Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

STOP 0x07F or 0x050 When browsing the web [Solved]

0x07F 0x50 win32k.sys

  • This topic is locked This topic is locked

#1
Dr. Schnellinger (Again)

Dr. Schnellinger (Again)

    Member

  • Member
  • PipPip
  • 15 posts

Hello.

 

I'm having frequent BSODs when browsing the internet and only when browsing the internet.

 

At first I thought it was Google Chrome (ver. 48) so I migrated to Opera 36, and still getting stops.

 

It happens when I have 5 or more tabs open, and when it happens, the RAM is not full.

 

Then I thought it could be the GPU (NVIDIA GeForce 6200A-LE 512M), so I uninstalled it and went back to my crappy but error-proof FX5200 128M.

 

I tried swapping RAM modules and still getting stops. Right now these are the slots:

 

Slot 2: 2017-01-26 14_11_43-CPU-Z.png

 

Slot 1: 2017-01-26 14_11_20-CPU-Z.png

I've set the frequency to 166 on the BIOS.

 

I tried enabling/disabling memory tolerance feature on the BIOS and still getting stops.

 

I tested both modules (Together and separate) with MemTest86+ and no errors were found.

 

This never happened before, I mean, I've had other BSODs on the past but I've discovered the causes but this one... is driving me nuts.

 

My OS is Windows XP Professional 32-bit SP3.

CPU Pentium4 3.00GHz

RAM 2GB DDR

Mainboard ASRock P4VM8

AGP NVIDIA GeForce FX5200 128M

PCI Slot 1 None

PCI Slot 2 Envy24HF sound card

PCI Slot 3 NEC PCI to USB card


Edited by Dr. Schnellinger (Again), 26 January 2017 - 12:22 PM.

  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,961 posts

Glad to have you back. :)

 

Please download MiniToolBox and run it.

Checkmark following boxes:

  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size

Click Go and post the result.

 


  • 0

#3
Dr. Schnellinger (Again)

Dr. Schnellinger (Again)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

I ran the tool, here's the result:

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Dr. Schnellinger (administrator) on 26-01-2017 at 20:16:03
Running from "C:\Documents and Settings\Dr. Schnellinger\Mis documentos\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Model: P4VM8 Manufacturer: P4VM8
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
========================= IP Configuration: ================================
 
VIA Rhine II Fast Ethernet Adapter = LAN 47.86 (Media disconnected)
HUAWEI Mobile Connect - 3G Network Card = Conexión de área local 5 (Media disconnected)
 
 
# --------------------------------------------- 
# Configuración de la interfaz IP               
# --------------------------------------------- 
pushd interface ip
 
 
# Configuración de la interfaz IP para "LAN 47.86"
 
set address name="LAN 47.86" source=static addr=192.168.47.86 mask=255.255.255.0
set dns name="LAN 47.86" source=static addr=none register=PRIMARY
set wins name="LAN 47.86" source=static addr=none
 
# Configuración de la interfaz IP para "Conexión de área local 5"
 
set address name="Conexión de área local 5" source=dhcp 
set dns name="Conexión de área local 5" source=dhcp register=PRIMARY
set wins name="Conexión de área local 5" source=dhcp
 
 
popd
# Fin de la configuración de la interfaz IP
 
 
 
 
Configuración IP de Windows
 
 
 
        Nombre del host . . . . . . . . . : p4vm8
 
        Sufijo DNS principal  . . . . . . : 
 
        Tipo de nodo. . . . . . . . . . . : híbrido
 
        Enrutamiento habilitado. . . . . .: No
 
        Proxy WINS habilitado. . . . .    : No
 
 
 
Adaptador Ethernet LAN 47.86          :
 
 
 
        Estado de los medios. . . .: medios desconectados
 
        Descripción. . . . . . . . . . .  : VIA Rhine II Fast Ethernet Adapter
 
        Dirección física. . . . . . . . . : 00-0B-6A-D7-60-F4
 
 
 
Adaptador Ethernet Conexión de área local 5          :
 
 
 
        Estado de los medios. . . .: medios desconectados
 
        Descripción. . . . . . . . . . .  : HUAWEI Mobile Connect - 3G Network Card
 
        Dirección física. . . . . . . . . : 00-1E-10-1F-88-91
 
 
 
Adaptador PPP movistar internet               :
 
 
 
        Sufijo de conexión específica DNS : 
 
        Descripción. . . . . . . . . . .  : WAN (PPP/SLIP) Interface
 
        Dirección física. . . . . . . . . : 00-53-45-00-00-00
 
        DHCP habilitado. . . . . . . . .  : No
 
        Dirección IP. . . . . . . . . . . : 10.115.88.118
 
        Máscara de subred . . . . . . . . : 255.255.255.255
 
        Puerta de enlace predeterminada   : 10.115.88.118
 
        Servidores DNS . . . . . . . . . .: 200.35.65.3
 
                                            200.35.65.4
 
        Servidor WINS principal . . . . . : 10.11.12.13
 
        Servidor WINS secundario . . . .  : 10.11.12.14
 
Servidor:  dns1.telcel.net.ve
Address:  200.35.65.3
 
Nombre:  google.com
Addresses:  74.125.138.100, 74.125.138.138, 74.125.138.101, 74.125.138.102
 74.125.138.139, 74.125.138.113
 
 
 
Haciendo ping a google.com [74.125.138.100] con 32 bytes de datos:
 
 
 
Respuesta desde 74.125.138.100: bytes=32 tiempo=533ms TTL=38
 
Respuesta desde 74.125.138.100: bytes=32 tiempo=732ms TTL=38
 
 
 
Estad¡sticas de ping para 74.125.138.100:
 
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
 
    (0% perdidos),
 
Tiempos aproximados de ida y vuelta en milisegundos:
 
    M¡nimo = 533ms, M ximo = 732ms, Media = 632ms
 
Servidor:  dns1.telcel.net.ve
Address:  200.35.65.3
 
Nombre:  yahoo.com
Addresses:  98.138.253.109, 206.190.36.45, 98.139.183.24
 
 
 
Haciendo ping a yahoo.com [98.138.253.109] con 32 bytes de datos:
 
 
 
Respuesta desde 98.138.253.109: bytes=32 tiempo=933ms TTL=46
 
Respuesta desde 98.138.253.109: bytes=32 tiempo=462ms TTL=46
 
 
 
Estad¡sticas de ping para 98.138.253.109:
 
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
 
    (0% perdidos),
 
Tiempos aproximados de ida y vuelta en milisegundos:
 
    M¡nimo = 462ms, M ximo = 933ms, Media = 697ms
 
 
 
Haciendo ping a 127.0.0.1 con 32 bytes de datos:
 
 
 
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
 
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
 
 
 
Estad¡sticas de ping para 127.0.0.1:
 
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
 
    (0% perdidos),
 
Tiempos aproximados de ida y vuelta en milisegundos:
 
    M¡nimo = 0ms, M ximo = 0ms, Media = 0ms
 
===========================================================================
ILista de interfaces
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0b 6a d7 60 f4 ...... Adaptador Fast Ethernet compatible VIA - Minipuerto del administrador de paquetes
0x10004 ...00 1e 10 1f 88 91 ...... HUAWEI Mobile Connect - 3G Network Card - Minipuerto del administrador de paquetes
0x20005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Rutas activas:
Destino de red        M scara de red   Puerta de acceso   Interfaz  M‚trica
          0.0.0.0          0.0.0.0    10.115.88.118   10.115.88.118  1
    10.115.88.118  255.255.255.255        127.0.0.1       127.0.0.1  50
   10.255.255.255  255.255.255.255    10.115.88.118   10.115.88.118  50
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
        224.0.0.0        240.0.0.0    10.115.88.118   10.115.88.118  1
  255.255.255.255  255.255.255.255    10.115.88.118               2  1
  255.255.255.255  255.255.255.255    10.115.88.118   10.115.88.118  1
  255.255.255.255  255.255.255.255    10.115.88.118           10004  1
Puerta de enlace predeterminada:     10.115.88.118
===========================================================================
Rutas persistentes:
  ninguno
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [248320] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/25/2017 04:50:27 AM) (Source: LoadPerf) (User: )
Description: El valor de la cadena de nombre de contador de rendimiento en el registro
tiene un formato incorrecto. La cadena incorrecta es 4354, el valor de
índice incorrecto es el primer valor DWORD en la sección de datos mientras
que los últimos valores de índice correctos son el segundo y tercer valor
DWORD en la sección de datos.
 
Error: (01/25/2017 04:50:24 AM) (Source: LoadPerf) (User: )
Description: Error al descargar las cadenas de los contadores de rendimiento para el servicio WmiApRpl (WmiApRpl). El código de error es la primera sección de Datos en DWORD.
 
Error: (01/25/2017 04:50:24 AM) (Source: LoadPerf) (User: )
Description: El valor de la cadena de nombre de contador de rendimiento en el registro
tiene un formato incorrecto. La cadena incorrecta es 4354, el valor de
índice incorrecto es el primer valor DWORD en la sección de datos mientras
que los últimos valores de índice correctos son el segundo y tercer valor
DWORD en la sección de datos.
 
Error: (01/25/2017 04:50:24 AM) (Source: LoadPerf) (User: )
Description: El valor de la cadena de nombre de contador de rendimiento en el registro
tiene un formato incorrecto. La cadena incorrecta es 4354, el valor de
índice incorrecto es el primer valor DWORD en la sección de datos mientras
que los últimos valores de índice correctos son el segundo y tercer valor
DWORD en la sección de datos.
 
Error: (01/24/2017 02:01:06 PM) (Source: Application Error) (User: )
Description: Aplicación con errores: , versión: 0.0.0.0, módulo con error: unknown, versión 0.0.0.0, dirección de error 0x00000000.
Procesando suceso específico de medio para [!ws!]
 
Error: (01/20/2017 08:07:54 PM) (Source: Application Error) (User: )
Description: Aplicación con errores: explorer.exe, versión: 6.0.2900.5512, módulo con error: unknown, versión 0.0.0.0, dirección de error 0x0fc08500.
Procesando suceso específico de medio para [explorer.exe!ws!]
 
Error: (01/20/2017 07:46:03 AM) (Source: Application Error) (User: )
Description: Aplicación con errores: anim8or.exe, versión: 0.9.5.0, módulo con error: unknown, versión 0.0.0.0, dirección de error 0x665f5345.
Procesando suceso específico de medio para [anim8or.exe!ws!]
 
Error: (01/20/2017 07:12:26 AM) (Source: Application Error) (User: )
Description: Aplicación con errores: fpscreator.exe, versión: 1.0.0.1, módulo con error: fpscreator.exe, versión 1.0.0.1, dirección de error 0x0003c5fb.
Procesando suceso específico de medio para [fpscreator.exe!ws!]
 
Error: (01/18/2017 06:43:24 PM) (Source: Application Error) (User: )
Description: Aplicación con errores: registry repair.exe, versión: 3.3.0.852, módulo con error: kernel32.dll, versión 5.1.2600.5512, dirección de error 0x00012aeb.
Procesando suceso específico de medio para [registry repair.exe!ws!]
 
Error: (01/18/2017 12:11:00 AM) (Source: MsiInstaller) (User: P4VM8)
Description: Product: Platform -- 1: This installation can not be run by directly launching the MSI package; you must run setup.exe.
 
 
System errors:
=============
Error: (01/26/2017 10:29:34 AM) (Source: DCOM) (User: P4VM8)
Description: El servidor {B1A429DB-FB06-4645-B7C0-0CC405EAD3CD} no se registró con DCOM dentro del tiempo de espera requerido.
 
Error: (01/26/2017 09:33:03 AM) (Source: 0) (User: )
Description: \Device\Harddisk2\D
 
Error: (01/24/2017 02:16:22 PM) (Source: 0) (User: )
Description: C:
 
Error: (01/24/2017 02:01:06 PM) (Source: 0) (User: )
Description: \Device\Harddisk1\D
 
Error: (01/24/2017 02:01:06 PM) (Source: 0) (User: )
Description: \Device\Harddisk1\D
 
Error: (01/24/2017 02:01:06 PM) (Source: 0) (User: )
Description: \Device\Harddisk1\D
 
Error: (01/24/2017 02:01:06 PM) (Source: 0) (User: )
Description: \Device\Harddisk1\D
 
Error: (01/24/2017 02:01:06 PM) (Source: 0) (User: )
Description: \Device\Harddisk1\D
 
Error: (01/24/2017 02:01:06 PM) (Source: 0) (User: )
Description: \Device\Harddisk1\D
 
Error: (01/24/2017 02:01:06 PM) (Source: 0) (User: )
Description: \Device\Harddisk1\D
 
 
Microsoft Office Sessions:
=========================
Error: (01/25/2017 04:50:27 AM) (Source: LoadPerf)(User: )
Description: 4354
 
Error: (01/25/2017 04:50:24 AM) (Source: LoadPerf)(User: )
Description: WmiApRplWmiApRpl
 
Error: (01/25/2017 04:50:24 AM) (Source: LoadPerf)(User: )
Description: 4354
 
Error: (01/25/2017 04:50:24 AM) (Source: LoadPerf)(User: )
Description: 4354
 
Error: (01/24/2017 02:01:06 PM) (Source: Application Error)(User: )
Description: 0.0.0.0unknown0.0.0.000000000
 
Error: (01/20/2017 08:07:54 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512unknown0.0.0.00fc08500
 
Error: (01/20/2017 07:46:03 AM) (Source: Application Error)(User: )
Description: anim8or.exe0.9.5.0unknown0.0.0.0665f5345
 
Error: (01/20/2017 07:12:26 AM) (Source: Application Error)(User: )
Description: fpscreator.exe1.0.0.1fpscreator.exe1.0.0.10003c5fb
 
Error: (01/18/2017 06:43:24 PM) (Source: Application Error)(User: )
Description: registry repair.exe3.3.0.852kernel32.dll5.1.2600.551200012aeb
 
Error: (01/18/2017 12:11:00 AM) (Source: MsiInstaller)(User: P4VM8)
Description: Product: Platform -- 1: This installation can not be run by directly launching the MSI package; you must run setup.exe. (NULL)(NULL)(NULL)
 
 
=========================== Installed Programs ============================
 
3D Box Shot Maker - freeware v1.0 (HKLM\...\3D Box Shot Maker - freeware v1.0) (Version: 1.0 - BossEye Inc.)
3DAce 2.72 EN (HKCU\...\3DAce 2.72 EN) (Version:  - )
6.25 (HKLM\...\{79D592A0-B75B-4E02-B5A9-FA40999C5FD2}_is1) (Version: 6.25 - )
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Audition 1.5 (HKLM\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Reader 9.1 - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Advanced Batch Image Converter x86 (HKLM\...\ABIC64) (Version: 1.2.2 - Roman Hiestand)
AIMP2 (HKLM\...\AIMP2) (Version:  - )
AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1470, 16.01.2015 - AIMP DevTeam)
Analizador de MSXML 6.0 (HKLM\...\{624810C7-02AA-4964-8A2F-AA07251259BF}) (Version: 6.00.3883.15 - Microsoft Corporation)
Battlefield 2™ (HKLM\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Calculator Powertoy for Windows XP (HKLM\...\{B37C842A-B624-46B8-A727-654E72F1C91A}) (Version: 1.00.0001 - Microsoft Corporation)
Camtasia Studio 7 (HKLM\...\{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}) (Version: 7.1.0 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CharacterFX (remove only) (HKLM\...\CharacterFX) (Version:  - )
Cheat Engine 6.5.1 (HKLM\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
C-Media 3D Audio (HKLM\...\C-Media Audio) (Version:  - )
CopperCube 5.4 (remove only) (HKLM\...\CopperCube 5.4) (Version:  - Ambiera)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
DeleD 3D Editor 2.45 CE (HKLM\...\DeleD 3D Editor_is1) (Version: 2.45 - Delgine)
Eassos PartitionGuru 4.7.1 (HKLM\...\{FC4FF5F4-2265-4E18-8BBC-12CBA9794388}_is1) (Version:  - Eassos Co., Ltd.)
Escritorio movistar Latam (HKLM\...\movistarLATAM) (Version:  - Escritorio movistar Latam)
FateItemCreator (HKLM\...\ST6UNST #1) (Version:  - )
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Free Hide IP (HKLM\...\FreeHideIP) (Version: 4.0.7.2 - )
FSX_Screensaver (HKLM\...\FSX_Screensaver) (Version:  - )
Google Chrome versión 48.0.2564.103 (HKLM\...\{CA40478A-838B-4CF5-8DC1-5E89C491BB42}_is1) (Version: 48.0.2564.103 - Google, Inc.)
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
HUAWEI DataCard Driver 4.05.00.00 (HKLM\...\HUAWEI DataCard Driver) (Version: 4.05.00.00 - Huawei technologies Co., Ltd.)
Image Resizer Powertoy for Windows XP (HKLM\...\{1CB92574-96F2-467B-B793-5CEB35C40C29}) (Version: 1.00.0001 - Microsoft Corporation)
Inno Setup versión 5.5.9 (HKLM\...\Inno Setup 5_is1) (Version: 5.5.9 - jrsoftware.org)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
ISO Recorder (HKLM\...\{0F6A7971-0F11-4A79-A0E9-133D0963A570}) (Version: 1.0.0 - Alex Feinman)
Java 7 Update 7 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
K-Lite Mega Codec Pack 12.8.0 (HKLM\...\KLiteCodecPack_is1) (Version: 12.8.0 - KLCP)
L&H TTS3000 Español (HKLM\...\LHTTSSPE) (Version:  - )
Los Sims 2 (HKLM\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
Los Sims 2 Universitarios (HKLM\...\{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}) (Version:  - )
Microangelo Toolset 6 (HKLM\...\{71414EC2-0684-4A15-A85A-E0E259D117AF}) (Version: 6.10.8 - Eclipsit)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Labs Ribbon Hero 2, Clippy's Second Chance (HKLM\...\{EB933DE5-A25D-48F5-8CB2-A43E47CF761E}) (Version: 2.1.615.0 - Microsoft Office Labs)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft RAW Image Thumbnailer and Viewer for Windows XP (HKLM\...\{B94AA0EE-8F75-4773-A25C-E986D94134B2}) (Version: 01.00.0309.00 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60831.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{09C0A8D5-EEC1-369D-8C7A-2E2DD17DCA5E}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{e6edaf4d-f9a1-4023-be00-d6189343feb9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{246dcb72-b18c-4ab9-9de9-8a996296b01d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 5.2 (HKLM\...\{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1) (Version:  - MiniTool Solution Ltd.)
mIRC (HKLM\...\mIRC) (Version: 6.2 - mIRC Co. Ltd.)
Moorhuhn Kart 2 (HKLM\...\{80C999A1-A94C-44AA-AF44-C85026F690B1}) (Version: 1.00.0000 - )
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Notepad++ (HKLM\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
NSO Deadline Mod (HKCU\...\NSO Deadline Mod) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA PhysX v8.10.29 (HKLM\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
Opera Stable 36.0.2130.80 (HKLM\...\Opera 36.0.2130.80) (Version: 36.0.2130.80 - Opera Software)
Panda Devices Agent (HKLM\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Free Antivirus (HKLM\...\{62692A64-8661-4040-AC6C-F24E48393E20}) (Version: 8.31.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM\...\Panda Universal Agent Endpoint) (Version: 17.00.01.0000 - Panda Security)
Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.1 - VIA Technologies, Inc.) Hidden
Process Explorer XP versión 16.05 (HKLM\...\{F1C768B9-5F6D-428C-856F-DC7B3AF085F2}_is1) (Version: 16.05 - Dr. Schnellinger)
Real Horror Stories (HKLM\...\Real Horror Stories_is1) (Version:  - BlizzBoyGames - http://www.blizzboygames.net)
RealityFactory (HKLM\...\RealityFactory) (Version:  - )
RealWorld Icon Editor (HKLM\...\{3143DA02-D491-4C34-B7D2-0F9EA76486CB}) (Version: 8.1.0 - RealWorld Graphics)
Reproductor de Windows Media 11 (HKLM\...\Windows Media Player) (Version:  - )
resident evil 4 (HKLM\...\{DFFCDB41-C2DA-47D6-96FF-03C05C0BEA22}) (Version: 1.00.0000 - CAPCOM)
Resource Hacker Version 3.6.0 (HKLM\...\ResourceHacker_is1) (Version:  - )
Revo Uninstaller Pro 2.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.2.3 - VS Revo Group, Ltd.)
S3GSetup (HKLM\...\{2B43252C-A1E3-4C47-927C-9F2C276D3515}) (Version: 2.00.07.0709 - S3 Graphics) Hidden
Sanny Builder 3.2.2 (HKLM\...\Sanny Builder 3_is1) (Version:  - )
Send To Toys v2.71 (HKLM\...\Send To Toys_is1) (Version:  - Gabriele Ponti)
SharpKeys (HKLM\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Simple Sticky Notes 3.4 (HKLM\...\Simple Sticky Notes_is1) (Version:  - Simnet Ltd.)
Slideshow Generator Powertoy for Windows XP (HKLM\...\{C39DE425-6CCF-4B12-A101-3CB5CF3AF3AD}) (Version: 1.00.0001 - Microsoft Corporation)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Theme Park World Fix (HKLM\...\{42082D6A-7C60-4CD9-B6FC-81E6F1FA96EF}) (Version: 1.0.0 - Adam Hearn)
TorchED (HKLM\...\Runic Games TorchED) (Version: 1.0.68.226 - )
Tweak UI (HKLM\...\Tweak UI 2.10) (Version:  - )
UltraISO Premium V9.33 (HKLM\...\UltraISO_is1) (Version:  - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
USB PnP Sound Device (HKLM\...\Generic USB 108 Sound) (Version:  - )
VIA Administrador de dispositivos de plataforma (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.1 - VIA Technologies, Inc.)
VIA/S3G Display Driver (HKLM\...\VIA/S3G UniChrome Family Win2K/XP Display) (Version:  - )
VibrateGameDeviceDriver (HKLM\...\{DBB7F606-0C13-4182-AD7F-427A4773580E}) (Version: 4.0.09.1130 - Nombre de su organizacion)
WebFldrs XP (HKLM\...\{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
WinRAR versión 3.93 (HKLM\...\{BFE3098C-00B0-4657-8576-901914123AED}_is1) (Version: 3.93 - Dr. Schnellinger)
WinUHA 2.0 RC1 (2005.02.27) (HKLM\...\WinUHA_is1) (Version:  - Klaimsoft)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 39%
Total physical RAM: 2047.23 MB
Available physical RAM: 1231.13 MB
Total Virtual: 1897.61 MB
Available Virtual: 1149.27 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Saschendorf) (Fixed) (Total:149.03 GB) (Free:70.3 GB) NTFS
2 Drive d: (HBCD 15.2) (CDROM) (Total:4.32 GB) (Free:0 GB) CDFS
3 Drive e: (ClusterX) (Fixed) (Total:74.53 GB) (Free:6.83 GB) NTFS
4 Drive f: (Lorelai 512B) (Fixed) (Total:19.14 GB) (Free:0.19 GB) NTFS
5 Drive g: (Dodge Ram) (Removable) (Total:3.77 GB) (Free:1.61 GB) NTFS
6 Drive h: (Sims2EP1_1) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS
8 Drive n: (HBCD 15.2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
Cuentas de usuario de \\P4VM8
 
Administrador            Asistente de ayuda       ASPNET                   
Dr. Schnellinger         Invitado                 SUPPORT_388945a0         
Se ha completado el comando correctamente.
 
 
**** End of log ****
 

  • 0

#4
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,961 posts

Does that computer has the Recovery Console installed? There seems to be some hardware issues on the disk. If it does, bring the computer to the Recovery Console's Command prompt. At the prompt type the following and press Enter:

 

CHKDSK /R

 

It may take some time to complete. Let me know the outcome.

 

I am moving this topic to the malware forum to be able to run other tools.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another log (Addition.txt ). Please attach this to your reply.

 

 


  • 0

#5
Dr. Schnellinger (Again)

Dr. Schnellinger (Again)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

I haven't done the CHKDSK /R thing yet, it requires reboot and pressing R while booting, right?

 

Here's the FRST.txt file content:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-01-2017
Ran by Dr. Schnellinger (administrator) on P4VM8 (27-01-2017 00:50:59)
Running from C:\Documents and Settings\Dr. Schnellinger\Configuración local\Temp\scoped_dir3196_7368
Loaded Profiles: Dr. Schnellinger (Available Profiles: Dr. Schnellinger)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: Español (alfabetización internacional)
Internet Explorer Version 6 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() C:\WINDOWS\system32\srvany.exe
() C:\WINDOWS\KMService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) C:\Archivos de programa\Archivos comunes\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Panda Security, S.L.) C:\Archivos de programa\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Archivos de programa\Panda Security\Panda Security Protection\PSUAService.exe
(Telefónica I+D) C:\Archivos de programa\movistar\Escritorio movistar Latam\ImpWiFiSvc.exe
(Panda Security, S.L.) C:\Archivos de programa\Panda Security\Panda Security Protection\PSANHost.exe
() C:\Archivos de programa\D3DOverrider\D3DOverrider.exe
() C:\Archivos de programa\Unlocker\UnlockerAssistant.exe
(Piriform Ltd) C:\Archivos de programa\CCleaner\CCleaner.exe
(Sysinternals - www.sysinternals.com) C:\Archivos de programa\Process Explorer XP\procexp.exe
(Simnet Ltd.                                                 ) C:\Archivos de programa\Simnet\Simple Sticky Notes\ssn.exe
((Nenad Hrg) SoftwareOK) C:\Unload\ProcessKO.exe
(Greenshot) C:\Archivos de programa\Greenshot\Greenshot.exe
(TeamNoc32) C:\Archivos de programa\Internet Download Manager\IDMan.exe
(Beepa P/L) C:\Unload\Fraps 3.5.9\fraps.exe
(Tonec Inc.) C:\Archivos de programa\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Opera Software) C:\Archivos de programa\Opera\36.0.2130.80\opera.exe
(Opera Software) C:\Archivos de programa\Opera\36.0.2130.80\opera_crashreporter.exe
(Opera Software) C:\Archivos de programa\Opera\36.0.2130.80\opera.exe
(Opera Software) C:\Archivos de programa\Opera\36.0.2130.80\opera.exe
(FreeHideIP.Com) C:\Archivos de programa\FreeHideIP\FreeHideIP.exe
(Mozilla Corporation) F:\Tor Browser\Browser\firefox.exe
() F:\Tor Browser\Browser\TorBrowser\Tor\tor.exe
(Telefónica I+D) C:\Archivos de programa\movistar\Escritorio movistar Latam\EMMSN.exe
(Telefónica I+D) C:\Archivos de programa\movistar\Nori\Nori.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Opera Software) C:\Archivos de programa\Opera\36.0.2130.80\opera.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [D3DOverrider] => C:\Archivos de programa\D3DOverrider\D3DOverrider.exe [102400 2009-08-22] ()
HKLM\...\Run: [UnlockerAssistant] => C:\Archivos de programa\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKU\S-1-5-19\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Run: [CCleaner Monitoring] => C:\Archivos de programa\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Run: [DAEMON Tools Pro Agent] => C:\Archivos de programa\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Run: [Process Explorer] => "C:\ARCHIVOS DE PROGRAMA\PROCESS EXPLORER XP\PROCEXP.EXE" /t
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Run: [Simple Sticky Notes] => C:\Archivos de programa\Simnet\Simple Sticky Notes\ssn.exe [685064 2016-04-30] (Simnet Ltd.                                                 )
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Run: [ProcessKO] => C:\Unload\ProcessKO.exe [159744 2016-11-14] ((Nenad Hrg) SoftwareOK)
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Run: [Greenshot] => C:\Archivos de programa\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot)
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Run: [IDMan] => C:\Archivos de programa\Internet Download Manager\IDMan.exe [3903056 2015-10-16] (TeamNoc32)
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Run: [Fraps] => C:\UNLOAD\FRAPS 3.5.9\FRAPS.EXE [2550968 2012-08-30] (Beepa P/L)
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
IFEO\taskmgr.exe: [Debugger] "C:\ARCHIVOS DE PROGRAMA\PROCESS EXPLORER XP\PROCEXP.EXE"
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Archivos de programa\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{1BA85122-279D-4966-BEDA-4D2780A0E5F4}: [NameServer] 200.35.65.3 200.35.65.4
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-1409082233-308236825-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-1409082233-308236825-1606980848-1003 - Hook de búsqueda de direcciones URL de Microsoft - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Archivos de programa\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Archivos de programa\Java\jre7\bin\ssv.dll [2016-12-24] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll [2016-12-24] (Oracle Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll [2009-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-12-24] [not signed]
FF HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\SeaMonkey\Extensions: [[email protected]] - C:\Documents and Settings\Dr. Schnellinger\Datos de programa\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Documents and Settings\Dr. Schnellinger\Datos de programa\IDM\idmmzcc5 [2017-01-26] [not signed]
FF HKU\S-1-5-21-1409082233-308236825-1606980848-1003\...\SeaMonkey\Extensions: [[email protected]] - C:\Archivos de programa\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Archivos de programa\Internet Download Manager\idmmzcc2.xpi [2015-10-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-12-25] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2016-12-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Archivos de programa\Java\jre7\bin\plugin2\npjp2.dll [2016-12-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Archivos de programa\Microsoft Silverlight\4.0.60831.0\npctrl.dll [2011-08-30] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\ARCHIV~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\ARCHIV~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Google\Chrome\User Data\Default [2017-01-26]
CHR Extension: (Google Docs) - C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-24]
CHR Extension: (Google Drive) - C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-24]
CHR Extension: (YouTube) - C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-24]
CHR Extension: (Búsqueda de Google) - C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-12-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-24]
CHR Extension: (IDM Integration Module) - C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-01-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-24]
CHR Extension: (Gmail) - C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-24]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Archivos de programa\Internet Download Manager\IDMGCExt.crx [2017-01-24]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 JavaQuickStarterService; C:\Archivos de programa\Java\jre7\bin\jqs.exe [161768 2016-12-24] (Oracle Corporation)
R2 KMService; C:\WINDOWS\system32\srvany.exe [8192 2016-12-25] () [File not signed]
S3 Macromedia Licensing Service; C:\Archivos de programa\Archivos comunes\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2017-01-07] () [File not signed]
R2 NanoServiceMain; C:\Archivos de programa\Panda Security\Panda Security Protection\PSANHost.exe [153096 2016-08-04] (Panda Security, S.L.)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [143436 2006-03-09] (NVIDIA Corporation) [File not signed]
S3 ose; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
R2 osppsvc; C:\Archivos de programa\Archivos comunes\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation)
R2 PandaAgent; C:\Archivos de programa\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
R2 PSUAService; C:\Archivos de programa\Panda Security\Panda Security Protection\PSUAService.exe [48584 2016-08-04] (Panda Security, S.L.)
R2 TGCM_ImportWiFiSvc; C:\Archivos de programa\movistar\Escritorio movistar Latam\ImpWiFiSvc.exe [194048 2010-03-08] (Telefónica I+D) [File not signed]
S3 WMPNetworkSvc; C:\Archivos de programa\Windows Media Player\WMPNetwk.exe [916480 2006-11-03] (Microsoft Corporation)
S4 wuauserv; %systemroot%\system32\wuauserv.dll [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 cmuda; C:\WINDOWS\System32\drivers\cmuda.sys [821760 2004-08-23] (C-Media Inc)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2016-12-24] (DT Soft Ltd)
R3 DynCal; C:\WINDOWS\System32\drivers\Dyncal.sys [12928 2007-11-07] (Padix Co., Ltd) [File not signed]
R3 Envy24HFS; C:\WINDOWS\System32\drivers\Envy24HF.sys [690992 2010-07-05] (VIA - IC Ensemble, Inc.)
S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc.              )
R3 FETNDISB; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [41984 2003-11-11] (VIA Technologies, Inc.              )
R3 Huawei; C:\WINDOWS\System32\DRIVERS\ewdcsc.sys [24448 2007-08-08] (Huawei Tech. Co., Ltd.)
R1 IDMTDI; C:\WINDOWS\System32\DRIVERS\idmtdi.sys [128528 2015-06-11] (Tonec Inc.)
S3 MYFAULT; C:\WINDOWS\system32\drivers\myfault.sys [23712 2017-01-10] (Sysinternals)
R1 NNSALPC; C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys [87032 2015-12-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\System32\DRIVERS\NNSHttp.sys [202104 2015-12-04] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\System32\DRIVERS\NNSHttps.sys [109688 2015-12-04] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\System32\DRIVERS\NNSIds.sys [121720 2015-12-04] (Panda Security, S.L.)
R3 NNSNAHS; C:\WINDOWS\System32\DRIVERS\NNSNAHS.sys [46480 2015-04-27] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\System32\DRIVERS\NNSPicc.sys [102392 2015-12-04] (Panda Security, S.L.)
R1 NNSPIHS; C:\WINDOWS\System32\DRIVERS\NNSPihs.sys [52088 2015-12-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\System32\DRIVERS\NNSPop3.sys [120568 2015-12-04] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\System32\DRIVERS\NNSProt.sys [281720 2015-12-04] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\System32\DRIVERS\NNSPrv.sys [216208 2016-02-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys [108408 2015-12-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\System32\DRIVERS\NNSStrm.sys [247568 2016-02-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys [94968 2015-12-04] (Panda Security, S.L.)
S3 NTSIM; C:\WINDOWS\system32\ntsim.sys [7040 2003-07-17] (VIA Networking Technologies, Inc.       ) [File not signed]
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [3650368 2006-03-09] (NVIDIA Corporation) [File not signed]
R3 ousb2hub; C:\WINDOWS\System32\DRIVERS\ousb2hub.sys [55936 2004-08-01] (OrangeWare Corporation) [File not signed]
R2 ousbehci; C:\WINDOWS\System32\Drivers\ousbehci.sys [44928 2004-08-01] (OrangeWare Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) [File not signed]
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [148496 2016-08-04] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [109456 2016-08-04] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\System32\DRIVERS\psinknc.sys [180112 2016-08-04] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [121872 2016-08-04] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [133520 2016-08-04] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\System32\DRIVERS\PSINReg.sys [107920 2016-08-04] (Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [58288 2016-08-08] (Panda Security, S.L.)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [16472 2010-08-16] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [11104 2010-08-16] ()
R1 tidnet; C:\WINDOWS\System32\DRIVERS\tidnet.sys [19200 2010-03-03] (Telefónica I+D) [File not signed]
R3 USBPNPA; C:\WINDOWS\System32\drivers\CM108.sys [1511936 2011-04-29] (C-Media Electronics Inc)
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.)
S3 viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [172416 2005-02-16] (Copyright © VIA/S3 Graphics Co, Ltd.)
R0 viamraid; C:\WINDOWS\System32\DRIVERS\viamraid.sys [73600 2004-03-29] (VIA Technologies inc,.ltd) [File not signed]
S4 IntelIde; no ImagePath
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [225664 2008-04-14] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Archivos de programa\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-27 00:50 - 2017-01-27 00:50 - 00000000 ____D C:\FRST
2017-01-26 22:06 - 2017-01-26 22:07 - 00000038 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\Google sin auto completar.txt
2017-01-26 20:03 - 2016-08-08 05:00 - 00058288 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2017-01-26 11:32 - 2017-01-26 11:32 - 00000766 _____ C:\Documents and Settings\All Users\Escritorio\Free Hide IP.lnk
2017-01-26 11:32 - 2017-01-26 11:32 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\FreeHideIP
2017-01-26 11:32 - 2017-01-26 11:32 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Free Hide IP
2017-01-26 11:32 - 2017-01-26 11:32 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\FreeHideIP
2017-01-26 11:32 - 2017-01-26 11:32 - 00000000 ____D C:\Archivos de programa\FreeHideIP
2017-01-25 10:49 - 2010-07-05 18:21 - 00260768 ____R ( ) C:\WINDOWS\system32\A3D.dll
2017-01-25 10:34 - 2017-01-26 21:38 - 00050257 _____ C:\WINDOWS\system32\nvapps.xml
2017-01-25 10:34 - 2017-01-25 10:37 - 00000000 ____D C:\WINDOWS\nview
2017-01-25 10:34 - 2006-03-09 15:29 - 00180224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvudisp.exe
2017-01-25 10:34 - 2006-03-09 15:29 - 00016960 _____ C:\WINDOWS\system32\nvdisp.nvu
2017-01-25 10:33 - 2017-01-25 10:33 - 00000000 ____D C:\NVIDIA
2017-01-25 10:33 - 2006-03-09 17:59 - 00180224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVUNINST.EXE
2017-01-25 10:31 - 2006-03-09 15:29 - 03968512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv4_disp.dll
2017-01-25 10:31 - 2006-03-09 15:29 - 03650368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nv4_mini.sys
2017-01-25 10:30 - 2017-01-25 10:30 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2017-01-25 10:30 - 2017-01-25 10:30 - 00000552 _____ C:\WINDOWS\system32\d3d8caps.dat
2017-01-25 05:00 - 2017-01-27 00:08 - 00008942 _____ C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2017-01-25 04:59 - 2010-04-09 03:24 - 00069504 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2017-01-25 04:59 - 2010-04-09 03:24 - 00063616 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2017-01-25 04:59 - 2010-04-09 03:24 - 00046336 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2017-01-25 04:59 - 2010-04-09 03:24 - 00025088 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2017-01-25 04:59 - 2010-03-24 22:08 - 00105728 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2017-01-25 04:59 - 2010-03-20 00:06 - 00011136 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2017-01-25 04:59 - 2010-03-19 23:56 - 00101504 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2017-01-25 04:59 - 2010-03-19 22:28 - 00117504 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbnet.sys
2017-01-25 04:59 - 2010-03-17 02:33 - 00861696 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys
2017-01-25 04:59 - 2007-08-08 16:13 - 00024448 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2017-01-25 04:57 - 2017-01-25 04:59 - 00000000 ____D C:\Archivos de programa\HUAWEI Modem Driver
2017-01-25 04:57 - 2017-01-25 04:57 - 00001887 _____ C:\Documents and Settings\All Users\Escritorio\Escritorio movistar Latam.lnk
2017-01-25 04:57 - 2017-01-25 04:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2017-01-25 04:57 - 2017-01-25 04:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2017-01-25 04:57 - 2017-01-25 04:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
2017-01-25 04:57 - 2017-01-25 04:57 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\Telefónica
2017-01-25 04:57 - 2009-07-14 00:27 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01009.dll
2017-01-25 04:57 - 2009-07-14 00:27 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01009.dll
2017-01-25 04:57 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2017-01-25 04:57 - 2005-05-13 04:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccid.sys
2017-01-25 04:56 - 2017-01-25 04:56 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Movistar
2017-01-25 04:56 - 2017-01-25 04:56 - 00000000 ____D C:\Archivos de programa\movistar
2017-01-24 18:52 - 2017-01-24 20:21 - 00000128 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\xplay vids for decent internet.txt
2017-01-24 12:20 - 2017-01-26 20:16 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\IDM
2017-01-24 12:20 - 2017-01-24 12:20 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\IDM
2017-01-24 12:19 - 2017-01-26 23:21 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\DMCache
2017-01-24 12:19 - 2017-01-25 11:58 - 00000000 ____D C:\Archivos de programa\Internet Download Manager
2017-01-24 12:19 - 2017-01-24 12:19 - 00000842 _____ C:\Documents and Settings\All Users\Escritorio\Internet Download Manager.lnk
2017-01-24 12:19 - 2015-06-11 21:00 - 00128528 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmtdi.sys
2017-01-24 10:08 - 2017-01-24 09:22 - 00000000 ____D C:\Tor Browser
2017-01-24 09:41 - 2017-01-26 21:38 - 00000424 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1485265251.job
2017-01-24 09:41 - 2017-01-24 09:41 - 00000735 _____ C:\Documents and Settings\All Users\Menú Inicio\Programas\Opera.lnk
2017-01-24 09:41 - 2017-01-24 09:41 - 00000735 _____ C:\Documents and Settings\All Users\Escritorio\Opera.lnk
2017-01-24 09:41 - 2017-01-24 09:41 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\Opera Software
2017-01-24 09:41 - 2017-01-24 09:41 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Opera Software
2017-01-24 09:40 - 2017-01-26 21:38 - 00000000 ____D C:\Archivos de programa\Opera
2017-01-23 20:05 - 2017-01-24 07:22 - 00000144 _____ C:\SK6211_information.ini
2017-01-23 20:05 - 2008-11-24 13:31 - 00000005 _____ C:\pc.ini
2017-01-23 19:26 - 2017-01-23 19:26 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Thinstall
2017-01-23 02:21 - 2017-01-23 02:21 - 05760054 _____ C:\Documents and Settings\Dr. Schnellinger\Mis documentos\diner-dash-5-boom-collectors wallpaper5.bmp
2017-01-22 23:50 - 2017-01-23 02:25 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\TEMP
2017-01-22 23:50 - 2017-01-22 23:50 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\PlayFirst
2017-01-22 23:50 - 2017-01-22 23:50 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\PlayFirst
2017-01-22 23:24 - 2017-01-22 23:25 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Escritorio\DriverPack (I think I already have it)
2017-01-22 23:18 - 2017-01-24 14:16 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\The Labyrinth Plus! Edition
2017-01-21 14:42 - 2017-01-21 14:42 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Mis documentos\Microsoft Games
2017-01-21 14:42 - 2017-01-21 14:42 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Microsoft Games
2017-01-20 04:17 - 2017-01-20 04:17 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\.thumbnails
2017-01-20 04:13 - 2017-01-20 04:13 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\RealHorrorStories.GameORE
2017-01-20 04:12 - 2017-01-20 04:12 - 00000556 _____ C:\Documents and Settings\All Users\Escritorio\Real Horror Stories.lnk
2017-01-20 04:08 - 2017-01-20 04:08 - 00000602 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\CopperCube 5.4.lnk
2017-01-20 04:08 - 2017-01-20 04:08 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\CopperCube 5.4
2017-01-20 04:06 - 2017-01-20 04:06 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\DeleD CE
2017-01-20 04:05 - 2017-01-20 04:05 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\RealityFactory
2017-01-20 04:03 - 2017-01-20 07:43 - 00000009 _____ C:\WINDOWS\MSVCFX.STP
2017-01-20 04:03 - 2017-01-20 04:03 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\CharacterFX
2017-01-20 04:00 - 2017-01-20 04:00 - 00000611 _____ C:\Documents and Settings\All Users\Escritorio\3D Box Shot Maker.lnk
2017-01-20 04:00 - 2017-01-20 04:00 - 00000580 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\3DAce 2.72 EN.lnk
2017-01-20 04:00 - 2017-01-20 04:00 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\3DBoxShotMaker
2017-01-20 04:00 - 2017-01-20 04:00 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\3DBoxShotMaker
2017-01-20 03:59 - 2017-01-20 04:00 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\3DAce 2.72 EN
2017-01-20 03:53 - 2017-01-20 03:53 - 00000455 _____ C:\Documents and Settings\All Users\Escritorio\Play Moorhuhn Kart 2.lnk
2017-01-20 03:43 - 2015-07-05 15:58 - 00751466 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\Example of FB mp4 format.mp4
2017-01-20 03:03 - 2017-01-20 03:04 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Activision
2017-01-20 02:39 - 2017-01-20 02:39 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\ISO Recorder
2017-01-20 02:39 - 2017-01-20 02:39 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\ISO Recorder
2017-01-20 02:39 - 2017-01-20 02:39 - 00000000 ____D C:\Archivos de programa\ISO Recorder
2017-01-20 02:32 - 2016-03-24 15:35 - 01138246 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\Call of Duty 5.5 Multiplayer PEZBOTs.zip
2017-01-18 23:58 - 2017-01-18 23:53 - 00000529 _____ C:\Documents and Settings\All Users\Escritorio\resident evil 4.lnk
2017-01-18 23:53 - 2017-01-18 23:53 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\CAPCOM
2017-01-18 22:56 - 2017-01-18 22:56 - 00000595 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\NSO MOD 2.lnk
2017-01-18 22:56 - 2017-01-18 22:56 - 00000595 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\NSO MED.lnk
2017-01-18 22:55 - 2017-01-18 22:55 - 00000608 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\NSO Deadline MED Unlocked.lnk
2017-01-18 22:55 - 2017-01-18 22:55 - 00000592 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\NSO Deadline Mod 1.lnk
2017-01-18 22:55 - 2017-01-18 22:55 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\NovaLogic
2017-01-18 18:58 - 2017-01-18 18:58 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\MPC-HC
2017-01-18 18:55 - 2017-01-18 18:55 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\K-Lite Codec Pack
2017-01-18 18:54 - 2017-01-18 18:55 - 00000000 ____D C:\Archivos de programa\K-Lite Codec Pack
2017-01-18 17:59 - 2017-01-18 18:03 - 00206310 _____ C:\WINDOWS\ntbtlog.txt
2017-01-18 17:49 - 2017-01-13 22:16 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Escritorio\Envy24HF 5.40
2017-01-18 16:14 - 2017-01-18 16:14 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\GlarySoft
2017-01-17 20:17 - 2010-09-09 15:06 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Escritorio\Envy24_Family_DriverV560C
2017-01-16 23:51 - 2017-01-16 23:51 - 00000610 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\Xpadder.lnk
2017-01-16 23:04 - 2017-01-23 02:30 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Escritorio\UNES
2017-01-15 01:55 - 2017-01-15 01:57 - 00000000 ___RD C:\Archivos de programa\EnvyADeck
2017-01-14 23:50 - 2010-07-05 18:21 - 00690992 ____R (VIA - IC Ensemble, Inc.) C:\WINDOWS\system32\Drivers\Envy24HF.sys
2017-01-14 23:32 - 2017-01-14 16:58 - 00006627 _____ C:\Documents and Settings\Dr. Schnellinger\Mis documentos\Account Status.CSV
2017-01-13 22:15 - 2010-09-09 14:16 - 00331376 ____N (Microsoft Corporation) C:\WINDOWS\system32\difxapi.dll
2017-01-13 02:49 - 2017-01-13 02:49 - 00000001 _____ C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\llftool.4.30.agreement
2017-01-12 22:57 - 2017-01-12 23:00 - 00000000 ____D C:\Archivos de programa\PartitionGuru
2017-01-12 22:57 - 2017-01-12 22:57 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\PartitionGuru471
2017-01-12 22:45 - 2017-01-12 22:45 - 00000000 ____D C:\WINDOWS\Lhsp
2017-01-12 02:26 - 2017-01-12 02:26 - 00000527 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\FarCry.lnk
2017-01-11 00:57 - 2017-01-11 00:57 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\RELOADED
2017-01-11 00:42 - 2017-01-11 00:42 - 00000325 _____ C:\Documents and Settings\All Users\Menú Inicio\Programas\Torchlight II.lnk
2017-01-11 00:42 - 2017-01-11 00:42 - 00000325 _____ C:\Documents and Settings\All Users\Escritorio\Torchlight II.lnk
2017-01-10 06:07 - 2017-01-10 06:07 - 00000000 ____D C:\WINDOWS\system32\AGEIA
2017-01-10 06:07 - 2017-01-10 06:07 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\NVIDIA Corporation
2017-01-10 06:07 - 2017-01-10 06:07 - 00000000 ____D C:\Archivos de programa\Microsoft Chart Controls
2017-01-10 06:07 - 2017-01-10 06:07 - 00000000 ____D C:\Archivos de programa\Archivos comunes\Wise Installation Wizard
2017-01-10 06:07 - 2017-01-10 06:07 - 00000000 ____D C:\Archivos de programa\AGEIA Technologies
2017-01-10 05:27 - 2017-01-10 05:27 - 00000778 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\JustManager.lnk
2017-01-10 05:23 - 2017-01-10 05:23 - 00000000 ___RD C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\Herramientas administrativas
2017-01-10 05:23 - 2017-01-10 05:23 - 00000000 ____D C:\WINDOWS\erdnt
2017-01-10 04:12 - 2017-01-10 04:16 - 15093182 _____ C:\WINDOWS\system32\PIQIRNYKYLO
2017-01-10 04:08 - 2017-01-10 04:08 - 00023712 _____ (Sysinternals) C:\WINDOWS\system32\Drivers\myfault.sys
2017-01-09 21:25 - 2017-01-09 21:25 - 00001784 _____ C:\Documents and Settings\All Users\Menú Inicio\Programas\Adobe Audition 1.5.lnk
2017-01-09 21:25 - 2017-01-09 21:25 - 00001778 _____ C:\Documents and Settings\All Users\Escritorio\Adobe Audition 1.5.lnk
2017-01-09 20:34 - 2017-01-09 20:34 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\VIA
2017-01-09 20:32 - 2005-10-07 14:47 - 00000000 ____D C:\SATA 3.00
2017-01-09 20:32 - 2004-03-29 13:45 - 00073600 _____ (VIA Technologies inc,.ltd) C:\WINDOWS\system32\Drivers\viamraid.sys
2017-01-09 19:46 - 2017-01-09 19:46 - 00000000 ____D C:\Archivos de programa\Pro Imaging Powertoys
2017-01-09 19:46 - 2017-01-09 19:46 - 00000000 ____D C:\Archivos de programa\Archivos comunes\Nikon
2017-01-09 19:40 - 2017-01-10 23:11 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\ApplicationHistory
2017-01-09 19:40 - 2017-01-09 19:40 - 00000145 _____ C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\fusioncache.dat
2017-01-09 19:37 - 2017-01-09 19:37 - 00000000 ____D C:\WINDOWS\system32\URTTEMP
2017-01-09 06:34 - 2017-01-09 06:34 - 00000522 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\ProcessKO [Ctrl+Alt+F4].lnk
2017-01-08 23:57 - 2017-01-08 23:59 - 00001478 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\Administrador de Dispositivos.lnk
2017-01-08 23:56 - 2017-01-08 23:58 - 00001483 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\Servicios del sistema.lnk
2017-01-08 01:45 - 2017-01-26 21:38 - 00000104 _____ C:\WINDOWS\ProcessKO.ini
2017-01-07 23:02 - 2017-01-07 23:02 - 00000000 ____D C:\Documents and Settings\All Users\Datos de programa\Macrovision
2017-01-07 23:02 - 2017-01-07 23:02 - 00000000 ____D C:\Archivos de programa\Archivos comunes\Macromedia Shared
2017-01-07 18:20 - 2017-01-07 18:20 - 00000000 ____D C:\Archivos de programa\JustManager
2017-01-07 16:54 - 2017-01-07 16:54 - 00000665 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\CPU-Z 1.78.lnk
2017-01-07 04:02 - 2017-01-07 04:02 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Darkfirebirds Class And Pet Mod
2017-01-07 02:29 - 2017-01-07 02:29 - 00000785 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\runic games.lnk
2017-01-06 09:18 - 2017-01-06 10:37 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Escritorio\TestModTL1 (Replaces pet with Zealot)
2017-01-06 05:32 - 2017-01-06 05:32 - 00000790 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\D3DOverrider.lnk
2017-01-06 03:18 - 2017-01-06 03:18 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\TorchED
2017-01-05 05:18 - 2017-01-27 00:14 - 00010056 _____ C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2017-01-05 05:05 - 2017-01-05 05:08 - 00009420 _____ C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2017-01-04 23:43 - 2017-01-03 22:53 - 00000061 _____ C:\Documents and Settings\Dr. Schnellinger\Mis documentos\torchlight key.txt
2017-01-04 11:41 - 2017-01-09 23:43 - 00000484 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\Torchlight.lnk
2017-01-04 00:15 - 2017-01-04 00:15 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\runic games
2017-01-04 00:12 - 2017-01-04 00:12 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Torchlight
2017-01-03 23:20 - 2017-01-25 10:03 - 00000000 ____D C:\Archivos de programa\D3DOverrider
2017-01-02 22:36 - 2017-01-02 22:36 - 00919730 _____ C:\Documents and Settings\Dr. Schnellinger\Mis documentos\3.xml
2016-12-30 22:10 - 2016-12-31 01:51 - 00231765 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\strings.xml
2016-12-29 23:26 - 2016-12-29 23:26 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\Advanced Batch Image Converter
2016-12-29 23:26 - 2016-12-29 23:26 - 00000000 ____D C:\Archivos de programa\ABIC
2016-12-29 23:12 - 2017-01-24 13:48 - 00000000 ____D C:\WINDOWS\pss
2016-12-29 18:52 - 2016-12-29 18:52 - 00012288 ___SH C:\Documents and Settings\Dr. Schnellinger\Mis documentos\Thumbs.db
2016-12-29 18:49 - 2017-01-09 04:48 - 00008704 ___SH C:\Documents and Settings\Dr. Schnellinger\Escritorio\Thumbs.db
2016-12-29 16:57 - 2016-12-29 16:57 - 00000686 _____ C:\Documents and Settings\Dr. Schnellinger\Escritorio\Fate 4 The Cursed King.lnk
2016-12-29 15:11 - 2016-12-29 15:11 - 00000000 ___HD C:\WINDOWS\PIF
2016-12-29 14:38 - 2016-12-29 14:38 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\FateItemCreator
2016-12-29 14:37 - 2016-12-29 14:37 - 00249856 ____N (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2016-12-29 14:37 - 2016-12-29 14:37 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE
2016-12-29 01:05 - 2016-12-29 01:05 - 00000050 _____ C:\WINDOWS\ejaymp3x.inf
2016-12-29 01:05 - 2016-12-29 01:05 - 00000038 _____ C:\WINDOWS\ejaymp3p.inf
2016-12-29 01:05 - 1999-04-13 11:29 - 00558080 _____ (Corporation for National Research Initatives) C:\WINDOWS\system32\python15.dll
2016-12-28 15:58 - 2016-12-28 15:58 - 00000000 __SHD C:\Documents and Settings\All Users\Datos de programa\SecuROM
2016-12-28 15:22 - 2016-12-28 15:22 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\Help
2016-12-28 15:22 - 2016-12-28 15:22 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Help
2016-12-28 01:14 - 2013-06-23 17:32 - 780355786 _____ C:\Documents and Settings\Dr. Schnellinger\Mis documentos\Silent Hill.avi
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-27 00:52 - 2016-12-24 15:11 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Configuración local\Temp
2017-01-27 00:49 - 2016-12-24 15:11 - 00000000 ___RD C:\Documents and Settings\Dr. Schnellinger\Mis documentos
2017-01-27 00:10 - 2016-12-24 22:08 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Mis documentos\Simple Sticky Notes
2017-01-26 22:07 - 2016-12-24 15:11 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Escritorio
2017-01-26 21:37 - 2016-12-24 15:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-26 21:36 - 2016-12-24 22:18 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\AIMP3
2017-01-26 20:51 - 2016-12-25 10:25 - 02097152 _____ C:\WINDOWS\system32\config\Nano.evt
2017-01-26 15:11 - 2016-12-24 15:11 - 00000192 ___SH C:\Documents and Settings\Dr. Schnellinger\ntuser.ini
2017-01-26 15:11 - 2016-12-24 15:11 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger
2017-01-26 15:11 - 2016-12-24 15:10 - 00032552 _____ C:\WINDOWS\SchedLgU.Txt
2017-01-26 14:49 - 2016-12-24 09:57 - 01288480 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-26 14:49 - 2001-08-24 08:00 - 00569260 _____ C:\WINDOWS\system32\perfh00A.dat
2017-01-26 14:49 - 2001-08-24 08:00 - 00111362 _____ C:\WINDOWS\system32\perfc00A.dat
2017-01-26 14:02 - 2016-12-23 23:30 - 00000000 ___RD C:\Documents and Settings\Dr. Schnellinger\Escritorio\Last downloads
2017-01-26 11:32 - 2016-12-24 15:11 - 00000000 __RHD C:\Documents and Settings\Dr. Schnellinger\Datos de programa
2017-01-26 11:32 - 2016-12-24 09:57 - 00000000 __RHD C:\Documents and Settings\All Users\Datos de programa
2017-01-26 11:32 - 2016-12-24 09:57 - 00000000 ___RD C:\Archivos de programa
2017-01-26 11:32 - 2016-12-24 09:57 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas
2017-01-26 11:32 - 2016-12-24 09:57 - 00000000 ____D C:\Documents and Settings\All Users\Escritorio
2017-01-26 09:38 - 2016-12-24 22:08 - 00000000 ____D C:\Archivos de programa\Unlocker
2017-01-26 08:56 - 2016-12-24 10:51 - 00000000 _____ C:\WINDOWS\MEMORY.DMP
2017-01-25 10:40 - 2016-12-24 10:51 - 00000000 ___HD C:\WINDOWS\inf
2017-01-25 10:37 - 2016-12-24 10:51 - 00000000 ____D C:\WINDOWS\Help
2017-01-25 10:09 - 2016-12-24 16:17 - 00000000 ____D C:\Documents and Settings\UpdatusUser
2017-01-25 10:07 - 2016-12-23 20:23 - 00000000 ___RD C:\Unload
2017-01-25 04:52 - 2016-12-24 16:28 - 00000522 _____ C:\WINDOWS\system\Cm108.ini
2017-01-24 13:48 - 2016-12-24 09:57 - 00000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
2017-01-24 09:41 - 2016-12-24 15:11 - 00000000 ___HD C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa
2017-01-24 08:01 - 2016-12-24 22:03 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\DAEMON Tools Pro
2017-01-23 07:26 - 2016-12-24 10:56 - 00000211 ___SH C:\boot.ini
2017-01-22 22:55 - 2001-08-24 08:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-01-20 09:09 - 2016-12-20 16:45 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Mis documentos\makehuman
2017-01-20 04:12 - 2016-12-25 00:11 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\Adobe
2017-01-20 04:12 - 2016-12-24 15:06 - 00000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas\Juegos
2017-01-20 04:08 - 2016-12-24 15:11 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas
2017-01-20 03:53 - 2016-12-24 15:22 - 00000000 ___HD C:\Archivos de programa\InstallShield Installation Information
2017-01-19 02:28 - 2016-12-24 15:11 - 00000000 ___SD C:\Documents and Settings\Dr. Schnellinger\Configuración local\Archivos temporales de Internet
2017-01-18 18:34 - 2016-12-26 13:33 - 00000000 ____D C:\backup
2017-01-18 18:11 - 2016-12-24 22:31 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\Greenshot
2017-01-17 20:14 - 2016-12-24 15:11 - 00000000 ___RD C:\Documents and Settings\Dr. Schnellinger\Favoritos
2017-01-15 00:07 - 2016-12-25 01:50 - 00002291 _____ C:\Documents and Settings\All Users\Escritorio\SharpKeys.lnk
2017-01-14 23:51 - 2016-12-25 07:12 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2017-01-13 20:38 - 2016-12-25 19:57 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Mis documentos\My Games
2017-01-12 22:46 - 2016-12-24 10:51 - 00000000 ____D C:\WINDOWS\msagent
2017-01-12 03:40 - 2001-08-24 08:00 - 00000558 _____ C:\WINDOWS\win.ini
2017-01-12 00:06 - 2001-08-24 08:00 - 00000227 _____ C:\WINDOWS\system.ini
2017-01-11 00:54 - 2016-12-24 15:07 - 00000000 ____D C:\WINDOWS\system32\DirectX
2017-01-10 23:00 - 2016-12-23 23:30 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Mis documentos\Lilly Stanford
2017-01-10 07:15 - 2016-12-24 21:17 - 01148848 _____ C:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat
2017-01-10 07:15 - 2016-12-24 15:10 - 00000000 ___HD C:\Documents and Settings\LocalService\Configuración local\Datos de programa
2017-01-10 06:07 - 2016-12-24 09:57 - 00000000 ____D C:\Archivos de programa\Archivos comunes
2017-01-10 01:00 - 2016-12-24 22:45 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Mis documentos\My Cheat Tables
2017-01-09 22:19 - 2016-12-24 15:11 - 00000000 ___HD C:\Documents and Settings\Dr. Schnellinger\Configuración local
2017-01-09 22:17 - 2016-12-25 16:42 - 00877747 _____ C:\Documents and Settings\Dr. Schnellinger\Configuración local\Tempmusic.ogg
2017-01-09 21:25 - 2016-12-25 00:10 - 00000000 ____D C:\Archivos de programa\Adobe
2017-01-09 20:42 - 2016-12-24 20:22 - 00000000 ____D C:\Archivos de programa\TeraCopy
2017-01-09 20:34 - 2016-12-24 15:23 - 00000000 ____D C:\Archivos de programa\VIA
2017-01-09 19:40 - 2016-12-24 22:15 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2017-01-09 19:39 - 2016-12-24 15:05 - 00000000 ____D C:\WINDOWS\Registration
2017-01-09 19:38 - 2016-12-24 15:05 - 00000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas\Herramientas administrativas
2017-01-09 19:33 - 2016-12-24 22:15 - 00000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Powertoys for Windows XP
2017-01-09 06:27 - 2016-12-24 22:31 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\Greenshot
2017-01-07 23:03 - 2016-12-25 22:23 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Datos de programa\Macromedia
2017-01-04 00:10 - 2016-12-24 09:57 - 00000000 ___RD C:\Documents and Settings\All Users\Documentos
2017-01-02 20:42 - 2016-12-26 00:42 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Mis documentos\GTA3 User Files
2016-12-31 22:19 - 2016-12-24 15:11 - 00000000 ___RD C:\Documents and Settings\Dr. Schnellinger\Mis documentos\Mi música
2016-12-31 22:18 - 2016-12-24 22:17 - 00000000 ____D C:\Archivos de programa\AIMP2
2016-12-29 19:51 - 2016-12-24 22:09 - 00000000 ____D C:\Archivos de programa\Resource Hacker
2016-12-29 18:54 - 2016-12-18 12:47 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Mis documentos\TooManyItems
2016-12-29 18:52 - 2016-12-23 23:32 - 00000000 ____D C:\Documents and Settings\Dr. Schnellinger\Mis documentos\old downloads (transferred)
2016-12-29 14:37 - 2016-12-24 15:11 - 00000000 ___RD C:\Documents and Settings\Dr. Schnellinger\Menú Inicio\Programas\Inicio
 
==================== Files in the root of some directories =======
 
2017-01-09 19:40 - 2017-01-09 19:40 - 0000145 _____ () C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\fusioncache.dat
2017-01-13 02:49 - 2017-01-13 02:49 - 0000001 _____ () C:\Documents and Settings\Dr. Schnellinger\Configuración local\Datos de programa\llftool.4.30.agreement
 
Some files in TEMP:
====================
2017-01-25 04:55 - 2010-05-27 13:19 - 0110592 ____R (Huawei Technologies Co., Ltd.) C:\Documents and Settings\Dr. Schnellinger\Configuración local\Temp\DataCard_Setup.exe
2017-01-25 04:55 - 2008-02-21 00:16 - 0007168 ____R () C:\Documents and Settings\Dr. Schnellinger\Configuración local\Temp\ResetDevice.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe
[2016-12-23 20:40] - [2008-04-14 07:48] - 2126848 ____A (Microsoft Corporation) 2682E4103345E1188282CB5E467CE4B6
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End of FRST.txt ============================

Attached Files


  • 0

#6
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,961 posts
I haven't done the CHKDSK /R thing yet, it requires reboot and pressing R while booting, right?

 

 

No. Press F8 at startup to reach the advanced menu. If installed, there will be an option to enter the recovery console.

 

I am checking the reports.


  • 0

#7
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,961 posts

Open FRST as you did before.

Type the following in the edit box on FRST, after "Search:".

explorer.exe

It then should look like:

Search: explorer.exe

Click Search Files button and post the log (Search.txt) it makes on the USB drive in your next reply.
 


  • 0

#8
Dr. Schnellinger (Again)

Dr. Schnellinger (Again)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Here's the search

 

Farbar Recovery Scan Tool (x86) Version: 25-01-2017
Ran by Dr. Schnellinger (27-01-2017 21:14:34)
Running from C:\Documents and Settings\Dr. Schnellinger\Mis documentos\Downloads
Boot Mode: Normal

================== Search Files: "explorer.exe" =============

C:\WINDOWS\explorer.exe
[2016-12-23 20:40][2008-04-14 07:48] 2126848 ____A (Microsoft Corporation) 2682E4103345E1188282CB5E467CE4B6 [File not signed]

C:\Unload\explorer.exe
[2016-12-23 20:40][2008-04-14 07:48] 2126848 ____A (Microsoft Corporation) 2682E4103345E1188282CB5E467CE4B6 [File not signed]

====== End of Search ======

 

 

One more thing: Last night I disabled the 2048MB pagefile on C:\ (it was the only one) and then rebooted, while booting I entered the BIOS and changed RAM frequency to 200MHz (DDR400), then once the system booted I started browsing around the web, with Opera 36 (Average of 5 tabs open) and Tor (Average of 2 tabs open), the session lasted from roughly 21:30 (Yesterday) to 4:30 (Today) with no problems; I manually rebooted because of my data card refusing to give me access to the internet (Some problem on my ISP's server that lasted for some hours) then I shut down the PC 'cause I was tired.

 

Right now I'm using Mozilla 51.0.1

Session started on 20:46:13   27/01/2017 (Based on winlogon.exe properties on ProcessExplorerXP)

Mozilla session started on 20:52:47   27/01/2017

 

-Edit-

 

The explorer.exe file under C:\Unload is a explorer I hacked on 2016 -I believe- with Resource Hacker (To change the default icons to others more fancy, it never gave me any problems, the first time I hacked explorer.exe was on 2014 I think, of course, the one on C:\Unload is not from 2014.


Edited by Dr. Schnellinger (Again), 27 January 2017 - 07:46 PM.

  • 0

#9
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,961 posts

In that case, it may be due to a RAM memory malfunction. If the issue returns, replacing the sticks will be my best option.

 

Is the computer still working within an acceptable range?


  • 0

#10
Dr. Schnellinger (Again)

Dr. Schnellinger (Again)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Yea well, I guess it's more stable now. May be the 133MHz module can't work properly with the 200MHz module? I guess it's a possibility, I'll replace it as soon as I can.


  • 0

#11
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,961 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP