• Registrarse
  • Iniciar sesión


  • Resultados 1 al 10 de 10

    Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema KO

    Pues eso, desde ayer arranco windows 7 home premium y el disco duro tiene unos 45-46 GB libres, el tema es que poco a poco ese espacio se va reduciendo hasta no dejar espacio libre, ...

    1. #1
      Usuario Avatar de Kchondo
      Registrado
      jul 2007
      Ubicación
      España
      Mensajes
      19

      Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema KO

      Pues eso, desde ayer arranco windows 7 home premium y el disco duro tiene unos 45-46 GB libres, el tema es que poco a poco ese espacio se va reduciendo hasta no dejar espacio libre, con la consiguiente ralentización del sistema.

      Cuando reinicio el sistema, el espacio libre vuelve a estar ahí pero en 1 hora aproximadamente se rellena hasta los topes repitiendose el problema.

      He leido otros post con problemas similares pero no me solucionan nada, tambien he desactivado la restauración del sistema (decir que estando activado, no había ningún punto de restauración)

      Dejo el LOG de HiJackThis:
      Código:
      Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 23:13:09, on 26/03/2013
      Platform: Windows 7 SP1 (WinNT 6.00.3505)
      MSIE: Internet Explorer v9.00 (9.00.8112.16464)
      Boot mode: Normal
      
      Running processes:
      D:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
      D:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
      C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
      C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedhlp.exe
      C:\Windows\SysWOW64\HsMgr.exe
      C:\Users\Edu\AppData\Roaming\Dropbox\bin\Dropbox.exe
      C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
      C:\Program Files\ASUS Xonar DG Audio\Customapp\ASUSAUDIOCENTER.EXE
      C:\Program Files\Alwil Software\Avast5\AvastUI.exe
      D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
      C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
      D:\Users\Edu\Downloads\HijackThis.exe
      d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
      d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      D:\Program Files (x86)\Mozilla Firefox\firefox.exe
      D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
      C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
      C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
      C:\Users\Edu\Desktop\limpieza\HijackThis.exe
      
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=userinit.exe,
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
      O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
      O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
      O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
      O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
      O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
      O4 - HKLM\..\Run: [RegistrarUsrDNIeCertStoreDLL] "D:\Program Files (x86)\DNIe\udcs.exe"
      O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
      O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
      O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
      O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
      O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
      O4 - HKLM\..\Run: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exe
      O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
      O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
      O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')
      O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
      O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
      O4 - Startup: Dropbox.lnk = Edu\AppData\Roaming\Dropbox\bin\Dropbox.exe
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: *.clonewarsadventures.com
      O15 - Trusted Zone: *.freerealms.com
      O15 - Trusted Zone: *.soe.com
      O15 - Trusted Zone: *.sony.com
      O16 - DPF: {2DAB6EF1-66C3-427C-87CD-8DC448C47EAE} (CtlTGVI Class) - https://www5.aeat.es/es13/h/tgvicab.cab
      O16 - DPF: {947B00D2-962D-4A35-9E48-98EE6A442B41} (OAdedinet Class) - https://www1.agenciatributaria.gob.es/ADUA/internet/aded1503.cab
      O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www1.agenciatributaria.gob.es/es13/h/cactivex.cab
      O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
      O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
      O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
      O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
      O20 - AppInit_DLLs: c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll 
      O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
      O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
      O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - D:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
      O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: AMD FUEL Service - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
      O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
      O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
      O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
      O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
      O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
      O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
      O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: MBAMScheduler - Malwarebytes Corporation - d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      O23 - Service: MBAMService - Malwarebytes Corporation - d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
      O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
      O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
      O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
      O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
      O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
      O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      
      --
      End of file - 26733 bytes
      ¿Se trata de un virus/gusano/troyano? me trae de cabeza
      Muchas gracias
      Última edición por Kchondo fecha: 27/03/13 a las 09:00:21 Razón: cambiar quote por code

    2. #2
      Ex-Colaborador Avatar de Marr0n
      Registrado
      mar 2010
      Ubicación
      Catalunya
      Mensajes
      5.871

      Re: Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema

      , aunque hayas hecho algo + o - parecido, haz esto y sigue los pasos al pie de la letra.

      En los escaneos conecta todos tus dispositivos extraibles.

      Nota: Sino puedes hacer alguno de los pasos lo omites y pasas al siguiente.

      Inicias en > Modo seguro

      Descarga, instala y actualiza:


      Actualizalos, es muy importante





      Ejecutas Malwarebytes.

      Haz un "escaneo completo".
      Una vez finalizado, si te detecta algo eliges "quitar lo seleccionado ".

      Si te pide reiniciar, lo haces.
      En la pestaña "Registros", encontrarás el reporte.

      Ejecutas Ccleaner usando sus opciones Limpiador y Registro.

      Realiza una análisis online con > Panda ActiveScan 2.0 > Manual de Panda ActiveScan 2.0

      En tu próximo post pegas los reportes del Malwarebytes y el del Panda Active Scan. (Aunque no te detecten nada o no te salga ninguna infección).

      sALU2.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Kchondo
      Registrado
      jul 2007
      Ubicación
      España
      Mensajes
      19

      Re: Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema

      Gracias por la respuesta.

      Tenía mas cosillas de las que me esperaba

      LOG Malwarebyte's:
      Código:
      Malwarebytes Anti-Malware (PRO) 1.70.0.1100
      www.malwarebytes.org
      
      Versión de la Base de Datos: v2013.03.26.14
      
      Windows 7 Service Pack 1 x64 NTFS (modo seguro)
      Internet Explorer 9.0.8112.16421
      Edu :: PC-TOON [administrador]
      
      Protección: Personas de movilidad reducida
      
      26/03/2013 23:24:13
      MBAM-log-2013-03-27 (00-45-58).txt
      
      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | 
      
      Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 743841
      Tiempo transcurrido: 1 hora(s), 21 minuto(s), 30 segundo(s)
      
      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)
      
      Archivos Detectados: 2
      D:\Program Files (x86)\ABBYY FineReader 9.0\FineReader.exe (PUP.Hacktool.Patcher) -> No se 
      
      tomaron medidas.
      D:\Program Files (x86)\PDF Password Remover v3.0\pdfdecrypt.exe (PUP.PDFPasswordRemover) -> No se 
      
      tomaron medidas.
      
      fin)
      He eliminado las amenazas, pero el abbyy lo tengo en varios equipos con el mismo crack, en windows xp, vista y 7 y nunca ha sido detectado como una amenaza por malwarebytes en análisis anteriores.

      LOG Panda Activescan 2.0:
      Código:
      ;******************************************************************************************
      
      *****************************************************************************************
      ANALYSIS: 2013-03-27 08:26:27
      PROTECTIONS: 1
      MALWARE: 11
      SUSPECTS: 0
      ;************************************************************************************************
      
      ***********************************************************************************
      PROTECTIONS
      Description                                  Version                       Active    Updated
      ;================================================================================================
      
      ===================================================================================
      avast! Antivirus                                                           Yes       Yes
      ;================================================================================================
      
      ===================================================================================
      MALWARE
      Id        Description                        Type                Active    Severity  
      
      Disinfectable  Disinfected Location
      ;================================================================================================
      
      ===================================================================================
      00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes          
      
        No           f:\luis\documents and settings\l u i s\cookies\l u i [email protected][2].txt
      00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes          
      
        No           f:\luis\documents and settings\l u i s\cookies\l u i [email protected][1].txt
      00168093  Cookie/Serving-sys                 TrackingCookie      No        0         Yes          
      
        No           f:\luis\documents and settings\l u i s\cookies\l u i [email protected][2].txt
      00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes          
      
        No           c:\users\edu\appdata\roaming\microsoft\windows\cookies\9pot7e46.txt
      00169287  Cookie/Adrevolver                  TrackingCookie      No        0         Yes          
      
        No           f:\luis\documents and settings\l u i s\cookies\l u i [email protected][3].txt
      00184846  Cookie/Adrevolver                  TrackingCookie      No        0         Yes          
      
        No           f:\luis\documents and settings\l u i s\cookies\l u i [email protected][2].txt
      00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes          
      
        No           f:\luis\documents and settings\l u i s\cookies\l u i [email protected][1].txt
      01768088  Trj/Thed.W                         Virus/Trojan        No        0         No           
      
        No           d:\users\edu\downloads\cry3fxv2.rar[cry3fxv2\cryea.dll]
      03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes          
      
        No           d:\users\edu\downloads\autokeygen_7.4_gps-experts.exe
      03074964  Trj/CI.A                           Virus/Trojan        No        0         No           
      
        No           f:\equipon\d\descargas\myphoneexplorer_setup_1.7.1.exe[²üç
      
      \ebay_shortcuts_1025.exe]
      05549878  Generic Trojan                     Virus/Trojan        No        0         Yes          
      
        No           f:\luis\documents and settings\l u i s\mis documentos\prgramas descargados
      
      \bpmdemo.exe
      11178620  Generic Malware                    Virus/Trojan        No        0         No           
      
        No           d:\users\edu\downloads\utorrent\sony vegas pro 10.0c.469 & 470 (2011) 
      
      [multilingual][www.zonatorrent.com]\sony vegas pro 10.0c.469 & 470 (2011) [multilingual]
      
      [www.zonatorrent.com].part01.rar[sony vegas pro 10.0c.469 & 470 (2011) [multilingual]
      
      [www.zonatorrent.com]\sony_products_multikeygen_1.9\keygen\keygen.exe]
      ;================================================================================================
      
      ===================================================================================
      SUSPECTS
      Sent      Location
      ;================================================================================================
      
      ===================================================================================
      ;================================================================================================
      
      ===================================================================================
      VULNERABILITIES
      Id        Severity       Description
      ;================================================================================================
      
      ===================================================================================
      ;================================================================================================
      
      ===================================================================================
      La mayoría de esos archivos estaban en una copia de seguridad que he borrado y también he borrado el resto de archivos detectados.
      Por ahora el problema se mantiene.
      Última edición por Kchondo fecha: 27/03/13 a las 08:59:25

    4. #4
      Ex-Colaborador Avatar de Marr0n
      Registrado
      mar 2010
      Ubicación
      Catalunya
      Mensajes
      5.871

      Re: Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema

      En el informe pone que el abby no ha sido eliminado, puede que realmente si que este infectado. Sube los 2 archivos detectado por el a: Virus Total y me pones los enlaces de dichos archivos una vez subidos, haber que detecta.

      Respecto a lo del panda no deberías haber eliminado lo que te ha detectado, ya que lo íbamos a hacer ahora, =mente lo hago como si no hubieras borrado nada ya que alomejor te has dejado alguno.

      Para eliminar las cookies que te ha detectado el panda, ejecuta de nuevo el de la forma que te expliqué.

      Para eliminar las infecciónes que te ha detectado el panda, haz esto:

      Descargas el OTMoveIt3 y lo guardas en el escritorio.

      • Haces doble clic sobre OTMoveIt.exe y se ejecutará.

      • Copias el texto que te voy a poner + abajo (en un recuadro), y lo pegas en el marco de la izquierda de OTMoveIt que se llama Paste List of Filas / Folders to be moved.

      Código:
      :files
      d:\users\edu\downloads\cry3fxv2.rar
      d:\users\edu\downloads\autokeygen_7.4_gps-experts.exe
      f:\equipon\d\descargas\myphoneexplorer_setup_1.7.1.exe
      f:\luis\documents and settings\l u i s\mis documentos\prgramas descargados\bpmdemo.exe
      
      :commands
      [purity]
      [EMPTYFLASH]
      [emptytemp]
      [resethosts]
      [clearallrestorepoints]
      [Reboot]
      Haces clic en MoveIt! para suprimir los archivos.

      • Cuando el resultado aparezca en el marco results, haces clic en Exit.

      Me envías el reporte del OTMoveIt, este se encuentra ubicado en:

      C: \ _OTMoveIt\MovedFiles\***.log

      Eliminas manualmente (compruebas que ya lo estén):

      d:\users\edu\downloads\utorrent\sony vegas pro 10.0c.469 & 470 (2011) > part01.rar

      \sony_products_multikeygen_1.9\keygen\keygen.exe

      Ya me dirás el que.

      Salu2.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Kchondo
      Registrado
      jul 2007
      Ubicación
      España
      Mensajes
      19

      Re: Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema

      Aquí dejo el Log
      Código:
      All processes killed
      ========== FILES ==========
      File/Folder d:\users\edu\downloads\cry3fxv2.rar not found.
      File/Folder d:\users\edu\downloads\autokeygen_7.4_gps-experts.exe not found.
      File/Folder f:\equipon\d\descargas\myphoneexplorer_setup_1.7.1.exe not found.
      File/Folder f:\luis\documents and settings\l u i s\mis documentos\prgramas descargados\bpmdemo.exe not found.
      ========== COMMANDS ==========
       
      [EMPTYFLASH]
       
      User: All Users
       
      User: Default
      ->Flash cache emptied: 57616 bytes
       
      User: Default User
      ->Flash cache emptied: 0 bytes
       
      User: Edu
      ->Flash cache emptied: 61472 bytes
       
      User: Public
       
      Total Flash Files Cleaned = 0,00 mb
       
       
      [EMPTYTEMP]
       
      User: All Users
       
      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes
       
      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes
       
      User: Edu
      ->Temp folder emptied: 19676777 bytes
      ->Temporary Internet Files folder emptied: 5255326 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 82861690 bytes
      ->Google Chrome cache emptied: 37341110 bytes
      ->Flash cache emptied: 0 bytes
       
      User: Public
       
      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 155648 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 64397078 bytes
      %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68580 bytes
      %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 755 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68042 bytes
      RecycleBin emptied: 0 bytes
       
      Total Files Cleaned = 200,00 mb
       
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully
       
      Error creating restore point.
       
      OTM by OldTimer - Version 3.1.21.0 log created on 03272013_195709
      
      Files moved on Reboot...
      C:\Users\Edu\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
      
      Registry entries deleted on Reboot...
      Los archivos comentados también están eliminados.
      El disco duro sigue llenandose inexplicablemente, y en ocasiones al intentar cargar la web me aparece un error con esta web de no se que problema de dns con filecloud, corrijo, cloudflare pero pasado un rato carga bien. Igual es un síntoma de lo que me está atacando, aunque solo pasa con forospyware.
      Enlace a captura de lo que aparece en mi navegador.
      http://s2.subirimagenes.com/imagen/8378640sinttulo1.jpg
      Última edición por Kchondo fecha: 27/03/13 a las 15:45:07

    6. #6
      Ex-Colaborador Avatar de Marr0n
      Registrado
      mar 2010
      Ubicación
      Catalunya
      Mensajes
      5.871

      Re: Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema

      Realiza lo siguiente:

      Descarga y ejecuta > Ccleaner


      • Usando primero su opción de Limpiador para borrar cookies, archivos temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después utilizas su opción de Registro para limpiar todo el registro de Windows (haciendo antes una copia de seguridad).


      Descarga, instala, ejecuta y actualiza >


      • En la pestaña Actualizar pulsa sobre "Buscar Actualizaciones"
      • En la pestaña Escáner tildas la casilla "Realizar un Análisis Completo."
      • Una vez finalizado, si te detecta algo eliges "quitar lo seleccionado " y lo mandas todo a la cuarentena y reinicias el sistema.
      • En la pestaña "Registros", encontrarás el reporte que lo copiaras y pegaras en tu próxima respuesta para ser analizado.




      Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.


      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer como administrador.
      • Presiona sobre la opción 2 (Buscar y Destruir) para comenzar el escaneo.
      • Una vez terminada la búsqueda de Adwares & Toolbars, se generará un reporte con los resultados al reiniciar.
      • Copia y pega el reporte en este mismo tema para analizar los resultados generados por AT-Destroyer



      Finalmente descarga > OTL By OldTimer | InfoSpyware

      Para ejecutar OTL haz lo siguiente:


      • Cierra todos programas que tengas abiertos y haz doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr y espera a que aparezca el menú de OTL.
      • Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" marcando Resultado Mínimo.
      • Marca la casilla Analizar Todos.
      • Marca las opciones: Buscar LOP y Buscar Purity.
      • Marca las opciones: Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copia y pega las líneas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Código.

      Código:
       
      netsvcs
      msconfig
      %SYSTEMDRIVE%\*.*
      CREATERESTOREPOINT

      • Por favor no cambies/modifiques el resto de la configuración a no ser que te lo solicite algún integrante del staff
      • Presiona el botón .
      • Una vez finalizado el exámen, aparecerán 2 archivos, OTL.Txt y Extras.Txt. Dichos archivos estarán ubicados en el lugar dodne OTL.exe ha sido descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.


      Recuerda que en tu próxima respuesta:



      • Pon los infromes de: , AT-Destroyer, y OTL.txt
      • Explica como sigue el ordenador con relación al problema inicial planteado.


      Salu2.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de Kchondo
      Registrado
      jul 2007
      Ubicación
      España
      Mensajes
      19

      Re: Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema

      Antes que nada, gracias por la ayuda que estás prestándome.

      Despues de seguir tus pasos, y tras dejar el ordenador encendido varias horas, el disco duro está estable en 41,5GB libres.
      Parece que lo que me estaba fastidiando ha sido eliminado
      Una cosilla, cuando reiniciaba el ordenador y pasaba Ccleaner me quedaban unos 49GB antes de empezar a bajar. ¿Es posible recuperar esos 7,5GB de diferencia?

      Aquí dejo los Logs, no se que han quitado pero ha funcionado.
      LOG MALWAREBYTES
      Código:
      Malwarebytes Anti-Malware (PRO) 1.70.0.1100
      www.malwarebytes.org
      
      Versión de la Base de Datos: v2013.03.28.05
      
      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Edu :: PC-TOON [administrador]
      
      Protección: Habilitado
      
      28/03/2013 10:03:55
      mbam-log-2013-03-28 (10-03-55).txt
      
      Tipos de Análisis: Análisis Completo (C:\|D:\|F:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 776328
      Tiempo transcurrido: 2 hora(s), 24 minuto(s), 37 segundo(s)
      
      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)
      
      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)
      
      fin)

      LOG AT-DESTROYER
      Código:
      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 13:29:42  \\\  28/03/2013
      AT-Destroyer 2.1 By Infospyware ---> www.infospyware.com
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Google Chrome:25.0.1364.172
      Privilegios: Edu - Administrador
      Modo Actual: Modo Seguro. 
      Nombre del pc: PC-TOON
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:Edu
      Lenguaje del sistema: Español
      
      
      
      >>>>>>>  Servicios <<<<<<<
      
      
      
      >>>>>> Carpetas <<<<<<
      
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}   97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache   97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat   97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe   97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico   97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll   97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll   97
      C:\ProgramData\Tarma Installer   97
      
      
      >>>>>>  Archivos  <<<<<<
      
      
      
      >>>>>>  Registro  <<<<<<
      
      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      
      
      >>>>>> Heurística <<<<<<
      
      
      
       >>>>>> Internet Explorer <<<<<<
      
      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157
      
      
      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==
      
      
      HKEY_USERS\S-1-5-21-3279339126-3329790353-3831203752-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==
      
      
      >>>>>> Firefox <<<<<<
      
      user_pref("browser.startup.homepage_override.mstone", "rv:1.9.2.15");
      
      
      >>>>>> Extensiones Firefox <<<<<<
      
      
      
      >>>>>> Plugins Firefox <<<<<<
      
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.102.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.110.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.132.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.140.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=2.1.3
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2
      
      >>>>>> Google Chrome <<<<<<
      
         "homepage": "http://www.google.com/",
         "homepage_changed": true,
         "homepage_is_newtabpage": false,
      
      
      >>>>>> Extensiones Google Chrome <<<<<<
      
      C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\6
      C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
      C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
      C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
      C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
      
      ======== Listado ===========
      
      [20/03/2013 16:56]    [08/03/2011 23:52]   [DI]   C:\Users\Edu\AppData\Roaming\Adobe
      [27/03/2013 20:57]    [27/03/2013 20:57]   [DI]   C:\Users\Edu\AppData\Roaming\Apple Computer
      [17/10/2012 22:24]    [17/10/2012 22:24]   [DI]   C:\Users\Edu\AppData\Roaming\ASUS
      [  09/03/2011 0:14]    [  09/03/2011 0:14]   [DI]   C:\Users\Edu\AppData\Roaming\ATI
      [12/03/2011 15:09]    [11/03/2011 13:48]   [DI]   C:\Users\Edu\AppData\Roaming\Autodesk
      C:\Users\Edu\AppData\Roaming\AutoGK.ini   [AI]    551 bytes    ( )
      [29/07/2012 14:38]    [29/07/2012 14:33]   [DI]   C:\Users\Edu\AppData\Roaming\avidemux
      [  04/11/2011 8:44]    [  04/11/2011 8:44]   [DI]   C:\Users\Edu\AppData\Roaming\Canon
      [07/05/2011 20:30]    [07/05/2011 20:30]   [DI]   C:\Users\Edu\AppData\Roaming\CEZEO software
      [19/06/2011 22:34]    [19/06/2011 22:34]   [DI]   C:\Users\Edu\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [16/09/2012 11:55]    [19/02/2012 10:11]   [DI]   C:\Users\Edu\AppData\Roaming\Creative
      [17/03/2013 19:04]    [09/03/2011 21:11]   [DI]   C:\Users\Edu\AppData\Roaming\DAEMON Tools Lite
      [31/03/2011 11:04]    [31/03/2011 11:04]   [DI]   C:\Users\Edu\AppData\Roaming\DarksporeData
      C:\Users\Edu\AppData\Roaming\Drives Monitor_Settings.ini   [AI]    430 bytes    ( )
      [28/03/2013 12:55]    [09/01/2013 22:37]   [DI]   C:\Users\Edu\AppData\Roaming\Dropbox
      [  08/01/2013 0:06]    [  11/07/2012 21:04]   [DI]   C:\Users\Edu\AppData\Roaming\dvdcss
      [17/07/2012 13:08]    [17/07/2012 13:06]   [DI]   C:\Users\Edu\AppData\Roaming\GetRightToGo
      [27/10/2012 10:46]    [31/03/2011 18:31]   [D]   C:\Users\Edu\AppData\Roaming\HD Tune Pro
      [26/04/2011 20:59]    [26/04/2011 20:59]   [DI]   C:\Users\Edu\AppData\Roaming\Hi-Rez Studios
      [08/03/2011 20:47]    [08/03/2011 20:47]   [DI]   C:\Users\Edu\AppData\Roaming\Identities
      [09/03/2011 18:09]    [09/03/2011 18:09]   [DI]   C:\Users\Edu\AppData\Roaming\ImgBurn
      [12/07/2011 15:22]    [12/07/2011 15:22]   [DI]   C:\Users\Edu\AppData\Roaming\InstallShield Installation Information
      [  24/01/2013 9:41]    [  24/01/2013 9:41]   [DI]   C:\Users\Edu\AppData\Roaming\IObit
      [11/06/2012 16:38]    [11/06/2012 16:38]   [DI]   C:\Users\Edu\AppData\Roaming\Leadertech
      [11/06/2012 16:35]    [08/03/2011 23:25]   [DI]   C:\Users\Edu\AppData\Roaming\Logishrd
      [11/06/2012 16:38]    [08/03/2011 23:25]   [DI]   C:\Users\Edu\AppData\Roaming\Logitech
      [08/03/2011 23:52]    [08/03/2011 23:52]   [DI]   C:\Users\Edu\AppData\Roaming\Macromedia
      [18/02/2013 11:21]    [18/02/2013 11:21]   [DI]   C:\Users\Edu\AppData\Roaming\Mael
      [  24/01/2013 9:45]    [  24/01/2013 9:45]   [DI]   C:\Users\Edu\AppData\Roaming\Malwarebytes
      [14/07/2009 12:09]    [08/03/2011 20:46]   [DI]   C:\Users\Edu\AppData\Roaming\Media Center Programs
      [20/12/2012 18:38]    [08/03/2011 20:46]   [SDI]   C:\Users\Edu\AppData\Roaming\Microsoft
      [  27/03/2011 0:30]    [  18/03/2011 20:02]   [DI]   C:\Users\Edu\AppData\Roaming\Mipony
      [02/03/2013 19:25]    [02/03/2013 19:25]   [DI]   C:\Users\Edu\AppData\Roaming\mkvtoolnix
      [08/03/2011 23:33]    [08/03/2011 23:33]   [DI]   C:\Users\Edu\AppData\Roaming\Mozilla
      C:\Users\Edu\AppData\Roaming\MPUI.ini   [AI]    98 bytes    ( )
      [28/12/2012 18:45]    [28/12/2012 18:39]   [DI]   C:\Users\Edu\AppData\Roaming\Natural Selection 2
      [12/11/2011 18:50]    [12/11/2011 18:50]   [DI]   C:\Users\Edu\AppData\Roaming\NwDocx
      [30/11/2012 13:56]    [02/10/2011 18:58]   [DI]   C:\Users\Edu\AppData\Roaming\Origin
      [22/07/2012 22:48]    [22/07/2012 22:48]   [DI]   C:\Users\Edu\AppData\Roaming\PlxTech
      [27/09/2012 10:48]    [27/09/2012 10:48]   [DI]   C:\Users\Edu\AppData\Roaming\Publish Providers
      [12/01/2013 12:52]    [12/01/2013 12:52]   [DI]   C:\Users\Edu\AppData\Roaming\raidcall
      [17/07/2012 18:36]    [17/07/2012 13:14]   [D]   C:\Users\Edu\AppData\Roaming\Registry Mechanic
      [19/07/2012 17:01]    [19/07/2012 17:01]   [DI]   C:\Users\Edu\AppData\Roaming\Samsung
      [13/10/2012 11:04]    [13/10/2012 11:04]   [DI]   C:\Users\Edu\AppData\Roaming\six-zsync
      [27/09/2012 10:47]    [27/09/2012 10:28]   [DI]   C:\Users\Edu\AppData\Roaming\Sony
      [29/07/2012 14:18]    [29/07/2012 14:18]   [DI]   C:\Users\Edu\AppData\Roaming\Stereoscopic Player
      [22/06/2011 21:26]    [22/06/2011 21:26]   [DI]   C:\Users\Edu\AppData\Roaming\Subversion
      [  29/07/2012 1:19]    [  29/07/2012 1:19]   [DI]   C:\Users\Edu\AppData\Roaming\The Creative Assembly
      [11/12/2011 19:33]    [30/03/2011 0:42]   [DI]   C:\Users\Edu\AppData\Roaming\Thinstall
      [18/01/2013 14:56]    [18/01/2013 13:56]   [DI]   C:\Users\Edu\AppData\Roaming\Tunngle
      [  24/01/2013 9:46]    [  10/03/2011 20:23]   [DI]   C:\Users\Edu\AppData\Roaming\Ventrilo
      [05/07/2011 22:29]    [05/07/2011 22:23]   [DI]   C:\Users\Edu\AppData\Roaming\VertexDispenser
      [28/03/2013 10:13]    [06/07/2012 13:53]   [DI]   C:\Users\Edu\AppData\Roaming\vlc
      [  26/03/2012 8:27]    [  02/08/2011 11:08]   [DI]   C:\Users\Edu\AppData\Roaming\VoipBuster
      [  10/03/2011 1:15]    [  08/03/2011 23:43]   [DI]   C:\Users\Edu\AppData\Roaming\wargaming.net
      [08/03/2011 23:40]    [08/03/2011 23:40]   [DI]   C:\Users\Edu\AppData\Roaming\WinRAR
      [22/03/2013 23:18]    [10/03/2011 15:43]   [D]   C:\Program Files (x86)\Adobe
      [24/06/2011 22:19]    [17/06/2011 23:02]   [D]   C:\Program Files (x86)\Adobe Media Player
      [22/07/2012 12:16]    [22/07/2012 12:16]   [D]   C:\Program Files (x86)\AMD
      [23/01/2013 12:02]    [23/01/2013 12:02]   [D]   C:\Program Files (x86)\AMD APP
      [23/01/2013 12:03]    [23/01/2013 12:03]   [D]   C:\Program Files (x86)\AMD AVT
      [11/06/2012 16:45]    [11/06/2012 16:45]   [D]   C:\Program Files (x86)\AmIcoSingLun
      [08/03/2011 23:19]    [08/03/2011 23:19]   [D]   C:\Program Files (x86)\ATI Technologies
      [06/03/2013 11:13]    [03/10/2011 7:45]   [D]   C:\Program Files (x86)\Battlelog Web Plugins
      [10/03/2011 15:44]    [10/03/2011 15:44]   [D]   C:\Program Files (x86)\Bonjour
      [16/03/2013 18:00]    [14/07/2009 5:20]   [D]   C:\Program Files (x86)\Common Files
      [17/10/2012 22:30]    [08/03/2011 23:21]   [D]   C:\Program Files (x86)\Creative
      [13/09/2012 7:09]    [08/03/2011 23:22]   [HD]   C:\Program Files (x86)\Creative Installation Information
      [27/03/2013 9:36]    [05/04/2012 11:51]   [D]   C:\Program Files (x86)\CrystalDiskInfo
      C:\Program Files (x86)\desktop.ini   [HSA]    174 bytes( 0)
      [08/06/2012 16:45]    [08/06/2012 16:45]   [D]   C:\Program Files (x86)\ffdshow
      [02/03/2013 10:02]    [15/12/2012 15:47]   [D]   C:\Program Files (x86)\Google
      [28/07/2011 8:24]    [28/07/2011 8:24]   [D]   C:\Program Files (x86)\HP
      [09/02/2013 9:51]    [08/03/2011 23:21]   [HD]   C:\Program Files (x86)\InstallShield Installation Information
      [03/03/2013 22:05]    [14/07/2009 5:20]   [D]   C:\Program Files (x86)\Internet Explorer
      [22/07/2012 22:48]    [22/07/2012 22:48]   [D]   C:\Program Files (x86)\Iomega
      [12/06/2011 19:07]    [12/06/2011 19:07]   [D]   C:\Program Files (x86)\iStar
      [09/05/2012 1:07]    [09/05/2012 1:07]   [D]   C:\Program Files (x86)\IVT Corporation
      [09/03/2013 0:30]    [10/09/2012 9:43]   [D]   C:\Program Files (x86)\Java
      [19/07/2012 16:57]    [19/07/2012 16:57]   [D]   C:\Program Files (x86)\MarkAny
      [20/12/2012 18:32]    [20/12/2012 18:31]   [D]   C:\Program Files (x86)\Microsoft Games for Windows - LIVE
      [09/03/2011 18:09]    [09/03/2011 18:07]   [D]   C:\Program Files (x86)\Microsoft Office
      [02/07/2011 23:05]    [02/07/2011 23:05]   [D]   C:\Program Files (x86)\Microsoft XNA
      [09/03/2011 18:07]    [09/03/2011 13:06]   [D]   C:\Program Files (x86)\Microsoft.NET
      [09/03/2013 0:13]    [08/05/2012 14:45]   [D]   C:\Program Files (x86)\Mozilla Maintenance Service
      [14/07/2009 7:32]    [14/07/2009 7:32]   [D]   C:\Program Files (x86)\MSBuild
      [09/03/2011 18:09]    [09/03/2011 18:09]   [D]   C:\Program Files (x86)\MSECache
      [20/10/2012 9:32]    [20/10/2012 9:32]   [D]   C:\Program Files (x86)\NVIDIA Corporation
      [17/10/2012 22:24]    [08/03/2011 23:21]   [D]   C:\Program Files (x86)\OpenAL
      [27/03/2013 0:55]    [27/03/2013 0:55]   [D]   C:\Program Files (x86)\Panda Security
      [22/07/2012 22:48]    [22/07/2012 22:48]   [D]   C:\Program Files (x86)\PLX Technology
      [16/03/2013 10:36]    [12/01/2013 12:52]   [D]   C:\Program Files (x86)\RaidCall
      [11/06/2012 16:46]    [12/06/2011 13:05]   [D]   C:\Program Files (x86)\Realtek
      [14/07/2009 7:32]    [14/07/2009 7:32]   [D]   C:\Program Files (x86)\Reference Assemblies
      [10/03/2011 2:49]    [10/03/2011 2:49]   [D]   C:\Program Files (x86)\Renesas Electronics
      [19/07/2012 16:58]    [19/07/2012 16:57]   [D]   C:\Program Files (x86)\Samsung
      [27/09/2012 10:31]    [27/09/2012 10:31]   [D]   C:\Program Files (x86)\Sony
      [23/04/2012 15:45]    [05/11/2011 16:51]   [D]   C:\Program Files (x86)\SpeedFan
      [26/03/2013 17:22]    [26/03/2013 17:21]   [D]   C:\Program Files (x86)\Spybot - Search & Destroy 2
      [13/01/2013 21:57]    [13/01/2013 21:57]   [HD]   C:\Program Files (x86)\Temp
      [20/10/2012 10:43]    [20/10/2012 10:43]   [D]   C:\Program Files (x86)\users
      [08/03/2011 23:25]    [08/03/2011 23:25]   [D]   C:\Program Files (x86)\Ventrilo
      [06/07/2012 13:53]    [06/07/2012 13:53]   [D]   C:\Program Files (x86)\VideoLAN
      [14/07/2009 11:30]    [14/07/2009 7:32]   [D]   C:\Program Files (x86)\Windows Defender
      [10/03/2011 3:22]    [14/07/2009 5:20]   [D]   C:\Program Files (x86)\Windows Mail
      [13/09/2012 0:56]    [14/07/2009 7:32]   [D]   C:\Program Files (x86)\Windows Media Player
      [14/07/2009 7:32]    [14/07/2009 5:20]   [D]   C:\Program Files (x86)\Windows NT
      [10/03/2011 3:22]    [14/07/2009 7:32]   [D]   C:\Program Files (x86)\Windows Photo Viewer
      [10/03/2011 3:22]    [14/07/2009 7:32]   [D]   C:\Program Files (x86)\Windows Portable Devices
      [13/09/2012 0:56]    [14/07/2009 7:32]   [D]   C:\Program Files (x86)\Windows Sidebar
      [30/03/2011 0:43]    [30/03/2011 0:43]   [D]   C:\Program Files (x86)\WinMend
      [17/02/2013 21:00]    [09/03/2011 18:22]   [DI]   C:\ProgramData\Adobe
      [08/03/2011 23:03]    [08/03/2011 23:03]   [DI]   C:\ProgramData\Alwil Software
      [23/01/2013 12:03]    [08/03/2011 23:19]   [DI]   C:\ProgramData\AMD
      [11/06/2012 16:45]    [11/06/2012 16:45]   [DI]   C:\ProgramData\AmUStor
      [14/07/2009 7:08]    [14/07/2009 7:08]   [HSDLI]   C:\ProgramData\Application Data
      [23/01/2013 12:03]    [23/01/2013 12:03]   [DI]   C:\ProgramData\ATI
      [12/03/2011 11:09]    [11/03/2011 13:48]   [DI]   C:\ProgramData\Autodesk
      [07/01/2013 21:58]    [07/01/2013 21:58]   [DI]   C:\ProgramData\AVS4YOU
      [17/03/2013 18:00]    [17/03/2013 18:00]   [DI]   C:\ProgramData\Bohemia Interactive Studio
      [01/08/2011 9:33]    [01/08/2011 9:33]   [HDI]   C:\ProgramData\CanonIJScan
      [17/10/2012 22:29]    [08/03/2011 23:21]   [DI]   C:\ProgramData\Creative
      [17/10/2012 22:27]    [17/10/2012 22:27]   [DI]   C:\ProgramData\Creative Labs
      [09/03/2011 21:11]    [08/03/2011 23:46]   [DI]   C:\ProgramData\DAEMON Tools Lite
      [18/06/2012 22:51]    [08/05/2012 22:54]   [DI]   C:\ProgramData\DatacardService
      [08/03/2011 20:46]    [08/03/2011 20:46]   [HSDLI]   C:\ProgramData\Datos de programa
      [14/07/2009 7:08]    [14/07/2009 7:08]   [HSDLI]   C:\ProgramData\Desktop
      [08/03/2011 20:46]    [08/03/2011 20:46]   [HSDLI]   C:\ProgramData\Documentos
      [14/07/2009 7:08]    [14/07/2009 7:08]   [HSDLI]   C:\ProgramData\Documents
      [11/06/2012 16:41]    [11/06/2012 16:41]   [DI]   C:\ProgramData\Downloaded Installations
      [03/04/2011 12:38]    [03/04/2011 12:38]   [DI]   C:\ProgramData\EA Core
      [27/02/2012 0:56]    [26/02/2012 15:50]   [DI]   C:\ProgramData\EA Logs
      [03/10/2011 7:44]    [03/04/2011 12:38]   [DI]   C:\ProgramData\Electronic Arts
      [17/03/2012 21:33]    [17/03/2012 21:33]   [DI]   C:\ProgramData\Emicsoft Studio
      [08/03/2011 20:46]    [08/03/2011 20:46]   [HSDLI]   C:\ProgramData\Escritorio
      [14/07/2009 7:08]    [14/07/2009 7:08]   [HSDLI]   C:\ProgramData\Favorites
      [08/03/2011 20:46]    [08/03/2011 20:46]   [HSDLI]   C:\ProgramData\Favoritos
      [27/03/2013 9:25]    [09/03/2011 18:25]   [DI]   C:\ProgramData\FLEXnet
      [08/03/2011 23:46]    [08/03/2011 23:46]   [DI]   C:\ProgramData\Google
      C:\ProgramData\hash.dat   [RAI]    32 bytes    0
      [15/08/2011 18:20]    [26/04/2011 20:56]   [DI]   C:\ProgramData\Hi-Rez Studios
      [28/07/2011 8:28]    [28/07/2011 8:24]   [DI]   C:\ProgramData\HP
      [24/01/2013 9:42]    [30/08/2011 15:11]   [DI]   C:\ProgramData\IObit
      [11/06/2012 16:38]    [11/06/2012 16:37]   [DI]   C:\ProgramData\Logishrd
      [24/01/2013 9:44]    [24/01/2013 9:44]   [DI]   C:\ProgramData\Malwarebytes
      [21/04/2011 21:23]    [21/04/2011 21:23]   [DI]   C:\ProgramData\Maxtor
      [04/12/2011 10:51]    [04/12/2011 10:51]   [DI]   C:\ProgramData\McAfee
      [08/03/2011 20:46]    [08/03/2011 20:46]   [HSDLI]   C:\ProgramData\Menú Inicio
      [26/03/2013 17:22]    [14/07/2009 5:20]   [SDI]   C:\ProgramData\Microsoft
      [08/05/2012 22:55]    [08/05/2012 22:55]   [DI]   C:\ProgramData\Mobile Partner
      [08/05/2012 14:45]    [08/05/2012 14:45]   [DI]   C:\ProgramData\Mozilla
      [05/11/2011 22:28]    [05/11/2011 22:28]   [DI]   C:\ProgramData\NVIDIA
      [09/02/2013 22:22]    [02/10/2011 18:58]   [DI]   C:\ProgramData\Origin
      [08/03/2011 20:46]    [08/03/2011 20:46]   [HSDLI]   C:\ProgramData\Plantillas
      [09/02/2013 9:47]    [09/02/2013 9:47]   [DI]   C:\ProgramData\QuickTime
      [05/07/2011 21:51]    [17/06/2011 23:03]   [DI]   C:\ProgramData\regid.1986-12.com.adobe
      [26/03/2013 10:28]    [11/09/2012 22:45]   [DI]   C:\ProgramData\Rosetta Stone
      [29/01/2013 14:24]    [22/03/2011 14:27]   [DI]   C:\ProgramData\Samsung
      [29/08/2011 16:34]    [29/08/2011 16:34]   [HSD]   C:\ProgramData\SecuROM
      [05/03/2012 12:54]    [05/03/2012 12:53]   [DI]   C:\ProgramData\Solidshield
      [27/09/2012 10:31]    [27/09/2012 10:31]   [DI]   C:\ProgramData\Sony
      [26/03/2013 17:50]    [17/07/2012 12:47]   [DI]   C:\ProgramData\Spybot - Search & Destroy
      [14/07/2009 7:08]    [14/07/2009 7:08]   [HSDLI]   C:\ProgramData\Start Menu
      [10/03/2011 11:03]    [10/03/2011 11:03]   [DI]   C:\ProgramData\Sun
      [27/03/2013 21:18]    [17/07/2012 13:09]   [DAI]   C:\ProgramData\TEMP
      [14/07/2009 7:08]    [14/07/2009 7:08]   [HSDLI]   C:\ProgramData\Templates
      
                 ==================== EOF ==================

    8. #8
      Usuario Avatar de Kchondo
      Registrado
      jul 2007
      Ubicación
      España
      Mensajes
      19

      Re: Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema

      Aqui te dejo el tercer LOG
      LOG OTL
      Código:
      OTL logfile created on: 28/03/2013 13:40:58 - Run 1
      OTL by OldTimer - Version 3.2.69.0     Folder = D:\Users\Edu\Documents\Dropbox
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy
       
      8,00 Gb Total Physical Memory | 6,42 Gb Available Physical Memory | 80,21% Memory free
      15,99 Gb Paging File | 14,25 Gb Available in Paging File | 89,10% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]
       
      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 97,56 Gb Total Space | 42,04 Gb Free Space | 43,09% Space Free | Partition Type: NTFS
      Drive D: | 368,10 Gb Total Space | 110,40 Gb Free Space | 29,99% Space Free | Partition Type: NTFS
      Drive E: | 425,69 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
      Drive F: | 152,66 Gb Total Space | 109,88 Gb Free Space | 71,97% Space Free | Partition Type: NTFS
      Drive N: | 3,72 Gb Total Space | 3,42 Gb Free Space | 91,90% Space Free | Partition Type: FAT32
       
      Computer Name: PC-TOON | User Name: Edu | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
       
      ========== Processes (SafeList) ==========
       
      PRC - D:\Users\Edu\Documents\Dropbox\OTL.exe (OldTimer Tools)
      PRC - C:\Users\Edu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      PRC - C:\Archivos de programa\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
      PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
      PRC - D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
      PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
      PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
      PRC - D:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe (IObit)
      PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
      PRC - C:\Archivos de programa\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe (CMedia)
      PRC - C:\Windows\SysWOW64\XSrvSetup.exe ()
      PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
      PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
      PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
      PRC - C:\Windows\SysWOW64\HsMgr.exe ()
      PRC - C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedhlp.exe (Acronis)
       
       
      ========== Modules (No Company Name) ==========
       
      MOD - D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\es_ES\AcroTray.ESP ()
      MOD - C:\Archivos de programa\ASUS Xonar DG Audio\Customapp\VmixP8.dll ()
      MOD - C:\Windows\SysWOW64\HsMgr.exe ()
       
       
      ========== Services (SafeList) ==========
       
      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (avast! Antivirus) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
      SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
      SRV - (LBTServ) -- C:\Archivos de programa\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
      SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
      SRV - (FLEXnet Licensing Service 64) -- C:\Archivos de programa\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
      SRV - (JMB36X) -- C:\Windows\SysWOW64\XSrvSetup.exe ()
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ABBYY.Licensing.FineReader.Professional.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
      SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe (Acronis)
       
       
      ========== Driver Services (SafeList) ==========
       
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
      DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
      DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
      DRV:64bit: - (pwdrvio) -- C:\Windows\SysNative\pwdrvio.sys ()
      DRV:64bit: - (pwdspio) -- C:\Windows\SysNative\pwdspio.sys ()
      DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
      DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.)
      DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
      DRV:64bit: - (OXSDIDRV_x64) -- C:\Windows\SysNative\drivers\OXSDIDRV_x64.sys ()
      DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
      DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
      DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
      DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
      DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
      DRV:64bit: - (ctaud2k) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
      DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
      DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
      DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
      DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
      DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
      DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
      DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
      DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (cmudaxp) -- C:\Windows\SysNative\drivers\cmudaxp.sys (C-Media Inc)
      DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
      DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
      DRV:64bit: - (OXUDIDRV) -- C:\Windows\SysNative\drivers\OXUDIDRV_x64.sys ()
      DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
      DRV:64bit: - (RTL8187) -- C:\Windows\SysNative\drivers\RTL8187.sys (Realtek Semiconductor Corporation                           )
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (pavboot) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.)
      DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (AVerAF35) -- C:\Windows\SysNative\drivers\AVerAF35.sys (AVerMedia TECHNOLOGIES, Inc.)
      DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
      DRV:64bit: - (Sentinel64) -- C:\Windows\SysNative\drivers\sentinel64.sys (SafeNet, Inc.)
      DRV:64bit: - (Btcsrusb) -- C:\Windows\SysNative\drivers\btcusb.sys (IVT Corporation.)
      DRV:64bit: - (BT) -- C:\Windows\SysNative\drivers\BtNetDrv.sys (IVT Corporation.)
      DRV:64bit: - (BTHidMgr) -- C:\Windows\SysNative\drivers\BTHidMgr.sys (IVT Corporation.)
      DRV:64bit: - (BTHidEnum) -- C:\Windows\SysNative\drivers\VBTEnum.sys (IVT Corporation.)
      DRV:64bit: - (VcommMgr) -- C:\Windows\SysNative\drivers\VcommMgr.sys (IVT Corporation.)
      DRV:64bit: - (VComm) -- C:\Windows\SysNative\drivers\VComm.sys (IVT Corporation.)
      DRV - (AODDriver4.2) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
      DRV - (AODDriver4.01) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
      DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
      DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
      DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)
      DRV - (WinRing0_1_2_0) -- D:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys (OpenLibSys.org)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
      DRV - (Hardlock) -- C:\Windows\SysWOW64\drivers\hardlock.sys (Aladdin Knowledge Systems)
       
       
      ========== Standard Registry (SafeList) ==========
       
       
      ========== Internet Explorer ==========
       
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
       
       
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
       
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
       
       
       
      IE - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      IE - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?ocid=iehp
      IE - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ES
      IE - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F B4 2F 39 7D 2A CE 01  [binary data]
      IE - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
       
      ========== FireFox ==========
       
      FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..keyword.URL: "https://www.google.com/search?q="
      FF - prefs.js..browser.search.order.1: "(Google)"
      FF - prefs.js..browser.search.defaultenginename: "(Google)"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.search.defaulturl: "www.Google.com"
       
       
      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
      FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0:  File not found
      FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
      FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0:  File not found
      FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0:  File not found
      FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0:  File not found
      FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0:  File not found
      FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
      FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
      FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Edu\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
       
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/03/20 09:27:59 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2013/03/08 13:53:00 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/25 12:51:38 | 000,000,000 | ---D | M]
       
      [2011/03/08 23:33:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Extensions
      [2013/01/27 18:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\7fndcozd.default\extensions
      [2011/03/08 23:37:08 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\7fndcozd.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
      [2013/03/27 09:26:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.Edu\extensions
      [2012/12/25 19:21:35 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.Edu\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
      [2013/01/02 21:40:45 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.Edu\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
      [2013/03/27 09:26:40 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.Edu\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
      [2011/08/11 21:13:27 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.Edu\extensions\[email protected]
      [2011/08/10 13:40:34 | 000,000,000 | ---D | M] (???????????? ?? ?????????? Logitech) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\febeprof.Edu\extensions\[email protected]
      [2013/01/09 09:46:41 | 000,066,841 | ---- | M] () (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\firefox\profiles\febeprof.Edu\extensions\[email protected]
      [2013/03/27 09:26:40 | 000,349,484 | ---- | M] () (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\firefox\profiles\febeprof.Edu\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
      [2013/03/27 09:26:40 | 000,194,575 | ---- | M] () (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\firefox\profiles\febeprof.Edu\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
      [2012/05/10 23:08:31 | 000,097,169 | ---- | M] () (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\firefox\profiles\febeprof.Edu\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
      [2012/09/13 15:44:29 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\firefox\profiles\febeprof.Edu\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
      [2008/11/17 17:14:06 | 000,001,362 | ---- | M] () (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\firefox\profiles\febeprof.Edu\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}\chrome\skin\xpinstallItemGeneric.png
       
      ========== Chrome  ==========
       
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com/
      CHR - Extension: No name found = C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
      CHR - Extension: No name found = C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
      CHR - Extension: No name found = C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: No name found = C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
      CHR - Extension: No name found = C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
      CHR - Extension: No name found = C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
       
      O1 HOSTS File: ([2013/03/27 19:57:20 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1       localhost
      O1 - Hosts: ::1       localhost
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
      O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Archivos de programa\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
      O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
      O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
      O3 - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedhlp.exe (Acronis)
      O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
      O4:64bit: - HKLM..\Run: [Cmaudio8788] C:\Windows\Syswow64\cmicnfgp.dll (C-Media Corporation)
      O4:64bit: - HKLM..\Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe ()
      O4:64bit: - HKLM..\Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe ()
      O4:64bit: - HKLM..\Run: [EvtMgr6] D:\Program Files\logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
      O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
      O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
      O4 - HKLM..\Run: []  File not found
      O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
      O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
      O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
      O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
      O4 - HKLM..\Run: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exe (RAIDCALL.COM)
      O4 - HKLM..\Run: [RegistrarUsrDNIeCertStoreDLL] D:\Program Files (x86)\DNIe\udcs.exe ()
      O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
      O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - Startup: C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Edu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O7 - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8:64bit: - Extra context menu item: Anexar destino de vínculo a PDF existente - Reg Error: Value error. File not found
      O8:64bit: - Extra context menu item: Convertir a Adobe PDF - Reg Error: Value error. File not found
      O8:64bit: - Extra context menu item: Convertir destino de vínculo a Adobe PDF - Reg Error: Value error. File not found
      O8:64bit: - Extra context menu item: Descargar con Mipony - Reg Error: Value error. File not found
      O8 - Extra context menu item: Anexar destino de vínculo a PDF existente - Reg Error: Value error. File not found
      O8 - Extra context menu item: Convertir a Adobe PDF - Reg Error: Value error. File not found
      O8 - Extra context menu item: Convertir destino de vínculo a Adobe PDF - Reg Error: Value error. File not found
      O8 - Extra context menu item: Descargar con Mipony - Reg Error: Value error. File not found
      O9 - Extra Button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
      O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
      O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
      O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
      O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
      O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
      O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
      O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
      O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
      O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
      O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
      O15 - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\..Trusted Domains: gob.es ([agenciatributaria] https in Trusted sites)
      O15 - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-21-3279339126-3329790353-3831203752-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
      O16 - DPF: {2DAB6EF1-66C3-427C-87CD-8DC448C47EAE} https://www5.aeat.es/es13/h/tgvicab.cab (CtlTGVI Class)
      O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
      O16 - DPF: {947B00D2-962D-4A35-9E48-98EE6A442B41} https://www1.agenciatributaria.gob.es/ADUA/internet/aded1503.cab (OAdedinet Class)
      O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} https://www1.agenciatributaria.gob.es/es13/h/cactivex.cab (AeatCtl Class)
      O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Reg Error: Key error.)
      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Reg Error: Key error.)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11C18CD4-2ECD-418D-87BD-475EC5AE6D30}: DhcpNameServer = 62.42.230.24 62.42.63.52
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B0C1E03-5F36-4785-BA21-0290D5539B66}: DhcpNameServer = 8.8.8.8 8.8.4.4
      O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
      O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
      O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Archivos de programa\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
      O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Archivos de programa\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
      O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
      O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Archivos de programa\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
      O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2004/12/08 11:17:14 | 000,036,864 | R--- | M] () - E:\AUTORUN.EXE -- [ CDFS ]
      O32 - AutoRun File - [2006/03/07 10:51:26 | 000,000,276 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
      O33 - MountPoints2\{88f61484-994f-11e1-866a-1c6f65892db6}\Shell - "" = AutoRun
      O33 - MountPoints2\{88f61484-994f-11e1-866a-1c6f65892db6}\Shell\AutoRun\command - "" = G:\AutoRun.exe
      O33 - MountPoints2\{88f61492-994f-11e1-866a-1c6f65892db6}\Shell - "" = AutoRun
      O33 - MountPoints2\{88f61492-994f-11e1-866a-1c6f65892db6}\Shell\AutoRun\command - "" = G:\AutoRun.exe
      O33 - MountPoints2\{d5313b66-a1a3-11e1-8afa-001f81000830}\Shell - "" = AutoRun
      O33 - MountPoints2\{d5313b66-a1a3-11e1-8afa-001f81000830}\Shell\AutoRun\command - "" = G:\AutoRun.exe
      O33 - MountPoints2\{e219dfd4-e46f-11e0-9d67-88d2f1f48589}\Shell - "" = AutoRun
      O33 - MountPoints2\{e219dfd4-e46f-11e0-9d67-88d2f1f48589}\Shell\AutoRun\command - "" = Iomega Encryption Utility.exe
      O33 - MountPoints2\{e617c9eb-9c0d-11e1-84f8-001f81000830}\Shell - "" = AutoRun
      O33 - MountPoints2\{e617c9eb-9c0d-11e1-84f8-001f81000830}\Shell\AutoRun\command - "" = G:\AutoRun.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O34 - HKLM BootExecute: (sdnclean64.exe)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
       
       
      MsConfig:64bit - StartUpReg: BtTray - hkey= - key= -  File not found
      MsConfig:64bit - StartUpReg: RegistryMechanic - hkey= - key= - d:\Program Files (x86)\Registry Mechanic\RMTray.exe (PC Tools  )
       
      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point
       
      ========== Files/Folders - Created Within 30 Days ==========
       
      [2013/03/28 12:56:53 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2013/03/27 22:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows OneCare Live
      [2013/03/27 20:57:50 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Roaming\Apple Computer
      [2013/03/27 19:57:09 | 000,000,000 | ---D | C] -- C:\_OTM
      [2013/03/27 19:45:43 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Users\Edu\Desktop\OTM.exe
      [2013/03/27 16:27:32 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
      [2013/03/27 09:24:27 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Local\AMD
      [2013/03/27 09:23:42 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Local\Adobe
      [2013/03/27 00:55:10 | 000,033,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys
      [2013/03/27 00:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
      [2013/03/26 22:43:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/03/26 22:43:35 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2013/03/26 22:26:26 | 000,000,000 | ---D | C] -- C:\Users\Edu\Desktop\limpieza
      [2013/03/26 17:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
      [2013/03/26 17:21:56 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
      [2013/03/26 17:21:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
      [2013/03/17 18:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Bohemia Interactive Studio
      [2013/03/17 17:51:26 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Local\DayZCommander
      [2013/03/17 17:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dotjosh Studios
      [2013/03/16 18:09:22 | 000,000,000 | ---D | C] -- d:\Users\Edu\Documents\ArmA 2 Other Profiles
      [2013/03/16 18:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BattlEye
      [2013/03/09 12:26:01 | 000,000,000 | ---D | C] -- C:\Users\Edu\Desktop\WinUSB Maker
      [2013/03/09 12:14:49 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Local\ArmA 2 OA
      [2013/03/02 19:25:31 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Roaming\mkvtoolnix
      [2013/03/02 19:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
      [2013/03/02 10:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
      [2013/02/27 12:44:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
       
      ========== Files - Modified Within 30 Days ==========
       
      [2013/03/28 13:41:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/03/28 13:36:32 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/03/28 13:36:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/03/28 13:36:07 | 2145,558,527 | -HS- | M] () -- C:\hiberfil.sys
      [2013/03/28 12:00:05 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/03/27 20:28:23 | 000,119,659 | ---- | M] () -- C:\Users\Edu\Desktop\Sin-título-1.jpg
      [2013/03/27 19:57:20 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
      [2013/03/27 18:24:16 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Users\Edu\Desktop\OTM.exe
      [2013/03/27 15:07:06 | 001,671,442 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2013/03/27 15:07:06 | 000,745,448 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2013/03/27 15:07:06 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2013/03/27 15:07:06 | 000,157,948 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2013/03/27 15:07:06 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2013/03/26 23:18:27 | 002,295,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2013/03/26 17:27:21 | 000,010,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/03/26 17:27:20 | 000,010,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/03/26 17:22:02 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
      [2013/03/26 16:09:26 | 000,001,046 | ---- | M] () -- C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
      [2013/03/26 16:09:02 | 000,001,010 | ---- | M] () -- C:\Users\Edu\Desktop\Dropbox.lnk
      [2013/03/20 09:28:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
      [2013/03/20 00:35:13 | 000,238,384 | ---- | M] () -- C:\Users\Edu\Desktop\Ampliación denuncia.pdf
      [2013/03/17 17:51:15 | 000,001,043 | ---- | M] () -- C:\Users\Public\Desktop\DayZ Commander.lnk
      [2013/03/15 17:43:50 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
      [2013/03/15 17:43:50 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
      [2013/03/15 15:27:15 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
      [2013/03/14 10:02:54 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2013/03/07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
      [2013/03/07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
      [2013/03/07 00:33:21 | 000,178,624 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
      [2013/03/07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
      [2013/03/07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
      [2013/03/07 00:33:21 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
      [2013/03/07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
      [2013/03/07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
      [2013/03/07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
      [2013/03/07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
      [2013/02/28 16:28:23 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
      [2013/02/28 11:10:36 | 000,290,889 | ---- | M] () -- C:\Users\Edu\Desktop\THESE ARE SOME OF MY JOBS IN THE SECONDARY SCHOOL.pdf
      [2013/02/27 12:32:03 | 018,912,974 | ---- | M] () -- C:\Users\Edu\Desktop\PCeBook2010a(2010servicioalpc).pdf
       
      ========== Files Created - No Company Name ==========
       
      [2013/03/27 20:28:23 | 000,119,659 | ---- | C] () -- C:\Users\Edu\Desktop\Sin-título-1.jpg
      [2013/03/26 17:22:02 | 000,002,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
      [2013/03/26 17:22:02 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
      [2013/03/20 09:28:01 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
      [2013/03/20 09:28:00 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
      [2013/03/20 00:34:31 | 000,238,384 | ---- | C] () -- C:\Users\Edu\Desktop\Ampliación denuncia.pdf
      [2013/03/17 17:51:15 | 000,001,043 | ---- | C] () -- C:\Users\Public\Desktop\DayZ Commander.lnk
      [2013/02/28 16:28:31 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
      [2013/02/28 16:28:31 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
      [2013/02/28 16:28:23 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
      [2013/02/28 16:05:27 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
      [2013/02/28 11:10:36 | 000,290,889 | ---- | C] () -- C:\Users\Edu\Desktop\THESE ARE SOME OF MY JOBS IN THE SECONDARY SCHOOL.pdf
      [2013/02/27 12:32:01 | 018,912,974 | ---- | C] () -- C:\Users\Edu\Desktop\PCeBook2010a(2010servicioalpc).pdf
      [2013/02/09 09:51:25 | 000,063,488 | R--- | C] () -- C:\Windows\xobglu16.dll
      [2013/02/09 09:51:25 | 000,053,248 | ---- | C] () -- C:\Windows\bspnet.dll
      [2013/02/09 09:51:25 | 000,023,552 | R--- | C] () -- C:\Windows\xobglu32.dll
      [2013/01/25 11:26:45 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\adedinet.dll
      [2013/01/18 14:05:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
      [2013/01/04 16:01:41 | 000,000,551 | ---- | C] () -- C:\Users\Edu\AppData\Roaming\AutoGK.ini
      [2013/01/02 22:33:15 | 000,000,098 | ---- | C] () -- C:\Users\Edu\AppData\Roaming\MPUI.ini
      [2012/10/17 21:24:13 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
      [2012/10/17 21:24:13 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
      [2012/10/17 21:24:13 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
      [2012/10/17 21:24:11 | 000,042,457 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
      [2012/10/17 21:23:27 | 000,000,900 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
      [2012/10/17 21:23:23 | 000,005,060 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
      [2012/10/17 21:23:22 | 000,000,593 | ---- | C] () -- C:\Windows\cmudaxp.ini
      [2012/10/05 19:43:47 | 000,000,600 | ---- | C] () -- C:\Users\Edu\AppData\Local\PUTTY.RND
      [2012/09/13 00:03:32 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
      [2012/09/13 00:03:32 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
      [2012/09/12 23:50:58 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
      [2012/09/12 23:50:57 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
      [2012/09/12 23:50:55 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
      [2012/09/12 23:50:55 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
      [2012/09/12 23:50:51 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
      [2012/09/12 23:50:51 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
      [2012/09/12 23:50:51 | 000,028,138 | ---- | C] () -- C:\Windows\SysWow64\speaker.ini
      [2012/09/12 23:50:51 | 000,027,150 | ---- | C] () -- C:\Windows\SysWow64\tweaks.ini
      [2012/09/12 23:50:51 | 000,025,384 | ---- | C] () -- C:\Windows\SysWow64\dolby.ini
      [2012/09/12 23:50:51 | 000,024,520 | ---- | C] () -- C:\Windows\SysWow64\dts.ini
      [2012/09/12 23:50:51 | 000,021,377 | ---- | C] () -- C:\Windows\SysWow64\decoder.ini
      [2012/09/12 23:50:51 | 000,021,245 | ---- | C] () -- C:\Windows\SysWow64\encoder.ini
      [2012/09/12 23:50:51 | 000,021,208 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
      [2012/09/12 23:50:51 | 000,019,106 | ---- | C] () -- C:\Windows\SysWow64\mids.ini
      [2012/09/12 23:50:51 | 000,012,919 | ---- | C] () -- C:\Windows\SysWow64\subwoofer.ini
      [2012/09/12 23:50:51 | 000,011,596 | ---- | C] () -- C:\Windows\SysWow64\treble.ini
      [2012/09/12 23:50:51 | 000,011,156 | ---- | C] () -- C:\Windows\SysWow64\bass.ini
      [2012/09/12 23:50:51 | 000,005,624 | ---- | C] () -- C:\Windows\SysWow64\headphone.ini
      [2012/09/12 23:50:51 | 000,003,690 | ---- | C] () -- C:\Windows\SysWow64\eq.ini
      [2012/09/12 23:50:51 | 000,001,501 | ---- | C] () -- C:\Windows\SysWow64\microphone.ini
      [2012/09/12 23:50:51 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
      [2012/07/17 12:11:08 | 004,665,344 | ---- | C] () -- C:\Users\Edu\s-1-5-21-3279339126-3329790353-3831203752-1000.rrr
      [2012/06/11 17:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
      [2012/06/11 17:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
      [2012/06/08 15:45:05 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
      [2012/06/06 21:09:24 | 000,000,430 | ---- | C] () -- C:\Users\Edu\AppData\Roaming\Drives Monitor_Settings.ini
      [2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
      [2012/03/02 03:16:07 | 000,013,824 | ---- | C] () -- C:\Users\Edu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/01/31 00:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
      [2012/01/31 00:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
      [2012/01/31 00:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
      [2012/01/31 00:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
      [2012/01/03 15:01:54 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
      [2012/01/03 14:58:32 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
      [2011/09/12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
      [2011/06/21 14:17:12 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
      [2011/06/15 22:05:48 | 000,007,606 | ---- | C] () -- C:\Users\Edu\AppData\Local\Resmon.ResmonCfg
      [2011/06/15 21:43:20 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
       
      ========== ZeroAccess Check ==========
       
      [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
       
      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
       
      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
       
      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
       
      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
       
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment
       
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment
       
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free
       
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free
       
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both
       
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
       
      ========== LOP Check ==========
       
      [2012/10/17 21:24:43 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\ASUS
      [2011/03/12 15:09:42 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Autodesk
      [2012/07/29 13:38:23 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\avidemux
      [2011/11/04 08:44:10 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Canon
      [2011/05/07 19:30:32 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\CEZEO software
      [2011/06/19 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [2013/03/17 19:04:18 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\DAEMON Tools Lite
      [2011/03/31 10:04:42 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\DarksporeData
      [2013/03/28 13:37:18 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Dropbox
      [2012/07/17 12:08:30 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\GetRightToGo
      [2012/10/27 09:46:15 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\HD Tune Pro
      [2011/04/26 19:59:19 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Hi-Rez Studios
      [2011/03/09 18:09:42 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\ImgBurn
      [2013/01/24 09:41:11 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\IObit
      [2012/06/11 15:38:08 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Leadertech
      [2013/02/18 11:21:15 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Mael
      [2011/03/27 00:30:46 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Mipony
      [2013/03/02 19:25:31 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\mkvtoolnix
      [2012/12/28 18:45:52 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Natural Selection 2
      [2011/11/12 18:50:25 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\NwDocx
      [2012/11/30 13:56:02 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Origin
      [2012/07/22 21:48:46 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\PlxTech
      [2012/09/27 09:48:02 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Publish Providers
      [2013/01/12 12:52:57 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\raidcall
      [2012/07/17 17:36:37 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Registry Mechanic
      [2012/07/19 16:01:32 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Samsung
      [2012/10/13 10:04:28 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\six-zsync
      [2012/09/27 09:47:50 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Sony
      [2012/07/29 13:18:39 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Stereoscopic Player
      [2011/06/22 20:26:22 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Subversion
      [2012/07/29 00:19:08 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\The Creative Assembly
      [2011/12/11 19:33:56 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Thinstall
      [2013/01/18 14:56:47 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\Tunngle
      [2011/07/05 21:29:25 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\VertexDispenser
      [2012/03/26 07:27:44 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\VoipBuster
      [2011/03/10 01:15:08 | 000,000,000 | ---D | M] -- C:\Users\Edu\AppData\Roaming\wargaming.net
       
      ========== Purity Check ==========
       
       
       
      ========== Custom Scans ==========
       
      < %SYSTEMDRIVE%\*.* >
      [2006/06/22 09:33:00 | 001,048,576 | ---- | M] () -- C:\9384.img
      [2013/03/28 13:30:54 | 000,018,284 | ---- | M] () -- C:\AT-Destroyer.txt
      [2013/03/28 13:36:07 | 2145,558,527 | -HS- | M] () -- C:\hiberfil.sys
      [2011/11/21 23:26:52 | 000,000,156 | ---- | M] () -- C:\log.txt
      [2013/03/28 13:36:08 | 4292,403,199 | -HS- | M] () -- C:\pagefile.sys
      [2006/06/22 09:32:56 | 001,114,600 | ---- | M] () -- C:\Reserve.img
      [2011/11/26 23:51:41 | 000,000,656 | ---- | M] () -- C:\vraylog.txt
       
      ========== Alternate Data Streams ==========
       
      @Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:D1B5B4F1
      
      < End of report >

    9. #9
      Ex-Colaborador Avatar de Marr0n
      Registrado
      mar 2010
      Ubicación
      Catalunya
      Mensajes
      5.871

      Re: Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema

      Te pido paciencia por favor, ya que analizar el log de OTL lleva su tiempo ya que es bastante complejo y a la vez es muy extenso. Contestaré a la mayor brevedad posible.

      MUY IMPORTANTE:


      • NO descargues/instales + programas mientras terminamos la desinfección.
      • NO ejecutes otras herramientas Antivirus/Antimalwares. Aunque puedes activar nuevamente tu Antivirus.
      • NO ejecutes nuevamente OTL hasta que vuelva con una respuesta.
      Saludos.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de Kchondo
      Registrado
      jul 2007
      Ubicación
      España
      Mensajes
      19

      Re: Disco C: con 40GB libres se llena en poco tiempo tras arrancar dejando el sistema

      Ok, quedo a la espera.
      Gracias