• Registrarse
  • Iniciar sesión


  • Página 3 de 14 PrimeroPrimero 123456713 ... ÚltimoÚltimo
    Resultados 21 al 30 de 132

    eliminar virus Win32: Agent - ARRQ[Trj]

    Buenas. No recuerdo de dónde pude descargarlo, pero yo siempre descargo de las webs "oficiales".... No he podido desinstalarlo desde windows porque no me aparecía en la lista de programas. He ejecutado su herramienta de ...

    1. #21
      Usuario Avatar de pinchaka
      Registrado
      oct 2013
      Ubicación
      España
      Mensajes
      66

      Re: eliminar virus Win32: Agent - ARRQ[Trj]

      Buenas.

      No recuerdo de dónde pude descargarlo, pero yo siempre descargo de las webs "oficiales"....

      No he podido desinstalarlo desde windows porque no me aparecía en la lista de programas.
      He ejecutado su herramienta de desinstalación, y se ha quitado todo bien.

      Con el Ccleaner he analizado sólo las entradas del Avast, no ha encontrado nada, así que no me ha podido limpiar nada.

      En cuanto al funcionamiento del equipo, me sigue yendo bastante lento, sobre todo los exploradores de internet (iniciarlos, explorar.....).

      saludos.

    2. #22
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: eliminar virus Win32: Agent - ARRQ[Trj]

      Hola pinchaka

      Bueno, no te preocupes, el caso es que lo tenías arrancando con el resto de Programas y Aplicaciones que se ejecutan de Inicio. Vamos a ver si encontramos la explicación de por qué no funcionaba el ESET Online en tu Equipo, y, para descartarlo vamos a ir por otro lado.
      Realiza el procedimiento que te pongo. Es muy importante que no tengas ningún Programa/Aplicación [email protected] mientras se ejecutan los Análisis. Imprime o apunta los pasos ya que no tienes que tener ningún navegador abierto mientras se realizan.

      1. Descarga Malwarebytes Anti-Rootkit Beta - Manual de Malwarebytes Anti-Rootkits Beta. y descomprime el contenido en tu escritorio.
      2. Descarga/Actualiza CCleaner - Descargar | InfoSpyware - Manual de CCleaner


      1. Malware Antirootkit Beta
        • Abre la carpeta Mbar. Doble clic en el archivo Mbar.exe
        • En la interfaz del programa haz clic en Next.
        • Haz clic en el botón Update. Terminando clic en Next
        • Para iniciar el análisis clic en el botón Scan
        • Si hay infección clic en CleanUp, si no haz clic en Exit.


      2. Ccleaner
        • Ejecuta su función LIMPIADOR / REGISTRO para borrar cookies, temporales y archivos de registro obsoletos (haciendo copia de seguridad cuando te lo pida) IMAGEN CCLEANER.


      3. Desactiva temporalmente tu Antivirus/Antispyware
        • Ejecuta el ESET SMART INSTALLER
        • Selecciona las casillas de IMAGEN
        • Adjunta el Reporte en tu próxima respuesta que estará ubicado en C:\Program Files(x86)\ESET\ESET Online\log



      • En tu próxima respuesta adjuntas Informes de:
        • Mbar, archivos mbar-log.txt y system-log.txt
        • ESET Online

    3. #23
      Usuario Avatar de pinchaka
      Registrado
      oct 2013
      Ubicación
      España
      Mensajes
      66

      Re: eliminar virus Win32: Agent - ARRQ[Trj]

      Hola.

      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.07.0.1005

      (c) Malwarebytes Corporation 2011-2012

      OS version: 5.1.2600 Windows XP Service Pack 3 x86

      Account is Administrative

      Internet Explorer version: 8.0.6001.18702

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
      CPU speed: 2.004000 GHz
      Memory total: 1038594048, free: 570195968

      =======================================


      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.07.0.1005

      (c) Malwarebytes Corporation 2011-2012

      OS version: 5.1.2600 Windows XP Service Pack 3 x86

      Account is Administrative

      Internet Explorer version: 8.0.6001.18702

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
      CPU speed: 2.004000 GHz
      Memory total: 1038594048, free: 474464256

      Downloaded database version: v2013.10.04.05
      Canceled update
      Downloaded database version: v2013.10.04.05
      Downloaded database version: v2013.09.30.01
      =======================================
      Initializing...
      ------------ Kernel report ------------
      10/04/2013 12:39:27
      ------------ Loaded modules -----------
      \WINDOWS\system32\ntkrnlpa.exe
      \WINDOWS\system32\hal.dll
      \WINDOWS\system32\KDCOM.DLL
      \WINDOWS\system32\BOOTVID.dll
      ACPI.sys
      \WINDOWS\system32\DRIVERS\WMILIB.SYS
      pci.sys
      isapnp.sys
      ohci1394.sys
      \WINDOWS\system32\DRIVERS\1394BUS.SYS
      pciide.sys
      \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
      MountMgr.sys
      ftdisk.sys
      dmload.sys
      dmio.sys
      PartMgr.sys
      VolSnap.sys
      atapi.sys
      nvata.sys
      disk.sys
      \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
      fltmgr.sys
      PxHelp20.sys
      KSecDD.sys
      WudfPf.sys
      Ntfs.sys
      NDIS.sys
      Mup.sys
      aswVmm.sys
      aswRvrt.sys
      \SystemRoot\system32\DRIVERS\nic1394.sys
      \SystemRoot\system32\DRIVERS\processr.sys
      \SystemRoot\system32\DRIVERS\nv4_mini.sys
      \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
      \SystemRoot\system32\DRIVERS\fdc.sys
      \SystemRoot\system32\DRIVERS\serial.sys
      \SystemRoot\system32\DRIVERS\serenum.sys
      \SystemRoot\system32\DRIVERS\parport.sys
      \SystemRoot\system32\DRIVERS\i8042prt.sys
      \SystemRoot\system32\DRIVERS\kbdclass.sys
      \SystemRoot\system32\DRIVERS\usbohci.sys
      \SystemRoot\system32\DRIVERS\USBPORT.SYS
      \SystemRoot\system32\DRIVERS\usbehci.sys
      \SystemRoot\system32\DRIVERS\cdrom.sys
      \SystemRoot\system32\DRIVERS\redbook.sys
      \SystemRoot\system32\DRIVERS\ks.sys
      \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
      \SystemRoot\system32\DRIVERS\imapi.sys
      \SystemRoot\system32\DRIVERS\HDAudBus.sys
      \SystemRoot\system32\DRIVERS\nvnetbus.sys
      \SystemRoot\system32\DRIVERS\NVNRM.SYS
      \SystemRoot\system32\DRIVERS\NVSNPU.SYS
      \SystemRoot\system32\DRIVERS\audstub.sys
      \SystemRoot\system32\DRIVERS\rasl2tp.sys
      \SystemRoot\system32\DRIVERS\ndistapi.sys
      \SystemRoot\system32\DRIVERS\ndiswan.sys
      \SystemRoot\system32\DRIVERS\raspppoe.sys
      \SystemRoot\system32\DRIVERS\raspptp.sys
      \SystemRoot\system32\DRIVERS\TDI.SYS
      \SystemRoot\system32\DRIVERS\psched.sys
      \SystemRoot\system32\DRIVERS\msgpc.sys
      \SystemRoot\system32\DRIVERS\ptilink.sys
      \SystemRoot\system32\DRIVERS\raspti.sys
      \SystemRoot\system32\DRIVERS\rdpdr.sys
      \SystemRoot\system32\DRIVERS\termdd.sys
      \SystemRoot\system32\DRIVERS\mouclass.sys
      \SystemRoot\system32\DRIVERS\swenum.sys
      \SystemRoot\system32\DRIVERS\update.sys
      \SystemRoot\system32\DRIVERS\mssmbios.sys
      \SystemRoot\system32\DRIVERS\NVENETFD.sys
      \SystemRoot\System32\Drivers\NDProxy.SYS
      \SystemRoot\system32\DRIVERS\flpydisk.sys
      \SystemRoot\system32\drivers\ADIHdAud.sys
      \SystemRoot\system32\drivers\portcls.sys
      \SystemRoot\system32\drivers\drmk.sys
      \SystemRoot\system32\drivers\AEAudio.sys
      \SystemRoot\system32\drivers\Senfilt.sys
      \SystemRoot\system32\DRIVERS\usbhub.sys
      \SystemRoot\system32\DRIVERS\USBD.SYS
      \SystemRoot\System32\Drivers\Fs_Rec.SYS
      \SystemRoot\System32\Drivers\Null.SYS
      \SystemRoot\System32\Drivers\Beep.SYS
      \??\C:\WINDOWS\system32\drivers\avgtpx86.sys
      \SystemRoot\system32\DRIVERS\hidusb.sys
      \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
      \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
      \SystemRoot\system32\DRIVERS\mouhid.sys
      \SystemRoot\System32\drivers\vga.sys
      \SystemRoot\System32\Drivers\mnmdd.SYS
      \SystemRoot\System32\DRIVERS\RDPCDD.sys
      \SystemRoot\System32\Drivers\Msfs.SYS
      \SystemRoot\System32\Drivers\Npfs.SYS
      \SystemRoot\system32\DRIVERS\rasacd.sys
      \SystemRoot\system32\DRIVERS\ipsec.sys
      \SystemRoot\system32\DRIVERS\tcpip.sys
      \SystemRoot\System32\Drivers\aswTdi.SYS
      \SystemRoot\system32\DRIVERS\ipnat.sys
      \SystemRoot\system32\DRIVERS\netbt.sys
      \SystemRoot\System32\Drivers\AswRdr.SYS
      \SystemRoot\System32\drivers\afd.sys
      \SystemRoot\system32\DRIVERS\netbios.sys
      \SystemRoot\system32\DRIVERS\rdbss.sys
      \SystemRoot\system32\DRIVERS\mrxsmb.sys
      \SystemRoot\System32\Drivers\Fips.SYS
      \SystemRoot\System32\Drivers\aswSP.SYS
      \SystemRoot\System32\Drivers\aswSnx.SYS
      \SystemRoot\System32\Drivers\Cdfs.SYS
      \SystemRoot\System32\Drivers\dump_atapi.sys
      \SystemRoot\System32\Drivers\dump_WMILIB.SYS
      \SystemRoot\System32\win32k.sys
      \SystemRoot\System32\drivers\Dxapi.sys
      \SystemRoot\System32\watchdog.sys
      \SystemRoot\System32\drivers\dxg.sys
      \SystemRoot\System32\drivers\dxgthk.sys
      \SystemRoot\System32\nv4_disp.dll
      \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys
      \SystemRoot\System32\Drivers\aswFsBlk.SYS
      \SystemRoot\system32\DRIVERS\ndisuio.sys
      \SystemRoot\system32\drivers\wdmaud.sys
      \SystemRoot\system32\drivers\sysaudio.sys
      \SystemRoot\system32\DRIVERS\mrxdav.sys
      \SystemRoot\System32\Drivers\ParVdm.SYS
      \SystemRoot\system32\DRIVERS\srv.sys
      \??\C:\WINDOWS\system32\drivers\ScFBPNT2.SYS
      \SystemRoot\System32\Drivers\HTTP.sys
      \SystemRoot\system32\DRIVERS\USBSTOR.SYS
      \SystemRoot\system32\drivers\kmixer.sys
      \SystemRoot\System32\Drivers\Fastfat.SYS
      \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
      \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
      \WINDOWS\system32\ntdll.dll
      ----------- End -----------
      Done!
      <<<1>>>
      Upper Device Name: \Device\Harddisk2\DR4
      Upper Device Object: 0xffffffff84cfd030
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\00000078\
      Lower Device Object: 0xffffffff84d28030
      Lower Device Driver Name: \Driver\USBSTOR\
      <<<1>>>
      Upper Device Name: \Device\Harddisk1\DR1
      Upper Device Object: 0xffffffff85f42ab8
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\Ide\IdeDeviceP0T1L0-c\
      Lower Device Object: 0xffffffff85ea1d98
      Lower Device Driver Name: \Driver\atapi\
      <<<1>>>
      Upper Device Name: \Device\Harddisk0\DR0
      Upper Device Object: 0xffffffff85e9bab8
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-4\
      Lower Device Object: 0xffffffff85f44d98
      Lower Device Driver Name: \Driver\atapi\
      <<<2>>>
      Physical Sector Size: 512
      Drive: 0, DevicePointer: 0xffffffff85e9bab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      --------- Disk Stack ------
      DevicePointer: 0xffffffff85ee1e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
      DevicePointer: 0xffffffff85e9bab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      DevicePointer: 0xffffffff85f7b9e8, DeviceName: \Device\0000006c\, DriverName: \Driver\ACPI\
      DevicePointer: 0xffffffff85f44d98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-4\, DriverName: \Driver\atapi\
      ------------ End ----------
      Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      Upper DeviceData: 0x0, 0x0, 0x0
      Lower DeviceData: 0x0, 0x0, 0x0
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      <<<2>>>
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
      <<<2>>>
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Done!
      Drive 0
      Scanning MBR on drive 0...
      Inspecting partition table:
      MBR Signature: 55AA
      Disk Signature: 1B191B18

      Partition information:

      Partition 0 type is Primary (0x7)
      Partition is ACTIVE.
      Partition starts at LBA: 63 Numsec = 390700737
      Partition file system is NTFS
      Partition is bootable

      Partition 1 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 2 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Disk Size: 200049647616 bytes
      Sector size: 512 bytes

      Scanning physical sectors of unpartitioned space on drive 0 (1-62-390701968-390721968)...
      Done!
      Physical Sector Size: 512
      Drive: 1, DevicePointer: 0xffffffff85f42ab8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
      --------- Disk Stack ------
      DevicePointer: 0xffffffff85ee1bf0, DeviceName: Unknown, DriverName: \Driver\PartMgr\
      DevicePointer: 0xffffffff85f42ab8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
      DevicePointer: 0xffffffff85f729e8, DeviceName: \Device\0000006d\, DriverName: \Driver\ACPI\
      DevicePointer: 0xffffffff85ea1d98, DeviceName: \Device\Ide\IdeDeviceP0T1L0-c\, DriverName: \Driver\atapi\
      ------------ End ----------
      Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
      Upper DeviceData: 0x0, 0x0, 0x0
      Lower DeviceData: 0x0, 0x0, 0x0
      Drive 1
      Scanning MBR on drive 1...
      Inspecting partition table:
      MBR Signature: 55AA
      Disk Signature: 30D030D

      Partition information:

      Partition 0 type is Extended with LBA (0xf)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 16065 Numsec = 78140160

      Partition 1 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 2 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Disk Size: 40020664320 bytes
      Sector size: 512 bytes

      Done!
      Physical Sector Size: 512
      Drive: 2, DevicePointer: 0xffffffff84cfd030, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
      --------- Disk Stack ------
      DevicePointer: 0xffffffff84db43a8, DeviceName: Unknown, DriverName: \Driver\PartMgr\
      DevicePointer: 0xffffffff84cfd030, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
      DevicePointer: 0xffffffff84d28030, DeviceName: \Device\00000078\, DriverName: \Driver\USBSTOR\
      ------------ End ----------
      Alternate DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
      Upper DeviceData: 0x0, 0x0, 0x0
      Lower DeviceData: 0x0, 0x0, 0x0
      Drive 2
      Scanning MBR on drive 2...
      Inspecting partition table:
      MBR Signature: 55AA
      Disk Signature: 0

      Partition information:

      Partition 0 type is Other (0x6)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 245 Numsec = 3999499

      Partition 1 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 2 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Disk Size: 2048901120 bytes
      Sector size: 512 bytes

      Done!
      Infected: C:\Documents and Settings\Pincho\Escritorio\RegUnlocker.exe --> [Malware.Packer.Gen]
      Scan finished
      Creating System Restore point...
      Could not create restore point...
      Cleaning up...
      Removal scheduling successful. System shutdown needed.
      System shutdown occurred
      =======================================


      Removal queue found; removal started
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_2_i.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_2_r.mbam...
      Removal finished
      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.07.0.1005

      (c) Malwarebytes Corporation 2011-2012

      OS version: 5.1.2600 Windows XP Service Pack 3 x86

      Account is Administrative

      Internet Explorer version: 8.0.6001.18702

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
      CPU speed: 2.004000 GHz
      Memory total: 1038594048, free: 764710912

      =======================================
      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.07.0.1007

      (c) Malwarebytes Corporation 2011-2012

      OS version: 5.1.2600 Windows XP Service Pack 3 x86

      Account is Administrative

      Internet Explorer version: 8.0.6001.18702

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
      CPU speed: 2.004000 GHz
      Memory total: 1038594048, free: 664985600

      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.07.0.1007

      (c) Malwarebytes Corporation 2011-2012

      OS version: 5.1.2600 Windows XP Service Pack 3 x86

      Account is Administrative

      Internet Explorer version: 8.0.6001.18702

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
      CPU speed: 2.004000 GHz
      Memory total: 1038594048, free: 646946816

      Downloaded database version: v2013.10.16.07
      Downloaded database version: v2013.10.11.02
      =======================================
      Initializing...
      DDA Driver installation error.
      Driver installed on boot. Reboot required.

      System shutdown occurred
      =======================================


      =======================================


      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.07.0.1007

      (c) Malwarebytes Corporation 2011-2012

      OS version: 5.1.2600 Windows XP Service Pack 3 x86

      Account is Administrative

      Internet Explorer version: 8.0.6001.18702

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
      CPU speed: 2.004000 GHz
      Memory total: 1038594048, free: 709316608

      =======================================
      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.07.0.1007

      (c) Malwarebytes Corporation 2011-2012

      OS version: 5.1.2600 Windows XP Service Pack 3 x86

      Account is Administrative

      Internet Explorer version: 8.0.6001.18702

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
      CPU speed: 2.004000 GHz
      Memory total: 1038594048, free: 682041344

      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.07.0.1007

      (c) Malwarebytes Corporation 2011-2012

      OS version: 5.1.2600 Windows XP Service Pack 3 x86

      Account is Administrative

      Internet Explorer version: 8.0.6001.18702

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
      CPU speed: 2.004000 GHz
      Memory total: 1038594048, free: 676884480

      =======================================
      Initializing...
      ------------ Kernel report ------------
      10/16/2013 16:53:39
      ------------ Loaded modules -----------
      \WINDOWS\system32\ntkrnlpa.exe
      \WINDOWS\system32\hal.dll
      \WINDOWS\system32\KDCOM.DLL
      \WINDOWS\system32\BOOTVID.dll
      \WINDOWS\system32\drivers\FLTMGR.SYS
      ACPI.sys
      \WINDOWS\system32\DRIVERS\WMILIB.SYS
      pci.sys
      isapnp.sys
      ohci1394.sys
      \WINDOWS\system32\DRIVERS\1394BUS.SYS
      pciide.sys
      \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
      MountMgr.sys
      ftdisk.sys
      dmload.sys
      dmio.sys
      PartMgr.sys
      VolSnap.sys
      atapi.sys
      nvata.sys
      disk.sys
      \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
      PxHelp20.sys
      KSecDD.sys
      WudfPf.sys
      Ntfs.sys
      NDIS.sys
      Mup.sys
      aswVmm.sys
      aswRvrt.sys
      \SystemRoot\system32\DRIVERS\processr.sys
      \SystemRoot\system32\DRIVERS\nv4_mini.sys
      \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
      \SystemRoot\system32\DRIVERS\fdc.sys
      \SystemRoot\system32\DRIVERS\serial.sys
      \SystemRoot\system32\DRIVERS\serenum.sys
      \SystemRoot\system32\DRIVERS\parport.sys
      \SystemRoot\system32\DRIVERS\i8042prt.sys
      \SystemRoot\system32\DRIVERS\kbdclass.sys
      \SystemRoot\system32\DRIVERS\usbohci.sys
      \SystemRoot\system32\DRIVERS\USBPORT.SYS
      \SystemRoot\system32\DRIVERS\usbehci.sys
      \SystemRoot\system32\DRIVERS\cdrom.sys
      \SystemRoot\system32\DRIVERS\redbook.sys
      \SystemRoot\system32\DRIVERS\ks.sys
      \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
      \SystemRoot\system32\DRIVERS\imapi.sys
      \SystemRoot\system32\DRIVERS\nic1394.sys
      \SystemRoot\system32\DRIVERS\HDAudBus.sys
      \SystemRoot\system32\DRIVERS\nvnetbus.sys
      \SystemRoot\system32\DRIVERS\NVNRM.SYS
      \SystemRoot\system32\DRIVERS\NVSNPU.SYS
      \SystemRoot\system32\DRIVERS\audstub.sys
      \SystemRoot\system32\DRIVERS\rasl2tp.sys
      \SystemRoot\system32\DRIVERS\ndistapi.sys
      \SystemRoot\system32\DRIVERS\ndiswan.sys
      \SystemRoot\system32\DRIVERS\raspppoe.sys
      \SystemRoot\system32\DRIVERS\raspptp.sys
      \SystemRoot\system32\DRIVERS\TDI.SYS
      \SystemRoot\system32\DRIVERS\psched.sys
      \SystemRoot\system32\DRIVERS\msgpc.sys
      \SystemRoot\system32\DRIVERS\ptilink.sys
      \SystemRoot\system32\DRIVERS\raspti.sys
      \SystemRoot\system32\DRIVERS\rdpdr.sys
      \SystemRoot\system32\DRIVERS\termdd.sys
      \SystemRoot\system32\DRIVERS\mouclass.sys
      \SystemRoot\system32\DRIVERS\swenum.sys
      \SystemRoot\system32\DRIVERS\update.sys
      \SystemRoot\system32\DRIVERS\mssmbios.sys
      \SystemRoot\system32\DRIVERS\NVENETFD.sys
      \SystemRoot\System32\Drivers\NDProxy.SYS
      \SystemRoot\system32\DRIVERS\flpydisk.sys
      \SystemRoot\system32\drivers\ADIHdAud.sys
      \SystemRoot\system32\drivers\portcls.sys
      \SystemRoot\system32\drivers\drmk.sys
      \SystemRoot\system32\drivers\AEAudio.sys
      \SystemRoot\system32\drivers\Senfilt.sys
      \SystemRoot\system32\DRIVERS\usbhub.sys
      \SystemRoot\system32\DRIVERS\USBD.SYS
      \SystemRoot\System32\Drivers\Fs_Rec.SYS
      \SystemRoot\System32\Drivers\Null.SYS
      \SystemRoot\System32\Drivers\Beep.SYS
      \??\C:\WINDOWS\system32\drivers\avgtpx86.sys
      \SystemRoot\System32\drivers\vga.sys
      \SystemRoot\System32\Drivers\mnmdd.SYS
      \SystemRoot\System32\DRIVERS\RDPCDD.sys
      \SystemRoot\System32\Drivers\Msfs.SYS
      \SystemRoot\System32\Drivers\Npfs.SYS
      \SystemRoot\system32\DRIVERS\rasacd.sys
      \SystemRoot\system32\DRIVERS\ipsec.sys
      \SystemRoot\system32\DRIVERS\tcpip.sys
      \SystemRoot\System32\Drivers\aswTdi.SYS
      \SystemRoot\system32\DRIVERS\ipnat.sys
      \SystemRoot\system32\DRIVERS\netbt.sys
      \SystemRoot\System32\Drivers\AswRdr.SYS
      \SystemRoot\System32\drivers\afd.sys
      \SystemRoot\system32\DRIVERS\netbios.sys
      \SystemRoot\system32\DRIVERS\rdbss.sys
      \SystemRoot\system32\DRIVERS\mrxsmb.sys
      \SystemRoot\System32\Drivers\Fips.SYS
      \SystemRoot\system32\DRIVERS\hidusb.sys
      \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
      \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
      \SystemRoot\system32\DRIVERS\USBSTOR.SYS
      \SystemRoot\system32\DRIVERS\mouhid.sys
      \SystemRoot\System32\Drivers\aswSP.SYS
      \SystemRoot\System32\Drivers\aswSnx.SYS
      \SystemRoot\System32\Drivers\Fastfat.SYS
      \SystemRoot\System32\Drivers\dump_atapi.sys
      \SystemRoot\System32\Drivers\dump_WMILIB.SYS
      \SystemRoot\System32\win32k.sys
      \SystemRoot\System32\drivers\Dxapi.sys
      \SystemRoot\System32\watchdog.sys
      \SystemRoot\System32\drivers\dxg.sys
      \SystemRoot\System32\drivers\dxgthk.sys
      \SystemRoot\System32\nv4_disp.dll
      \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys
      \SystemRoot\System32\Drivers\aswFsBlk.SYS
      \SystemRoot\system32\DRIVERS\ndisuio.sys
      \SystemRoot\system32\DRIVERS\mrxdav.sys
      \SystemRoot\System32\Drivers\ParVdm.SYS
      \SystemRoot\system32\drivers\wdmaud.sys
      \SystemRoot\system32\drivers\sysaudio.sys
      \SystemRoot\system32\drivers\kmixer.sys
      \SystemRoot\system32\DRIVERS\srv.sys
      \??\C:\WINDOWS\system32\drivers\ScFBPNT2.SYS
      \SystemRoot\System32\Drivers\HTTP.sys
      \SystemRoot\System32\Drivers\Cdfs.SYS
      \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
      \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
      \WINDOWS\system32\ntdll.dll
      ----------- End -----------
      Done!
      <<<1>>>
      Upper Device Name: \Device\Harddisk2\DR4
      Upper Device Object: 0xffffffff85123860
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\00000078\
      Lower Device Object: 0xffffffff851a67b0
      Lower Device Driver Name: \Driver\USBSTOR\
      <<<1>>>
      Upper Device Name: \Device\Harddisk1\DR1
      Upper Device Object: 0xffffffff85f6cab8
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\Ide\IdeDeviceP0T1L0-c\
      Lower Device Object: 0xffffffff85eacd98
      Lower Device Driver Name: \Driver\atapi\
      <<<1>>>
      Upper Device Name: \Device\Harddisk0\DR0
      Upper Device Object: 0xffffffff85eaaab8
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-4\
      Lower Device Object: 0xffffffff85f13d98
      Lower Device Driver Name: \Driver\atapi\
      <<<2>>>
      Physical Sector Size: 512
      Drive: 0, DevicePointer: 0xffffffff85eaaab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      --------- Disk Stack ------
      DevicePointer: 0xffffffff85f69bf8, DeviceName: Unknown, DriverName: \Driver\PartMgr\
      DevicePointer: 0xffffffff85eaaab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      DevicePointer: 0xffffffff85f139e8, DeviceName: \Device\0000006d\, DriverName: \Driver\ACPI\
      DevicePointer: 0xffffffff85f13d98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-4\, DriverName: \Driver\atapi\
      ------------ End ----------
      Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      Upper DeviceData: 0x0, 0x0, 0x0
      Lower DeviceData: 0x0, 0x0, 0x0
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      <<<2>>>
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
      <<<2>>>
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Done!
      Drive 0
      Scanning MBR on drive 0...
      Inspecting partition table:
      MBR Signature: 55AA
      Disk Signature: 1B191B18

      Partition information:

      Partition 0 type is Primary (0x7)
      Partition is ACTIVE.
      Partition starts at LBA: 63 Numsec = 390700737
      Partition file system is NTFS
      Partition is bootable

      Partition 1 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 2 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Disk Size: 200049647616 bytes
      Sector size: 512 bytes

      Scanning physical sectors of unpartitioned space on drive 0 (1-62-390701968-390721968)...
      Done!
      Physical Sector Size: 512
      Drive: 1, DevicePointer: 0xffffffff85f6cab8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
      --------- Disk Stack ------
      DevicePointer: 0xffffffff85f0be08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
      DevicePointer: 0xffffffff85f6cab8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
      DevicePointer: 0xffffffff85f119e8, DeviceName: \Device\0000006e\, DriverName: \Driver\ACPI\
      DevicePointer: 0xffffffff85eacd98, DeviceName: \Device\Ide\IdeDeviceP0T1L0-c\, DriverName: \Driver\atapi\
      ------------ End ----------
      Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
      Upper DeviceData: 0x0, 0x0, 0x0
      Lower DeviceData: 0x0, 0x0, 0x0
      Drive 1
      Scanning MBR on drive 1...
      Inspecting partition table:
      MBR Signature: 55AA
      Disk Signature: 30D030D

      Partition information:

      Partition 0 type is Extended with LBA (0xf)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 16065 Numsec = 78140160

      Partition 1 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 2 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Disk Size: 40020664320 bytes
      Sector size: 512 bytes

      Done!
      Physical Sector Size: 512
      Drive: 2, DevicePointer: 0xffffffff85123860, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
      --------- Disk Stack ------
      DevicePointer: 0xffffffff85d16ad8, DeviceName: Unknown, DriverName: \Driver\PartMgr\
      DevicePointer: 0xffffffff85123860, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
      DevicePointer: 0xffffffff851a67b0, DeviceName: \Device\00000078\, DriverName: \Driver\USBSTOR\
      ------------ End ----------
      Alternate DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
      Upper DeviceData: 0x0, 0x0, 0x0
      Lower DeviceData: 0x0, 0x0, 0x0
      Drive 2
      Scanning MBR on drive 2...
      Inspecting partition table:
      MBR Signature: 55AA
      Disk Signature: 0

      Partition information:

      Partition 0 type is Other (0x6)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 245 Numsec = 3999499

      Partition 1 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 2 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Disk Size: 2048901120 bytes
      Sector size: 512 bytes

      Done!
      =======================================


      Scan finished
      =======================================


      Removal queue found; removal started
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_2_i.mbam...
      Removing C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)\MBR_2_r.mbam...
      Removal finished





      Malwarebytes Anti-Rootkit BETA 1.07.0.1007
      Malwarebytes : Free anti-malware download

      Database version: v2013.10.16.07

      Windows XP Service Pack 3 x86 NTFS
      Internet Explorer 8.0.6001.18702
      Pincho :: CASA-67F4DD5354 [administrator]

      16/10/2013 16:53:52
      mbar-log-2013-10-16 (16-53-52).txt

      Scan type: Quick scan
      Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
      Scan options disabled:
      Objects scanned: 226429
      Time elapsed: 25 minute(s), 58 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      Physical Sectors Detected: 0
      (No malicious items detected)

      (end)





      [email protected] as downloader log:
      all ok
      [email protected] as downloader log:
      all ok
      [email protected] as downloader log:
      all ok
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # OnlineScanner.ocx=1.0.0.6920
      # api_version=3.0.2
      # EOSSerial=c1024ef58093144e8ca11830fba43c90
      # engine=15509
      # end=finished
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2013-10-16 10:52:21
      # local_time=2013-10-17 12:52:21 (+0100, Hora estándar romance)
      # country="Spain"
      # lang=3082
      # osver=5.1.2600 NT Service Pack 3
      # compatibility_mode=774 16777213 85 91 735563 158673813 0 0
      # scanned=62247
      # found=5
      # cleaned=5
      # scan_time=26640
      sh=68B393A243F1A215FF3471B56E7038213FC3529E ft=1 fh=b0dfe81e970c8bdd vn="una variante de Win32/Adware.Yontoo.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\AdwCleaner\Quarantine\C\Archivos de programa\Yontoo\YontooIEClient.dll.vir"
      sh=FD294D3D1B5FB9D2F248A24BB9277ED2109E50D5 ft=1 fh=1e26878a12f8e2f4 vn="Win32/Toolbar.Montiera.E aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Pincho\Configuración local\Temp\tuvaro\tuvaro\1.8.17.3\tuvaro4ffx.exe.vir"
      sh=A5737972A44653FA5BDBAD1D008466F80D497690 ft=1 fh=43e6884da6fd8658 vn="múltiples amenazas (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Pincho\Configuración local\Temp\tuvaro\tuvaro\1.8.17.3\tuvaro4ie.exe.vir"
      sh=354BDD57F49997D0A1AB3BADA1339CB33765898B ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo aplicación (eliminado - puesto en Cuarentena)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Pincho\Datos de programa\Mozilla\Firefox\Profiles\vfcifd3m.default\Extensions\[email protected]"
      sh=832BF5093617711948105FF65094819FB6830C79 ft=1 fh=d853b354b0134743 vn="Win32/OpenCandy aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Documents and Settings\Pincho\Mis documentos\Descargas\ac3filter_2_6_0b.exe"



      saludos

    4. #24
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: eliminar virus Win32: Agent - ARRQ[Trj]

      Hola

      La mayoría de detecciones son de la Cuarentena del AdwCleaner, pero hay un par que no.

      Dime ¿cómo va exáctamente tu Equipo ahora?

      Un saludo.

    5. #25
      Usuario Avatar de pinchaka
      Registrado
      oct 2013
      Ubicación
      España
      Mensajes
      66

      Re: eliminar virus Win32: Agent - ARRQ[Trj]

      Hola.

      Pues continúa yendo igual. Los exploradores de internet tardan en abrirse mucho y su exploración también es lenta.
      La exploración de archivos en escritorio o C funciona bien (aunque algunos programas tardan en abrirse mucho).
      El arranque del pc parece que haya mejorado.

      un saludo.

    6. #26
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: eliminar virus Win32: Agent - ARRQ[Trj]

      Bueno...

      Realiza lo siguiente (fíjate muy bien en las instrucciones que te pongo):

      Descarga >> OTL By OldTimer a tu escritorio.

      Para Ejecutar OTL sigue estos pasos :

      • Cerrar todos programas que tengas abiertos y hacer doble click en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar la casilla Analizar Todos.Marcar las opciones:Buscar LOP y Buscar Purity
      • Marcar las Opciones: Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar las líneas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Código:

        Código:
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*    
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.
      • Presionar el botón
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.


      Un saludo.

    7. #27
      Usuario Avatar de pinchaka
      Registrado
      oct 2013
      Ubicación
      España
      Mensajes
      66

      Re: eliminar virus Win32: Agent - ARRQ[Trj]

      Hola.

      OTL logfile created on: 17/10/2013 10:07:05 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pincho\Escritorio
      Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.6001.18702)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      990,48 Mb Total Physical Memory | 630,77 Mb Available Physical Memory | 63,68% Memory free
      2,33 Gb Paging File | 2,06 Gb Available in Paging File | 88,43% Paging File free
      Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
      Drive C: | 186,30 Gb Total Space | 135,18 Gb Free Space | 72,56% Space Free | Partition Type: NTFS
      Drive D: | 37,26 Gb Total Space | 2,71 Gb Free Space | 7,27% Space Free | Partition Type: NTFS
      Drive H: | 1,91 Gb Total Space | 0,96 Gb Free Space | 50,59% Space Free | Partition Type: FAT

      Computer Name: CASA-67F4DD5354 | User Name: Pincho | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Documents and Settings\Pincho\Escritorio\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\Java\jre7\bin\jqs.exe (Oracle Corporation)
      PRC - C:\Archivos de programa\Tor\tor.exe ()
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Oracle Corporation)
      PRC - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
      PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Archivos de programa\AVAST Software\Avast\defs\13101600\algo.dll ()
      MOD - C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\libxml2.dll ()


      ========== Services (SafeList) ==========

      SRV - (vToolbarUpdater17.0.12) -- C:\Archivos de programa\Archivos comunes\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe File not found
      SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
      SRV - (MozillaMaintenance) -- C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (JavaQuickStarterService) -- C:\Archivos de programa\Java\jre7\bin\jqs.exe (Oracle Corporation)
      SRV - (tor) -- C:\Archivos de programa\Tor\tor.exe ()
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (Sony PC Companion) -- C:\Archivos de programa\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
      SRV - (Apple Mobile Device) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)


      ========== Driver Services (SafeList) ==========

      DRV - (WDICA) -- File not found
      DRV - (PDRFRAME) -- File not found
      DRV - (PDRELI) -- File not found
      DRV - (PDFRAME) -- File not found
      DRV - (PDCOMP) -- File not found
      DRV - (PCIDump) -- File not found
      DRV - (lbrtfdc) -- File not found
      DRV - (i2omgmt) -- File not found
      DRV - (Changer) -- File not found
      DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies)
      DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
      DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
      DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
      DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
      DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
      DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
      DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
      DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
      DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
      DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (nvata) -- C:\WINDOWS\system32\drivers\nvata.sys (NVIDIA Corporation)
      DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
      DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
      DRV - (ScFBPNT2) -- C:\WINDOWS\system32\drivers\ScFBPNT2.sys ()


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope =


      IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

      IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

      IE - HKU\S-1-5-21-776561741-343818398-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKU\S-1-5-21-776561741-343818398-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKU\S-1-5-21-776561741-343818398-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
      IE - HKU\S-1-5-21-776561741-343818398-839522115-1003\..\SearchScopes\{DB34B6C5-FC3E-4C7E-8707-B44E249F4916}: "URL" = http://tuvaro.com/ws/?source=4c3f95e5&tbp=rbox&toolbarid=base&u=945414a9000000000000001a9259823c&q={searchTerms}
      IE - HKU\S-1-5-21-776561741-343818398-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-776561741-343818398-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaulturl: "www.Google.com"
      FF - prefs.js..browser.search.order.1: "(Google)"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1497
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
      FF - prefs.js..keyword.URL: "https://www.google.com/search?q="
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Archivos de programa\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Archivos de programa\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Archivos de programa\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Archivos de programa\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Archivos de programa\Veetle\plugins\npVeetle.dll (Veetle Inc)
      FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Archivos de programa\Veetle\Player\npvlc.dll (Veetle Inc)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Archivos de programa\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Archivos de programa\AVAST Software\Avast\WebRep\FF [2013/10/08 12:27:46 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Archivos de programa\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/02/06 16:42:52 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2013/10/16 12:08:56 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2013/10/16 12:09:13 | 000,000,000 | ---D | M]

      [2013/01/09 2245 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pincho\Datos de programa\Mozilla\Extensions
      [2013/10/16 09:39:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pincho\Datos de programa\Mozilla\Firefox\Profiles\vfcifd3m.default\extensions
      [2013/10/16 09:39:54 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Pincho\Datos de programa\Mozilla\Firefox\Profiles\vfcifd3m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2013/05/23 19:55:38 | 000,001,407 | ---- | M] () -- C:\Documents and Settings\Pincho\Datos de programa\Mozilla\Firefox\Profiles\vfcifd3m.default\searchplugins\tuvaro.xml
      [2013/10/16 12:08:59 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2013/10/16 12:08:53 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\browser\extensions
      [2013/10/16 1228 | 000,000,000 | ---D | M] (Default) -- C:\Archivos de programa\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      [2013/10/08 12:27:46 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\ARCHIVOS DE PROGRAMA\AVAST SOFTWARE\AVAST\WEBREP\FF
      [2012/06/28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Archivos de programa\mozilla firefox\plugins\npwachk.dll

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: Google
      CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Pincho\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
      CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Documents and Settings\Pincho\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_1\

      O1 HOSTS File: ([2001/08/24 18:00:00 | 000,000,792 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Archivos de programa\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O4 - HKLM..\Run: [Adobe ARM] C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [APSDaemon] C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [avast] C:\Archivos de programa\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [DivXMediaServer] C:\Archivos de programa\DivX\DivX Media Server\DivXMediaServer.exe ()
      O4 - HKLM..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe (Microsoft Corporation)
      O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
      O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
      O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
      O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Oracle Corporation)
      O4 - HKLM..\Run: [WinampAgent] C:\Archivos de programa\Winamp\winampa.exe (Nullsoft, Inc.)
      O4 - HKU\S-1-5-21-776561741-343818398-839522115-1003..\Run: [Sony PC Companion] C:\Archivos de programa\Sony\Sony PC Companion\PCCompanion.exe (Sony)
      O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-21-776561741-343818398-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O15 - HKU\S-1-5-21-776561741-343818398-839522115-1003\..Trusted Domains: gob.es ([agenciatributaria] https in Sitios de confianza)
      O16 - DPF: {2DAB6EF1-66C3-427C-87CD-8DC448C47EAE} https://www5.aeat.es/es13/h/tgvicab.cab (CtlTGVI Class)
      O16 - DPF: {947B00D2-962D-4A35-9E48-98EE6A442B41} https://www1.agenciatributaria.gob.e...t/aded1503.cab (OAdedinet Class)
      O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} https://www1.agenciatributaria.gob.e...h/cactivex.cab (AeatCtl Class)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.81.16.164 62.81.16.213
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C15B7CE-4960-4D61-A9BE-4561BFC43239}: DhcpNameServer = 62.81.16.164 62.81.16.213
      O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
      O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
      O24 - Desktop WallPaper: C:\Documents and Settings\Pincho\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pincho\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2013/01/08 12:58:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
      O32 - AutoRun File - [2013/10/16 12:54:06 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
      O32 - AutoRun File - [2010/09/26 13:11:44 | 000,000,108 | RHS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
      O32 - AutoRun File - [2013/10/16 12:54:06 | 000,000,000 | RHSD | M] - H:\Autorun.inf -- [ FAT ]
      O33 - MountPoints2\{21dd611e-8b0b-11e2-b0cd-001a9259823c}\Shell - "" = AutoRun
      O33 - MountPoints2\{dcd7d32e-9c5b-11e2-b0f6-001a9259823c}\Shell - "" = AutoRun
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

      NetSvcs: 6to4 - File not found
      NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
      NetSvcs: Ias - File not found
      NetSvcs: Iprip - File not found
      NetSvcs: Irmon - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: WmdmPmSp - File not found


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/10/17 10:03:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pincho\Escritorio\OTL.exe
      [2013/10/16 17:23:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pincho\Recent
      [2013/10/16 16:53:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes' Anti-Malware (portable)
      [2013/10/16 16:47:31 | 000,047,064 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
      [2013/10/16 16:46:47 | 012,576,792 | ---- | C] (Malwarebytes Corp.) -- C:\Documents and Settings\Pincho\Escritorio\mbar-1.07.0.1007.exe
      [2013/10/16 13:30:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pincho\Escritorio\Nueva carpeta
      [2013/10/16 12:54:06 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
      [2013/10/16 12:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Argente Utilities
      [2013/10/16 12:40:59 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Argente Utilities
      [2013/10/16 12:40:29 | 006,879,357 | ---- | C] (Argente Software ) -- C:\Documents and Settings\Pincho\Escritorio\Argente Utilities.exe
      [2013/10/16 12:20:48 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2013/10/16 12:08:52 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Mozilla Firefox
      [2013/10/16 10:50:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Java
      [2013/10/07 19:06:44 | 000,105,176 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
      [2013/10/04 13:34:39 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Defraggler
      [2013/10/04 12:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pincho\Escritorio\mbar
      [2013/10/03 17:47:08 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Java
      [2013/10/03 16:49:03 | 000,000,000 | ---D | C] -- C:\RegUnlocker Backups
      [2013/10/03 09:02:56 | 000,000,000 | ---D | C] -- C:\UsbFix
      [2013/10/03 09:02:18 | 001,539,808 | ---- | C] (El Desaparecido - SosVirus.net - UsbFix.net) -- C:\Documents and Settings\Pincho\Escritorio\UsbFix.exe
      [2013/10/02 19:34:14 | 000,000,000 | ---D | C] -- C:\AdwCleaner
      [2013/10/02 18:59:26 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ESET
      [2013/10/02 18:59:23 | 002,347,384 | ---- | C] (ESET) -- C:\Documents and Settings\Pincho\Escritorio\esetsmartinstaller_esn.exe
      [2013/10/02 18:57:52 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
      [2013/10/02 13:56:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pincho\Datos de programa\Malwarebytes
      [2013/10/02 13:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes' Anti-Malware
      [2013/10/02 13:55:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
      [2013/10/02 13:55:51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
      [2013/10/02 13:55:51 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
      [2013/10/02 13:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\CCleaner
      [2013/10/02 13:54:55 | 000,000,000 | ---D | C] -- C:\Archivos de programa\CCleaner
      [2013/10/02 13:54:10 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Pincho\Escritorio\mbam-setup-1.75.0.1300.exe
      [2013/09/24 10:37:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pincho\Configuración local\Datos de programa\avgchrome
      [2013/05/17 08:51:39 | 006,533,200 | ---- | C] (AVAST Software) -- C:\Archivos de programa\AVA
      [2013/02/28 14:19:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Pincho\Datos de programa\pcouffin.sys
      [1 C:\Documents and Settings\Pincho\Mis documentos\*.tmp files -> C:\Documents and Settings\Pincho\Mis documentos\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/10/17 10:02:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pincho\Escritorio\OTL.exe
      [2013/10/17 09:53:32 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
      [2013/10/17 09:53:19 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
      [2013/10/17 09:53:16 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
      [2013/10/17 09:53:15 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
      [2013/10/17 09:53:15 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
      [2013/10/17 09:32:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2013/10/17 08:31:00 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
      [2013/10/16 17:24:04 | 002,347,384 | ---- | M] (ESET) -- C:\Documents and Settings\Pincho\Escritorio\esetsmartinstaller_esn.exe
      [2013/10/16 16:53:38 | 000,105,176 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
      [2013/10/16 16:53:24 | 000,047,064 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
      [2013/10/16 16:45:36 | 012,576,792 | ---- | M] (Malwarebytes Corp.) -- C:\Documents and Settings\Pincho\Escritorio\mbar-1.07.0.1007.exe
      [2013/10/16 13:25:50 | 002,088,894 | ---- | M] () -- C:\Documents and Settings\Pincho\Escritorio\kavremover.zip
      [2013/10/16 12:41:16 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Argente Utilities.lnk
      [2013/10/16 12:39:52 | 006,879,357 | ---- | M] (Argente Software ) -- C:\Documents and Settings\Pincho\Escritorio\Argente Utilities.exe
      [2013/10/16 12:19:02 | 001,199,088 | ---- | M] () -- C:\Documents and Settings\Pincho\Escritorio\AT-Destroyer.exe
      [2013/10/16 09:11:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
      [2013/10/08 12:27:48 | 000,002,909 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
      [2013/10/06 02:52:34 | 000,001,876 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Google Chrome.lnk
      [2013/10/04 13:34:40 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Defraggler.lnk
      [2013/10/03 09:00:36 | 000,891,167 | ---- | M] () -- C:\Documents and Settings\Pincho\Escritorio\SecurityCheck.exe
      [2013/10/03 08:59:28 | 001,539,808 | ---- | M] (El Desaparecido - SosVirus.net - UsbFix.net) -- C:\Documents and Settings\Pincho\Escritorio\UsbFix.exe
      [2013/10/02 19:36:10 | 000,003,731 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefoxavg-secure-search.xml
      [2013/10/02 19:33:33 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
      [2013/10/02 18:52:17 | 000,025,728 | ---- | M] () -- C:\Documents and Settings\Pincho\Escritorio\cc_20131002_185158.reg
      [2013/10/02 13:56:00 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk
      [2013/10/02 13:55:01 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk
      [2013/10/02 13:50:12 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Pincho\Escritorio\mbam-setup-1.75.0.1300.exe
      [2013/10/02 13:48:46 | 001,045,226 | ---- | M] () -- C:\Documents and Settings\Pincho\Escritorio\adwcleaner.exe
      [2013/10/01 17:38:28 | 000,155,937 | ---- | M] () -- C:\Documents and Settings\Pincho\Escritorio\Crystal Report Viewer.pdf
      [2013/09/24 10:51:32 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
      [2013/09/24 10:38:54 | 000,001,802 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Sony PC Companion 2.1.lnk
      [2013/09/19 11:39:34 | 000,112,645 | ---- | M] () -- C:\Documents and Settings\Pincho\Escritorio\calendariomaster13-14.pdf
      [1 C:\Documents and Settings\Pincho\Mis documentos\*.tmp files -> C:\Documents and Settings\Pincho\Mis documentos\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/10/16 13:26:44 | 002,088,894 | ---- | C] () -- C:\Documents and Settings\Pincho\Escritorio\kavremover.zip
      [2013/10/16 12:41:16 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Argente Utilities.lnk
      [2013/10/16 12:20:04 | 001,199,088 | ---- | C] () -- C:\Documents and Settings\Pincho\Escritorio\AT-Destroyer.exe
      [2013/10/04 13:34:40 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Defraggler.lnk
      [2013/10/03 09:02:16 | 000,891,167 | ---- | C] () -- C:\Documents and Settings\Pincho\Escritorio\SecurityCheck.exe
      [2013/10/02 18:52:05 | 000,025,728 | ---- | C] () -- C:\Documents and Settings\Pincho\Escritorio\cc_20131002_185158.reg
      [2013/10/02 13:56:00 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk
      [2013/10/02 13:55:00 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk
      [2013/10/02 13:53:28 | 001,045,226 | ---- | C] () -- C:\Documents and Settings\Pincho\Escritorio\adwcleaner.exe
      [2013/10/01 17:41:05 | 000,155,937 | ---- | C] () -- C:\Documents and Settings\Pincho\Escritorio\Crystal Report Viewer.pdf
      [2013/10/01 17:41:05 | 000,112,645 | ---- | C] () -- C:\Documents and Settings\Pincho\Escritorio\calendariomaster13-14.pdf
      [2013/09/24 10:38:54 | 000,001,802 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Sony PC Companion 2.1.lnk
      [2013/07/03 10:28:42 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
      [2013/07/03 10:28:42 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
      [2013/07/03 10:28:42 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
      [2013/05/21 15:33:28 | 000,003,731 | ---- | C] () -- C:\Archivos de programa\Mozilla Firefoxavg-secure-search.xml
      [2013/05/06 17:51:55 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\adedinet.dll
      [2013/03/11 14:56:44 | 000,177,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
      [2013/03/11 14:56:43 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
      [2013/03/01 12:49:25 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
      [2013/02/28 14:19:19 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Pincho\Datos de programa\pcouffin.cat
      [2013/02/28 14:19:19 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Pincho\Datos de programa\pcouffin.inf
      [2013/02/08 17:33:55 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Pincho\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2013/02/01 14:24:39 | 000,020,450 | ---- | C] () -- C:\WINDOWS\SICALIB2.DAT
      [2013/02/01 14:22:28 | 000,000,048 | ---- | C] () -- C:\WINDOWS\OPLEInst.ini
      [2013/02/01 14:20:33 | 000,015,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\ScFBPNT2.sys
      [2013/01/22 14:01:13 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
      [2013/01/10 10:41:39 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
      [2013/01/08 13:00:21 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
      [2013/01/08 12:55:23 | 000,021,900 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
      [2013/01/08 12:47:56 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
      [2013/01/08 12:46:40 | 000,110,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

      ========== ZeroAccess Check ==========

      [2013/01/09 22:03:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 08:48:38 | 001,499,648 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 08:48:22 | 000,472,064 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 08:48:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2013/05/19 11:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\188F1432-103A-4ffb-80F1-36B633C5C9E1
      [2013/01/09 22:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\AVAST Software
      [2013/01/14 17:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Datos de programa\Common Files
      [2013/02/13 15:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Guitar Pro 6
      [2013/03/06 17:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\install_clap
      [2013/03/12 16:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Sony
      [2013/01/14 14:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Soulseek
      [2013/03/06 17:30:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Temp
      [2013/05/21 15:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TuneUp Software
      [2013/10/02 18:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\VSO
      [2013/02/28 2050 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\vsosdk
      [2013/01/17 18:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
      [2013/05/21 15:34:45 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Datos de programa\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
      [2013/10/17 09:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maguisa\Datos de programa\uTorrent
      [2013/04/05 10:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pincho\Datos de programa\DDMSettings
      [2013/07/05 09:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pincho\Datos de programa\fretsonfire
      [2013/05/17 1141 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pincho\Datos de programa\Glarysoft
      [2013/02/13 15:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pincho\Datos de programa\Guitar Pro 6
      [2013/05/21 15:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pincho\Datos de programa\TuneUp Software
      [2013/10/16 12:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pincho\Datos de programa\uTorrent
      [2013/03/06 17:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pincho\Datos de programa\Vso

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2013/05/23 19:55:37 | 000,000,041 | ---- | M] () -- C:\AT-Cuarentena
      [2013/10/16 12:22:57 | 000,014,539 | ---- | M] () -- C:\AT-Destroyer.txt
      [2013/01/08 12:58:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
      [2013/01/08 12:51:42 | 000,000,211 | ---- | M] () -- C:\boot.ini
      [2001/08/24 18:00:00 | 000,004,952 | ---- | M] () -- C:\Bootfont.bin
      [2013/01/08 12:58:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
      [2013/01/08 12:58:02 | 000,000,000 | ---- | M] () -- C:\IO.SYS
      [2013/01/08 12:58:02 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS
      [2004/08/04 03:38:34 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM
      [2013/01/10 00:07:56 | 000,251,168 | ---- | M] () -- C:\ntldr
      [2013/10/17 09:31:56 | 1560,281,088 | -HS- | M] () -- C:\pagefile.sys
      [2013/10/03 17:53:41 | 000,003,370 | ---- | M] () -- C:\UsbFix [Clean 1] CASA-67F4DD5354.txt

      < End of report >





      OTL Extras logfile created on: 17/10/2013 10:07:05 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pincho\Escritorio
      Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.6001.18702)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      990,48 Mb Total Physical Memory | 630,77 Mb Available Physical Memory | 63,68% Memory free
      2,33 Gb Paging File | 2,06 Gb Available in Paging File | 88,43% Paging File free
      Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
      Drive C: | 186,30 Gb Total Space | 135,18 Gb Free Space | 72,56% Space Free | Partition Type: NTFS
      Drive D: | 37,26 Gb Total Space | 2,71 Gb Free Space | 7,27% Space Free | Partition Type: NTFS
      Drive H: | 1,91 Gb Total Space | 0,96 Gb Free Space | 50,59% Space Free | Partition Type: FAT

      Computer Name: CASA-67F4DD5354 | User Name: Pincho | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Extra Registry (SafeList) ==========


      ========== File Associations ==========

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
      .html [@ = ChromeHTML] -- C:\Archivos de programa\Google\Chrome\Application\chrome.exe (Google Inc.)

      [HKEY_USERS\S-1-5-21-776561741-343818398-839522115-1003\SOFTWARE\Classes\<extension>]
      .html [@ = FirefoxHTML] -- C:\Archivos de programa\Mozilla Firefox\firefox.exe (Mozilla Corporation)

      ========== Shell Spawning ==========

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
      exefile [open] -- "%1" %*
      htmlfile [edit] -- Reg Error: Key error.
      http [open] -- "C:\Archivos de programa\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
      https [open] -- "C:\Archivos de programa\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- Reg Error: Key error.
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Directory [Winamp.Bookmark] -- "C:\Archivos de programa\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
      Directory [Winamp.Enqueue] -- "C:\Archivos de programa\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
      Directory [Winamp.Play] -- "C:\Archivos de programa\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
      Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
      Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

      ========== Security Center Settings ==========

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
      "FirstRunDisabled" = 1
      "UpdatesDisableNotify" = 0
      "AntiVirusDisableNotify" = 0
      "FirewallDisableNotify" = 0
      "AntiVirusOverride" = 0
      "FirewallOverride" = 0

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

      ========== System Restore Settings ==========

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
      "DisableSR" = 0

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
      "Start" = 0

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
      "Start" = 2

      ========== Firewall Settings ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
      "EnableFirewall" = 0

      ========== Authorized Applications List ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
      "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
      "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
      "C:\Archivos de programa\Veetle\Player\VeetleNet.exe" = C:\Archivos de programa\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
      "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
      "C:\Archivos de programa\JDownloader\jre\bin\javaw.exe" = C:\Archivos de programa\JDownloader\jre\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
      "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
      "C:\Archivos de programa\Winamp\winamp.exe" = C:\Archivos de programa\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
      "C:\Archivos de programa\SoulseekNS\slsk.exe" = C:\Archivos de programa\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
      "C:\Archivos de programa\uTorrent\uTorrent.exe" = C:\Archivos de programa\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
      "C:\Archivos de programa\Naver\LINE\Line.exe" = C:\Archivos de programa\Naver\LINE\Line.exe:*:Enabled:LineApp -- (NHN Japan)
      "C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
      "C:\Archivos de programa\Bonjour\mDNSResponder.exe" = C:\Archivos de programa\Bonjour\mDNSResponder.exe:*:Enabled:Servicio Bonjour -- (Apple Inc.)
      "C:\Archivos de programa\iTunes\iTunes.exe" = C:\Archivos de programa\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
      "C:\Archivos de programa\Veetle\Player\VeetleNet.exe" = C:\Archivos de programa\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()
      "C:\Archivos de programa\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Archivos de programa\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- ()


      ========== HKEY_LOCAL_MACHINE Uninstall List ==========

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes
      "{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
      "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
      "{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
      "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
      "{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
      "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
      "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
      "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
      "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Compatibilidad con Aplicaciones de Apple
      "{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
      "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
      "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
      "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
      "{90280C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional con FrontPage
      "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
      "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
      "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
      "{AC76BA86-7AD7-1034-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Español
      "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
      "{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
      "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.174
      "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
      "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
      "5513-1208-7298-9440" = JDownloader 0.9
      "AC3Filter_is1" = AC3Filter 2.6.0b
      "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
      "Argente Utilities_is1" = Argente Utilities 1.0.4.0
      "avast" = avast! Free Antivirus
      "CanoCraft CS-P 3.7" = Canon CanoCraft CS-P 3.7
      "CCleaner" = CCleaner
      "Configurador AEAT 1.15" = Configurador AEAT 1.15
      "Defraggler" = Defraggler
      "DivX Setup" = Instalación de DivX
      "ESET Online Scanner" = ESET Online Scanner v3
      "Frets on Fire" = Frets On Fire
      "Glary Utilities_is1" = Glary Utilities 2.55.0.1790
      "Google Chrome" = Google Chrome
      "LINE" = LINE
      "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versión 1.75.0.1300
      "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
      "Mozilla Firefox 24.0 (x86 es-ES)" = Mozilla Firefox 24.0 (x86 es-ES)
      "MozillaMaintenanceService" = Mozilla Maintenance Service
      "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
      "NVIDIA Drivers" = NVIDIA Drivers
      "Soulseek2" = SoulSeek 157 NS 13e
      "Update Engine" = Sony Ericsson Update Engine
      "Usbfix" = UsbFix By El Desaparecido
      "uTorrent" = µTorrent
      "Veetle TV" = Veetle TV
      "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
      "Winamp" = Winamp
      "Windows Media Format Runtime" = Windows Media Format 11 runtime
      "Windows XP Service Pack" = Windows XP Service Pack 3
      "WinRAR archiver" = WinRAR 4.20 (32-bit)
      "winusb0200" = Microsoft WinUsb 2.0
      "WMFDist11" = Windows Media Format 11 runtime
      "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

      ========== HKEY_USERS Uninstall List ==========

      [HKEY_USERS\S-1-5-21-776561741-343818398-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "uTorrent" = µTorrent
      "Winamp Detect" = Aplicación para detectar Winamp

      ========== Last 20 Event Log Errors ==========

      [ Application Events ]
      Error - 03/10/2013 11:39:41 | Computer Name = CASA-67F4DD5354 | Source = Application Hang | ID = 1002
      Description = Aplicación que no responde: rundll32.exe, versión 5.1.2600.5512, módulo
      que no responde hungapp, versión 0.0.0.0, dirección que no responde 0x00000000.

      Error - 04/10/2013 6:27:52 | Computer Name = CASA-67F4DD5354 | Source = WmiAdapter | ID = 4099
      Description = Error al abrir el servicio.

      Error - 06/10/2013 6:39:47 | Computer Name = CASA-67F4DD5354 | Source = PerfNet | ID = 2004
      Description = No se puede abrir el servicio Servidor. No se devolverán datos de rendimiento
      del servidor. El código de error devuelto está en los datos DWORD 0.

      [ System Events ]
      Error - 16/10/2013 14:36:09 | Computer Name = CASA-67F4DD5354 | Source = Disk | ID = 262151
      Description = El dispositivo, \Device\Harddisk0\D, tiene un bloque defectuoso.

      Error - 16/10/2013 14:36:13 | Computer Name = CASA-67F4DD5354 | Source = Disk | ID = 262151
      Description = El dispositivo, \Device\Harddisk0\D, tiene un bloque defectuoso.

      Error - 16/10/2013 14:36:17 | Computer Name = CASA-67F4DD5354 | Source = Disk | ID = 262151
      Description = El dispositivo, \Device\Harddisk0\D, tiene un bloque defectuoso.

      Error - 16/10/2013 14:36:21 | Computer Name = CASA-67F4DD5354 | Source = Disk | ID = 262151
      Description = El dispositivo, \Device\Harddisk0\D, tiene un bloque defectuoso.

      Error - 16/10/2013 14:36:36 | Computer Name = CASA-67F4DD5354 | Source = Disk | ID = 262151
      Description = El dispositivo, \Device\Harddisk0\D, tiene un bloque defectuoso.

      Error - 16/10/2013 14:36:40 | Computer Name = CASA-67F4DD5354 | Source = Disk | ID = 262151
      Description = El dispositivo, \Device\Harddisk0\D, tiene un bloque defectuoso.

      Error - 16/10/2013 14:36:45 | Computer Name = CASA-67F4DD5354 | Source = Disk | ID = 262151
      Description = El dispositivo, \Device\Harddisk0\D, tiene un bloque defectuoso.

      Error - 16/10/2013 14:36:50 | Computer Name = CASA-67F4DD5354 | Source = Disk | ID = 262151
      Description = El dispositivo, \Device\Harddisk0\D, tiene un bloque defectuoso.

      Error - 17/10/2013 3:32:19 | Computer Name = CASA-67F4DD5354 | Source = Tcpip | ID = 4191
      Description = IP no ha podido abrir la clave de registro para el adaptador TCPIP\Parameters\Adapters\NDISWANIP.
      Las
      interfaces en este adaptador no serán inicializadas.

      Error - 17/10/2013 3:32:28 | Computer Name = CASA-67F4DD5354 | Source = Service Control Manager | ID = 7000
      Description = El servicio vToolbarUpdater17.0.12 no pudo iniciarse debido al siguiente
      error: %%2


      < End of report >


      saludos

    8. #28
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: eliminar virus Win32: Agent - ARRQ[Trj]

      De acuerdo, de momento espera a que analice el problema y venga con una respuesta. Como podrás ver es un reporte muy extenso y me llevará su tiempo. Ahora tengo que salir y luego me pondré con él.

      Por Favor, en la medida de lo posible :

      • No descargues nada
      • No ejecutes otros programas de seguridad (antivirus, antimalware...)
      • No realices por tu cuenta otros procedimientos, hasta nuevo aviso.

    9. #29
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: eliminar virus Win32: Agent - ARRQ[Trj]

      Hola pinchaka

      Ejecuta OTL.exe


      Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación
      Código:
      :OTL
      SRV - (vToolbarUpdater17.0.12) -- C:\Archivos de programa\Archivos comunes\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe File not found
      SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
      DRV - (WDICA) -- File not found
      DRV - (PDRFRAME) -- File not found
      DRV - (PDRELI) -- File not found
      DRV - (PDFRAME) -- File not found
      DRV - (PDCOMP) -- File not found
      DRV - (PCIDump) -- File not found
      DRV - (lbrtfdc) -- File not found
      DRV - (i2omgmt) -- File not found
      DRV - (Changer) -- File not found
      DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies)
      IE - HKU\S-1-5-21-776561741-343818398-839522115-1003\..\SearchScopes\{DB34B6C5-FC3E-4C7E-8707-B44E249F4916}: "URL" = http://tuvaro.com/ws/?source=4c3f95e5&tbp=rbox&toolbarid=base&u=945414a9000000000000001a9259823c&q={searchTerms}
      FF - user.js - File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      [2013/05/23 19:55:38 | 000,001,407 | ---- | M] () -- C:\Documents and Settings\Pincho\Datos de programa\Mozilla\Firefox\Profiles\vfcifd3m.default\searchplugins\tuvaro.xml
      O33 - MountPoints2\{21dd611e-8b0b-11e2-b0cd-001a9259823c}\Shell - "" = AutoRun
      O33 - MountPoints2\{dcd7d32e-9c5b-11e2-b0f6-001a9259823c}\Shell - "" = AutoRun
      [1 C:\Documents and Settings\Pincho\Mis documentos\*.tmp files -> C:\Documents and Settings\Pincho\Mis documentos\*.tmp -> ]
      [2013/10/02 19:33:33 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
      [2013/10/02 19:36:10 | 000,003,731 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefoxavg-secure-search.xml
      [2013/09/24 10:37:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pincho\Configuración local\Datos de programa\avgchrome
      [2013/10/17 09:53:15 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
      :files
      ipconfig / flushdns /c
      ipconfig/ renew /c
      :commands
      [emptytemp]
      [emptyjava]
      [purity]
      [resethosts]
      [reboot]
      Presiona el Botón Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.

      Saludos.

    10. #30
      Usuario Avatar de pinchaka
      Registrado
      oct 2013
      Ubicación
      España
      Mensajes
      66

      Re: eliminar virus Win32: Agent - ARRQ[Trj]

      Hola.

      El ordenador sigue funcionando como antes. No he notado ninguna novedad por el momento.

      All processes killed
      ========== OTL ==========
      Service vToolbarUpdater17.0.12 stopped successfully!
      Service vToolbarUpdater17.0.12 deleted successfully!
      File C:\Archivos de programa\Archivos comunes\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe File not found not found.
      Service HidServ stopped successfully!
      Service HidServ deleted successfully!
      File %SystemRoot%\System32\hidserv.dll File not found not found.
      Service WDICA stopped successfully!
      Service WDICA deleted successfully!
      File File not found not found.
      Service PDRFRAME stopped successfully!
      Service PDRFRAME deleted successfully!
      File File not found not found.
      Service PDRELI stopped successfully!
      Service PDRELI deleted successfully!
      File File not found not found.
      Service PDFRAME stopped successfully!
      Service PDFRAME deleted successfully!
      File File not found not found.
      Service PDCOMP stopped successfully!
      Service PDCOMP deleted successfully!
      File File not found not found.
      Service PCIDump stopped successfully!
      Service PCIDump deleted successfully!
      File File not found not found.
      Service lbrtfdc stopped successfully!
      Service lbrtfdc deleted successfully!
      File File not found not found.
      Service i2omgmt stopped successfully!
      Service i2omgmt deleted successfully!
      File File not found not found.
      Service Changer stopped successfully!
      Service Changer deleted successfully!
      File File not found not found.
      Service avgtp stopped successfully!
      Service avgtp deleted successfully!
      C:\WINDOWS\system32\drivers\avgtpx86.sys moved successfully.
      Registry key HKEY_USERS\S-1-5-21-776561741-343818398-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{DB34B6C5-FC3E-4C7E-8707-B44E249F4916}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB34B6C5-FC3E-4C7E-8707-B44E249F4916}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
      C:\Documents and Settings\Pincho\Datos de programa\Mozilla\Firefox\Profiles\vfcifd3m.default\searchplugins\tuvaro.xml moved successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21dd611e-8b0b-11e2-b0cd-001a9259823c}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21dd611e-8b0b-11e2-b0cd-001a9259823c}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcd7d32e-9c5b-11e2-b0f6-001a9259823c}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dcd7d32e-9c5b-11e2-b0f6-001a9259823c}\ not found.
      C:\Documents and Settings\Pincho\Mis documentos\PDRMUSIC.TMP folder deleted successfully.
      File C:\WINDOWS\System32\drivers\avgtpx86.sys not found.
      C:\Archivos de programa\Mozilla Firefoxavg-secure-search.xml moved successfully.
      C:\Documents and Settings\Pincho\Configuración local\Datos de programa\avgchrome folder moved successfully.
      C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job moved successfully.
      ========== FILES ==========
      < ipconfig / flushdns /c >
      Error: línea de comandos desconocida o incompleta
      USO:
      ipconfig [/? | /all | /renew [adapter] | /release [adapter] |
      /flushdns | /displaydns | /registerdns |
      /showclassid adapter |
      /setclassid adapter [classid] ]
      donde
      adaptador nombre de conexión
      (se permiten caracteres comodines * y ?, vea los ejemplos)
      Opciones:
      /? muestra la ayuda
      /all muestra toda la información de configuración.
      /release libera la dirección IP para el adaptador específico.
      /renew renueva la dirección IP para el adaptador específico.
      /flushdns purga la caché de resolución de DNS.
      /registerdns actualiza todas las concesiones y vuelve a registrar los
      nombres DNS.
      /displaydns muestra el contenido de la caché de resolución DNS.
      /showclassid muestra todas las id. de clase dhcp permitidas para
      este adaptador.
      /setclassid modifica la id. de clase dhcp.
      De manera predeterminada se muestra solamente la dirección IP, la máscara de
      subred y la puerta de enlace para cada adaptador enlazado con TCP/IP.
      Para Release y Renew, si no hay ningún nombre de adaptador especificado, se liberan o renuevan las concesiones de dirección IP enlazadas con TCP/IP.
      Para Setclassid, si no hay ClassId especificada, se quita ClassId.
      Ejemplos:
      > ipconfig ... muestra información
      > ipconfig /all ... muestra información detallada
      > ipconfig /renew ... renueva todos los adaptadores
      > ipconfig /renew EL* ... renueva cualquier conexión cuyo nombre
      comience con EL
      > ipconfig /release *Con* ... libera todas las conexiones que coincidan
      por ejemplo:
      "Conexión de área local 1" o
      "Conexión de área local 2"
      C:\Documents and Settings\Pincho\Escritorio\cmd.bat deleted successfully.
      C:\Documents and Settings\Pincho\Escritorio\cmd.txt deleted successfully.
      < ipconfig/ renew /c >
      Error: línea de comandos desconocida o incompleta
      USO:
      ipconfig [/? | /all | /renew [adapter] | /release [adapter] |
      /flushdns | /displaydns | /registerdns |
      /showclassid adapter |
      /setclassid adapter [classid] ]
      donde
      adaptador nombre de conexión
      (se permiten caracteres comodines * y ?, vea los ejemplos)
      Opciones:
      /? muestra la ayuda
      /all muestra toda la información de configuración.
      /release libera la dirección IP para el adaptador específico.
      /renew renueva la dirección IP para el adaptador específico.
      /flushdns purga la caché de resolución de DNS.
      /registerdns actualiza todas las concesiones y vuelve a registrar los
      nombres DNS.
      /displaydns muestra el contenido de la caché de resolución DNS.
      /showclassid muestra todas las id. de clase dhcp permitidas para
      este adaptador.
      /setclassid modifica la id. de clase dhcp.
      De manera predeterminada se muestra solamente la dirección IP, la máscara de
      subred y la puerta de enlace para cada adaptador enlazado con TCP/IP.
      Para Release y Renew, si no hay ningún nombre de adaptador especificado, se liberan o renuevan las concesiones de dirección IP enlazadas con TCP/IP.
      Para Setclassid, si no hay ClassId especificada, se quita ClassId.
      Ejemplos:
      > ipconfig ... muestra información
      > ipconfig /all ... muestra información detallada
      > ipconfig /renew ... renueva todos los adaptadores
      > ipconfig /renew EL* ... renueva cualquier conexión cuyo nombre
      comience con EL
      > ipconfig /release *Con* ... libera todas las conexiones que coincidan
      por ejemplo:
      "Conexión de área local 1" o
      "Conexión de área local 2"
      C:\Documents and Settings\Pincho\Escritorio\cmd.bat deleted successfully.
      C:\Documents and Settings\Pincho\Escritorio\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYTEMP]

      User: All Users

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: LocalService
      ->Temp folder emptied: 66016 bytes
      ->Temporary Internet Files folder emptied: 36398 bytes

      User: Maguisa
      ->Temp folder emptied: 4223718 bytes
      ->Temporary Internet Files folder emptied: 1826154 bytes
      ->FireFox cache emptied: 372178091 bytes
      ->Google Chrome cache emptied: 819568 bytes
      ->Flash cache emptied: 5540 bytes

      User: NetworkService
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33237 bytes

      User: Pincho
      ->Temp folder emptied: 10122755 bytes
      ->Temporary Internet Files folder emptied: 150710 bytes
      ->FireFox cache emptied: 19742575 bytes
      ->Google Chrome cache emptied: 7905566 bytes
      ->Flash cache emptied: 492 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\dllcache .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 49152 bytes
      RecycleBin emptied: 46125 bytes

      Total Files Cleaned = 398,00 mb


      [EMPTYJAVA]

      User: All Users

      User: Default User

      User: LocalService

      User: Maguisa

      User: NetworkService

      User: Pincho

      Total Java Files Cleaned = 0,00 mb

      C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 10212013_094926

      Files\Folders moved on Reboot...
      File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...


      saludos.