Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat malware ?
Message
<blockquote data-quote="angustaver" data-source="post: 299245" data-attributes="member: 28868"><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2014 02</p><p>Ran by luis at 2014-11-14 11:53:38</p><p>Running from C:\Users\luis\Downloads</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}</p><p>AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)</p><p>Ashampoo Burning Studio 14 v.14.0.4 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.4 - Ashampoo GmbH & Co. KG)</p><p>CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)</p><p>Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)</p><p>FrostWire 5.7.6 (HKLM-x32\...\FrostWire 5) (Version: 5.7.6.1 - FrostWire LLC)</p><p>Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)</p><p>Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden</p><p>Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)</p><p>Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)</p><p>Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)</p><p>Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)</p><p>Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)</p><p>Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)</p><p>Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)</p><p>Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden</p><p>Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)</p><p>Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Mozilla Firefox 33.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 es-ES)) (Version: 33.0 - Mozilla)</p><p>Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)</p><p>Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)</p><p>VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)</p><p>WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)</p><p></p><p>==================== Custom CLSID (selected items): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)</p><p></p><p>CustomCLSID: HKU\S-1-5-21-595736791-2885461954-415833261-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)</p><p></p><p>==================== Restore Points =========================</p><p></p><p>11-11-2014 17:16:11 Instalación del paquete de controladores de dispositivo: COMODO Servicio de red</p><p>11-11-2014 18:44:03 Operación de restauración</p><p>11-11-2014 18:50:37 Intel® Driver Update Utility</p><p>11-11-2014 18:55:44 Windows Update</p><p>11-11-2014 19:11:12 Windows Update</p><p>13-11-2014 07:58:58 Removed F-Secure</p><p></p><p>==================== Hosts content: ==========================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts</p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)</p><p></p><p>Task: {04EAA662-259A-494D-9855-050106EBC7D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19] (Google Inc.)</p><p>Task: {AD10CD37-3975-4F32-9F36-8508562AD260} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19] (Google Inc.)</p><p>Task: {E15C3448-6A88-4CB3-B7D3-35068BC6F6CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13] (Adobe Systems Incorporated)</p><p>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p></p><p>==================== Loaded Modules (whitelisted) =============</p><p></p><p>2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll</p><p>2014-11-07 20:45 - 2014-11-07 20:45 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll</p><p>2014-09-18 20:14 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll</p><p>2014-09-18 20:11 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll</p><p></p><p>==================== Alternate Data Streams (whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)</p><p></p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p></p><p>==================== EXE Association (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)</p><p></p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items =========</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"</p><p></p><p>========================= Accounts: ==========================</p><p></p><p>Administrador (S-1-5-21-595736791-2885461954-415833261-500 - Administrator - Disabled)</p><p>Invitado (S-1-5-21-595736791-2885461954-415833261-501 - Limited - Disabled)</p><p>luis (S-1-5-21-595736791-2885461954-415833261-1000 - Administrator - Enabled) => C:\Users\luis</p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (11/11/2014 08:36:11 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Nombre de la aplicación con errores: igfxTray.exe, versión: 6.15.10.3958, marca de tiempo: 0x54256ce7</p><p>Nombre del módulo con errores: ole32.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7c92c</p><p>Código de excepción: 0xc0000005</p><p>Desplazamiento de errores: 0x0000000000171a03</p><p>Id. del proceso con errores: 0xdd0</p><p>Hora de inicio de la aplicación con errores: 0xigfxTray.exe0</p><p>Ruta de acceso de la aplicación con errores: igfxTray.exe1</p><p>Ruta de acceso del módulo con errores: igfxTray.exe2</p><p>Id. del informe: igfxTray.exe3</p><p></p><p>Error: (11/11/2014 10:37:02 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )</p><p>Description: 1 2014-11-11 10:37:02+02:00 LUIS-PC luis-PC\luis F-Secure Anti-Virus</p><p> Malicious code found in file C:\Users\luis\Desktop\Nuevo documento de texto.txt. </p><p> Infection: EICAR_Test_File </p><p> Action: The file was quarantined.</p><p></p><p>Error: (11/10/2014 10:42:20 AM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: Error al generar el contexto de activación para "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".</p><p>No se encontró el ensamblado dependiente Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195".</p><p>Use sxstrace.exe para obtener un diagnóstico detallado.</p><p></p><p>Error: (11/08/2014 10:22:31 PM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: Error al generar el contexto de activación para "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".</p><p>No se encontró el ensamblado dependiente Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195".</p><p>Use sxstrace.exe para obtener un diagnóstico detallado.</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (11/14/2014 08:29:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: El servicio ASUS System Control Service no pudo iniciarse debido al siguiente error: </p><p>%%2</p><p></p><p>Error: (11/14/2014 08:29:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: El servicio ASUS HM Com Service no pudo iniciarse debido al siguiente error: </p><p>%%2</p><p></p><p>Error: (11/14/2014 08:29:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: El servicio ASUS Com Service no pudo iniciarse debido al siguiente error: </p><p>%%2</p><p></p><p>Error: (11/13/2014 09:11:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: El servicio ASUS System Control Service no pudo iniciarse debido al siguiente error: </p><p>%%2</p><p></p><p>Error: (11/13/2014 09:11:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: El servicio ASUS HM Com Service no pudo iniciarse debido al siguiente error: </p><p>%%2</p><p></p><p>Error: (11/13/2014 09:11:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: El servicio ASUS Com Service no pudo iniciarse debido al siguiente error: </p><p>%%2</p><p></p><p>Error: (11/13/2014 10:33:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: El servicio ASUS System Control Service no pudo iniciarse debido al siguiente error: </p><p>%%2</p><p></p><p>Error: (11/13/2014 10:33:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: El servicio ASUS HM Com Service no pudo iniciarse debido al siguiente error: </p><p>%%2</p><p></p><p>Error: (11/13/2014 10:33:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: El servicio ASUS Com Service no pudo iniciarse debido al siguiente error: </p><p>%%2</p><p></p><p>Error: (11/13/2014 10:21:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: El servicio ASUS System Control Service no pudo iniciarse debido al siguiente error: </p><p>%%2</p><p></p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p>Error: (11/11/2014 08:36:11 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: igfxTray.exe6.15.10.395854256ce7ole32.dll6.1.7601.175144ce7c92cc00000050000000000171a03dd001cffde6b5166598C:\Windows\system32\igfxTray.exeC:\Windows\system32\ole32.dllfd2b4fc9-69d9-11e4-b51a-3085a99e3079</p><p></p><p>Error: (11/11/2014 10:37:02 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )</p><p>Description: 1 2014-11-11 10:37:02+02:00 LUIS-PC luis-PC\luis F-Secure Anti-Virus</p><p> Malicious code found in file C:\Users\luis\Desktop\Nuevo documento de texto.txt. </p><p> Infection: EICAR_Test_File </p><p> Action: The file was quarantined.</p><p></p><p>Error: (11/10/2014 10:42:20 AM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"c:\program files (x86)\F-Secure\apps\computersecurity\anti-virus\fscataloginfo.exe</p><p></p><p>Error: (11/08/2014 10:22:31 PM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"c:\program files (x86)\F-Secure\apps\computersecurity\anti-virus\fscataloginfo.exe</p><p></p><p></p><p>==================== Memory info =========================== </p><p></p><p>Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz</p><p>Percentage of memory in use: 20%</p><p>Total physical RAM: 7877.04 MB</p><p>Available physical RAM: 6294.26 MB</p><p>Total Pagefile: 15752.27 MB</p><p>Available Pagefile: 14000.54 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.79 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: () (Fixed) (Total:931.41 GB) (Free:828.74 GB) NTFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (Size: 931.5 GB) (Disk ID: BB00F019)</p><p>Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)</p><p>Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="angustaver, post: 299245, member: 28868"] Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2014 02 Ran by luis at 2014-11-14 11:53:38 Running from C:\Users\luis\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated) Ashampoo Burning Studio 14 v.14.0.4 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.4 - Ashampoo GmbH & Co. KG) CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) FrostWire 5.7.6 (HKLM-x32\...\FrostWire 5) (Version: 5.7.6.1 - FrostWire LLC) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 33.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 es-ES)) (Version: 33.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-595736791-2885461954-415833261-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 11-11-2014 17:16:11 Instalación del paquete de controladores de dispositivo: COMODO Servicio de red 11-11-2014 18:44:03 Operación de restauración 11-11-2014 18:50:37 Intel® Driver Update Utility 11-11-2014 18:55:44 Windows Update 11-11-2014 19:11:12 Windows Update 13-11-2014 07:58:58 Removed F-Secure ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {04EAA662-259A-494D-9855-050106EBC7D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19] (Google Inc.) Task: {AD10CD37-3975-4F32-9F36-8508562AD260} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19] (Google Inc.) Task: {E15C3448-6A88-4CB3-B7D3-35068BC6F6CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll 2014-11-07 20:45 - 2014-11-07 20:45 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll 2014-09-18 20:14 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2014-09-18 20:11 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ========================= Accounts: ========================== Administrador (S-1-5-21-595736791-2885461954-415833261-500 - Administrator - Disabled) Invitado (S-1-5-21-595736791-2885461954-415833261-501 - Limited - Disabled) luis (S-1-5-21-595736791-2885461954-415833261-1000 - Administrator - Enabled) => C:\Users\luis ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/11/2014 08:36:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: igfxTray.exe, versión: 6.15.10.3958, marca de tiempo: 0x54256ce7 Nombre del módulo con errores: ole32.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7c92c Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0000000000171a03 Id. del proceso con errores: 0xdd0 Hora de inicio de la aplicación con errores: 0xigfxTray.exe0 Ruta de acceso de la aplicación con errores: igfxTray.exe1 Ruta de acceso del módulo con errores: igfxTray.exe2 Id. del informe: igfxTray.exe3 Error: (11/11/2014 10:37:02 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: ) Description: 1 2014-11-11 10:37:02+02:00 LUIS-PC luis-PC\luis F-Secure Anti-Virus Malicious code found in file C:\Users\luis\Desktop\Nuevo documento de texto.txt. Infection: EICAR_Test_File Action: The file was quarantined. Error: (11/10/2014 10:42:20 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Error al generar el contexto de activación para "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". No se encontró el ensamblado dependiente Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Use sxstrace.exe para obtener un diagnóstico detallado. Error: (11/08/2014 10:22:31 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Error al generar el contexto de activación para "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". No se encontró el ensamblado dependiente Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Use sxstrace.exe para obtener un diagnóstico detallado. System errors: ============= Error: (11/14/2014 08:29:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ASUS System Control Service no pudo iniciarse debido al siguiente error: %%2 Error: (11/14/2014 08:29:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ASUS HM Com Service no pudo iniciarse debido al siguiente error: %%2 Error: (11/14/2014 08:29:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ASUS Com Service no pudo iniciarse debido al siguiente error: %%2 Error: (11/13/2014 09:11:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ASUS System Control Service no pudo iniciarse debido al siguiente error: %%2 Error: (11/13/2014 09:11:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ASUS HM Com Service no pudo iniciarse debido al siguiente error: %%2 Error: (11/13/2014 09:11:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ASUS Com Service no pudo iniciarse debido al siguiente error: %%2 Error: (11/13/2014 10:33:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ASUS System Control Service no pudo iniciarse debido al siguiente error: %%2 Error: (11/13/2014 10:33:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ASUS HM Com Service no pudo iniciarse debido al siguiente error: %%2 Error: (11/13/2014 10:33:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ASUS Com Service no pudo iniciarse debido al siguiente error: %%2 Error: (11/13/2014 10:21:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio ASUS System Control Service no pudo iniciarse debido al siguiente error: %%2 Microsoft Office Sessions: ========================= Error: (11/11/2014 08:36:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: igfxTray.exe6.15.10.395854256ce7ole32.dll6.1.7601.175144ce7c92cc00000050000000000171a03dd001cffde6b5166598C:\Windows\system32\igfxTray.exeC:\Windows\system32\ole32.dllfd2b4fc9-69d9-11e4-b51a-3085a99e3079 Error: (11/11/2014 10:37:02 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: ) Description: 1 2014-11-11 10:37:02+02:00 LUIS-PC luis-PC\luis F-Secure Anti-Virus Malicious code found in file C:\Users\luis\Desktop\Nuevo documento de texto.txt. Infection: EICAR_Test_File Action: The file was quarantined. Error: (11/10/2014 10:42:20 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"c:\program files (x86)\F-Secure\apps\computersecurity\anti-virus\fscataloginfo.exe Error: (11/08/2014 10:22:31 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"c:\program files (x86)\F-Secure\apps\computersecurity\anti-virus\fscataloginfo.exe ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz Percentage of memory in use: 20% Total physical RAM: 7877.04 MB Available physical RAM: 6294.26 MB Total Pagefile: 15752.27 MB Available Pagefile: 14000.54 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:828.74 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: BB00F019) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top