 107,732,683 | ---- | C] () -- E:\Users\Jose Luis\AppData\Roaming\.minecraft.rar
      [2012/10/05 12:17:28 | 000,137,464 | ---- | C] () -- E:\Windows\System32\drivers\PnkBstrK.sys
      [2012/10/04 23:45:38 | 000,214,520 | ---- | C] () -- E:\Windows\System32\PnkBstrB.exe
      [2012/10/04 23:45:21 | 000,075,064 | ---- | C] () -- E:\Windows\System32\PnkBstrA.exe
      [2012/10/03 23:27:21 | 000,000,319 | ---- | C] () -- E:\Windows\game.ini
      [2012/10/03 19:36:05 | 000,015,360 | ---- | C] () -- E:\Windows\System32\BASSMOD.dll
      [2012/08/06 19:40:41 | 000,007,594 | ---- | C] () -- E:\Users\Jose Luis\AppData\Local\Resmon.ResmonCfg
      [2012/07/10 23:40:21 | 000,140,288 | ---- | C] () -- E:\Windows\System32\igfxtvcx.dll
      [2012/07/03 22:53:31 | 000,178,688 | ---- | C] () -- E:\Windows\System32\unrar.dll
      [2012/07/03 20:29:02 | 000,004,608 | ---- | C] () -- E:\Users\Jose Luis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/06/29 15:40:31 | 000,000,097 | ---- | C] () -- E:\Users\Jose Luis\AppData\Local\fusioncache.dat
      [2012/06/27 23:34:41 | 000,045,270 | ---- | C] () -- E:\Users\Jose Luis\AppData\Roaming\room_v3.dat

      ========== ZeroAccess Check ==========

      [2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- E:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 18:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 18:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2013/02/08 18:46:37 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\.minecraft
      [2012/08/30 13:19:39 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Ambient Design
      [2013/02/11 16:22:40 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Audacity
      [2012/12/10 02:33:09 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Bitcoin
      [2012/07/22 10:26:21 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\BsPicture
      [2012/11/03 21:06:20 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\CEZEO software
      [2012/06/27 16:38:32 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\ESET
      [2012/07/20 14:16:51 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\EurekaLog
      [2012/07/21 1247 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Foxit Software
      [2012/11/01 14:12:35 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\FreeAudioPack
      [2012/06/27 23:17:02 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\GameRanger
      [2012/10/10 15:48:01 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\GarenaPlus
      [2012/11/22 16:22:43 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\HandBrake
      [2012/08/01 14:23:48 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Jubler
      [2013/02/11 16:21:30 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Music Editor Free
      [2012/12/10 02:35:26 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\poclbm
      [2012/07/04 13:33:46 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Publish Providers
      [2012/11/22 13:21:46 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Rovio
      [2012/07/10 23:49:31 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\SecondLife
      [2012/07/04 20:02:06 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\Sony
      [2012/10/23 14:37:21 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\TuneUp Software
      [2013/02/14 18:07:37 | 000,000,000 | ---D | M] -- E:\Users\Jose Luis\AppData\Roaming\uTorrent

      ========== Purity Check ==========



      < End of report >

    10. #10
      Usuario Avatar de Lus Nara
      Registrado
      feb 2013
      Ubicación
      Mexico
      Mensajes
      78

      Re: PC lenta y envenenamiento de cache dns

      Hola,una consulta,
      a raiz de los escaneos realizados han aparecido 3 nuevos procesos en el administrador de tareas y en el inicio automatico de windows,se trata de los siguientes procesos:

      E:/windows/system32/hkcmd.exe
      E:/windows/system32/igfxpers.exe
      E:/windows/system32/igfxtray.exe

      Es normal la aparicion de estos procesos?

    Página 1 de 2 12 ÚltimoÚltimo