Hello gcvela,

Let's go on

1) Upload a file to S!ri :

I would like to make sure that you can view hidden files and folders :

* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View tab.
* Under the Hidden files and folders heading SELECT Show hidden files and folders.
* UNCHECK the Hide protected operating system files (recommended) option.
* UNCHECK the Hide extensions for known file types option.
* Click Yes to confirm.
* Click OK.

Then, please go on this site : http://siri.urz.free.fr/upload/

Copy and paste the contents of the code box bellow in "Lien vers le message du forum où le fichier a été demandé:"



Then, click on the button "Parcourir" and navigate with your windows explorer until the following file in bold : C:\WINDOWS\system32\lphca55j0e7aa.exe

To finish, click "open" and click on the "Upload" button.

Thanks

2) Fix with HijackThis :

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below :

O4 - HKLM\..\Run: [lphca55j0e7aa] C:\WINDOWS\system32\lphca55j0e7aa.exe

Now close all windows other than HiJackThis, then click Fix Checked.

3) Run OTmoveIT2 :

Please download the OTMoveIt2 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  [kill explorer]
  C:\WINDOWS\system32\lphca55j0e7aa.exe
  purity
  emptytemp
  [start explorer]
  
  
• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

4) Run MBAM :

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

And please post me a fresh RSIT log in your next answer.

Regards,
Egwene.

Egwene,

I'm afraid I can't upload the file. Ikeep getting this message:

Erreur taille du fichier incorrecte.
La taille de fichier maximum est de 600 Ko

Vous allez être redirigé, sinon cliquez ici

http://www.bleepingcomputer.com/submit-mal....php?channel=12

Try with this link.

Tell me if it you manage to do the upload

Egwene,

I was finally able to upload the file to the first link you gave me using safari web browser.

Here's the log from move it:

Explorer killed successfully
C:\WINDOWS\system32\lphca55j0e7aa.exe moved successfully.
< purity >
< emptytemp >
Temp folders emptied.
IE temp folders emptied.
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09152008_151637


And here's the Anti-Malware log:

Malwarebytes' Anti-Malware 1.28
Versión de la Base de Datos: 1157
Windows 5.1.2600 Service Pack 3

15/09/2008 03:29:43 p.m.
mbam-log-2008-09-15 (15-29-43).txt

Tipo de examen : Examen Rápido
Objetos examinados: 48684
Tiempo transcurrido: 3 minute(s), 5 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 23
Valores del Registro Infectados: 5
Elementos de Datos del Registro Infectados: 2
Carpetas Infectadas: 0
Ficheros Infectados: 5

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\dpcproxy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elementos de Datos del Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphca55j0e7aa.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phca55j0e7aa.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

I really appreciate your help Egwene! I know it's late over there so thanks a lot for sticking around!

No problem

You forget to post me a fresh RSIT log. Could you do it now please ?

Regards,
Egwene.

Here you go.

Logfile of random's system information tool 1.01 (written by random/random)
Run by Me at 2008-09-15 15:56:02
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 38 GB (50%) free of 76 GB
Total RAM: 1022 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:56:04, on 15/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe
C:\Archivos de programa\iTunes\iTunesHelper.exe
C:\Archivos de programa\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\ISUSPM.exe
C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe
C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
C:\Archivos de programa\Yahoo!\Widgets\YahooWidgets.exe
C:\Archivos de programa\Yahoo!\Widgets\YahooWidgets.exe
C:\Archivos de programa\Yahoo!\Widgets\YahooWidgets.exe
C:\Archivos de programa\Yahoo!\Widgets\YahooWidgets.exe
C:\Archivos de programa\Yahoo!\Widgets\YahooWidgets.exe
C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Archivos de programa\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Documents and Settings\Me\Escritorio\RSIT.exe
C:\Archivos de programa\Trend Micro\HijackThis\Me.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Archivos de programa\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARCHIV~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RemoteControl] "C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Archivos de programa\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Archivos de programa\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Archivos de programa\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Archivos de programa\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [ISUSPM] "C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Archivos de programa\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Archivos de programa\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: Adición a la lista de impresión de Easy-WebPrint - res://C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Impresión a alta velocidad de Easy-WebPrint - res://C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Impresión de Easy-WebPrint - res://C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Vista previa de Easy-WebPrint - res://C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Archivos de programa\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARCHIV~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Archivos de programa\Bonjour\mDNSResponder.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe

--
End of file - 11008 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Archivos de programa\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\ARCHIV~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-01 339968]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-05-04 14396416]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"avgnt"=C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-02-12 262401]
"RemoteControl"=C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208]
"LanguageShortcut"=C:\Archivos de programa\CyberLink\PowerDVD\Language\Language.exe [2006-05-18 49152]
"QuickTime Task"=C:\Archivos de programa\QuickTime\qttask.exe [2008-05-27 413696]
"AppleSyncNotifier"=C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]
"iTunesHelper"=C:\Archivos de programa\iTunes\iTunesHelper.exe [2008-07-10 289064]
"Acrobat Assistant 7.0"=C:\Archivos de programa\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2008-04-23 483328]
""=C:\WINDOWS\system32\
"Easy-PrintToolBox"=C:\Archivos de programa\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-13 409600]
"ISUSPM"=C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"SunJavaUpdateSched"=C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"GrooveMonitor"=C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"CloneCDTray"=C:\Archivos de programa\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]

C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe

C:\Documents and Settings\Me\Menú Inicio\Programas\Inicio
Yahoo! Widgets.lnk - C:\Archivos de programa\Yahoo!\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Archivos de programa\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\ARCHIV~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispScrSavPage"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Archivos de programa\MSN Messenger\msnmsgr.exe"="C:\Archivos de programa\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Archivos de programa\MSN Messenger\livecall.exe"="C:\Archivos de programa\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Archivos de programa\Bonjour\mDNSResponder.exe"="C:\Archivos de programa\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Archivos de programa\iTunes\iTunes.exe"="C:\Archivos de programa\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Archivos de programa\TVUPlayer\TVUPlayer.exe"="C:\Archivos de programa\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\Archivos de programa\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Archivos de programa\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Archivos de programa\Microsoft Office\Office12\GROOVE.EXE"="C:\Archivos de programa\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Archivos de programa\Microsoft Office\Office12\ONENOTE.EXE"="C:\Archivos de programa\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Games\Colin McRae Rally 2.0\CMR2.exe"="C:\Games\Colin McRae Rally 2.0\CMR2.exe:*:Disabled:Colin McRae Rally 2"
"C:\Archivos de programa\Internet Explorer\iexplore.exe"="C:\Archivos de programa\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Archivos de programa\MSN Messenger\msnmsgr.exe"="C:\Archivos de programa\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Archivos de programa\MSN Messenger\livecall.exe"="C:\Archivos de programa\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

List of files/folders created in the last three months

2008-09-15 15:20:49 ----D---- C:\Documents and Settings\Me\Datos de programa\Malwarebytes
2008-09-15 15:20:46 ----D---- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
2008-09-15 15:20:46 ----D---- C:\Archivos de programa\Malwarebytes' Anti-Malware
2008-09-15 14:08:20 ----A---- C:\WINDOWS\system32\tmp.txt
2008-09-15 14:08:10 ----A---- C:\rapport.txt
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\VACFix.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\swxcacls.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\swsc.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\swreg.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\Process.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\IEDFix.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\dumphive.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\404Fix.exe
2008-09-15 13:13:26 ----D---- C:\_OTMoveIt
2008-09-15 08:52:25 ----D---- C:\rsit
2008-09-15 01:36:46 ----D---- C:\Archivos de programa\Trend Micro
2008-09-15 00:59:43 ----A---- C:\WINDOWS\ntbtlog.txt
2008-09-15 00:50:07 ----A---- C:\WINDOWS\NeroDigital.ini
2008-09-14 23:40:04 ----D---- C:\Archivos de programa\CD Autorun Creator
2008-09-10 13:35:51 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-10 13:35:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-08 10:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-09-08 10:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-09-08 10:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-09-07 15:45:34 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-09-07 15:45:08 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-09-07 15:44:32 ----D---- C:\Archivos de programa\Windows Media Connect 2
2008-09-07 15:44:14 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-09-07 15:43:07 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-09-07 15:42:21 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-09-07 15:14:57 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-09-07 15:14:56 ----D---- C:\Archivos de programa\Xvid
2008-09-07 15:14:56 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2008-09-07 14:36:27 ----D---- C:\Documents and Settings\Me\Datos de programa\LimeWire
2008-08-28 18:26:54 ----D---- C:\WINDOWS\system32\LogFiles
2008-08-26 12:04:42 ----SH---- C:\WINDOWS\S5E521382.tmp
2008-08-26 12:03:03 ----D---- C:\Archivos de programa\SlySoft
2008-08-24 22:20:48 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2008-08-18 23:56:42 ----D---- C:\Archivos de programa\AutoCAD 2009
2008-08-18 23:56:42 ----D---- C:\Archivos de programa\Archivos comunes\Autodesk Shared
2008-08-18 23:37:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-08-18 23:32:38 ----D---- C:\WINDOWS\system32\XPSViewer
2008-08-18 23:32:36 ----D---- C:\WINDOWS\system32\en-us
2008-08-18 23:32:05 ----D---- C:\Archivos de programa\Reference Assemblies
2008-08-18 23:31:39 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-08-18 23:09:53 ----A---- C:\WINDOWS\system32\msonpmon.dll
2008-08-18 23:07:31 ----D---- C:\Archivos de programa\Microsoft Works
2008-08-18 23:07:15 ----D---- C:\Archivos de programa\MSBuild
2008-08-18 23:06:43 ----D---- C:\Archivos de programa\Microsoft Visual Studio
2008-08-18 23:05:48 ----D---- C:\Archivos de programa\Microsoft.NET
2008-08-18 23:01:37 ----D---- C:\Archivos de programa\Microsoft Visual Studio 8
2008-08-18 23:00:40 ----D---- C:\Documents and Settings\All Users\Datos de programa\Microsoft Help
2008-08-17 16:03:28 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-08-17 16:03:27 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-08-15 14:33:10 ----D---- C:\Documents and Settings\Me\Datos de programa\CyberLink
2008-08-14 08:36:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-14 08:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-14 08:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-14 08:36:45 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-14 08:36:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-14 08:36:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-14 08:36:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-13 14:09:52 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-08-10 23:23:25 ----D---- C:\Archivos de programa\Microsoft Silverlight
2008-07-30 21:35:55 ----HD---- C:\WINDOWS\PIF
2008-07-30 21:35:34 ----D---- C:\Documents and Settings\Me\Datos de programa\Windows Search
2008-07-30 20:59:50 ----D---- C:\Documents and Settings\Me\Datos de programa\Windows Desktop Search
2008-07-30 20:59:25 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-07-30 20:59:25 ----D---- C:\Archivos de programa\Windows Desktop Search
2008-07-30 20:59:12 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2008-07-30 20:59:06 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2008-07-30 18:45:10 ----A---- C:\WINDOWS\SCIENCE.ini
2008-07-30 18:45:09 ----RA---- C:\WINDOWS\MPLAYER.EXE
2008-07-30 18:45:09 ----RA---- C:\WINDOWS\MCIOLE.DLL
2008-07-29 17:26:45 ----A---- C:\WINDOWS\system32\pscVSWIA.dll
2008-07-29 17:26:45 ----A---- C:\WINDOWS\system32\pscUD113.dll
2008-07-29 17:26:45 ----A---- C:\WINDOWS\system32\pscND113.exe
2008-07-29 17:26:45 ----A---- C:\WINDOWS\system32\PSCLU113.dll
2008-07-29 17:26:18 ----A---- C:\WINDOWS\OPPRIN~1.INI
2008-07-29 17:26:06 ----A---- C:\WINDOWS\system32\opapi11.dll
2008-07-29 15:14:56 ----D---- C:\Documents and Settings\Me\Datos de programa\DivX
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxsfs.dll
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxafs.dll
2008-07-28 16:02:47 ----N---- C:\WINDOWS\system32\px.dll
2008-07-28 16:02:40 ----D---- C:\Archivos de programa\DivX
2008-07-27 22:04:44 ----D---- C:\WINDOWS\Sun
2008-07-27 22:04:44 ----D---- C:\Documents and Settings\Me\Datos de programa\Sun
2008-07-27 22:03:55 ----A---- C:\WINDOWS\system32\javaws.exe
2008-07-27 22:03:55 ----A---- C:\WINDOWS\system32\javaw.exe
2008-07-27 22:03:55 ----A---- C:\WINDOWS\system32\java.exe
2008-07-27 22:03:28 ----D---- C:\Archivos de programa\Java
2008-07-27 22:00:43 ----D---- C:\Archivos de programa\Archivos comunes\Java
2008-07-27 19:47:59 ----D---- C:\Games
2008-07-27 18:57:55 ----A---- C:\WINDOWS\system32\lfpng13n.dll
2008-07-27 18:57:54 ----A---- C:\WINDOWS\system32\lfgif13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\ltkrn13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\ltimg13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\ltfil13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\ltefx13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\ltdis13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\lfcmp13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\lfbmp13n.dll
2008-07-27 18:19:34 ----D---- C:\Documents and Settings\All Users\Datos de programa\InstallShield
2008-07-27 18:19:31 ----D---- C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021
2008-07-27 18:19:28 ----A---- C:\WINDOWS\minitab.ini
2008-07-27 18:19:12 ----D---- C:\Archivos de programa\Minitab 15
2008-07-27 18:07:41 ----D---- C:\Archivos de programa\Lingo
2008-07-27 18:00:14 ----D---- C:\Documents and Settings\All Users\Datos de programa\TVU Networks
2008-07-27 17:58:55 ----D---- C:\Documents and Settings\Me\Datos de programa\TVU Networks
2008-07-27 17:58:48 ----D---- C:\Archivos de programa\TVUPlayer
2008-07-27 17:01:51 ----D---- C:\Archivos de programa\Yahoo!
2008-07-27 16:37:37 ----D---- C:\Documents and Settings\All Users\Datos de programa\Lavasoft
2008-07-27 16:37:37 ----D---- C:\Archivos de programa\Lavasoft
2008-07-27 16:37:07 ----D---- C:\Archivos de programa\Archivos comunes\Wise Installation Wizard
2008-07-27 16:00:28 ----D---- C:\Documents and Settings\All Users\Datos de programa\Messenger Plus!
2008-07-27 16:00:12 ----D---- C:\Archivos de programa\Windows Live
2008-07-27 14:49:58 ----D---- C:\Documents and Settings\All Users\Datos de programa\WinZip
2008-07-27 14:49:55 ----D---- C:\Archivos de programa\WinZip
2008-07-27 14:40:04 ----D---- C:\Archivos de programa\Messenger Plus! Live
2008-07-26 23:24:53 ----D---- C:\WINDOWS\ie7updates
2008-07-26 12:09:32 ----D---- C:\Documents and Settings\Me\Datos de programa\Autodesk
2008-07-26 12:09:32 ----D---- C:\Documents and Settings\All Users\Datos de programa\Autodesk
2008-07-26 12:09:31 ----D---- C:\Archivos de programa\AutoCAD 2007
2008-07-26 12:06:46 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-07-26 11:56:52 ----A---- C:\WINDOWS\ODBC.INI
2008-07-26 11:56:48 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-07-26 11:56:16 ----D---- C:\Archivos de programa\Archivos comunes\DESIGNER
2008-07-26 11:56:04 ----D---- C:\WINDOWS\SHELLNEW
2008-07-26 11:56:02 ----D---- C:\Archivos de programa\Microsoft Office
2008-07-26 11:53:33 ----RHD---- C:\MSOCache
2008-07-26 11:39:20 ----A---- C:\WINDOWS\BJPSUNST.EXE
2008-07-26 11:38:48 ----A---- C:\WINDOWS\IsUn040a.exe
2008-07-26 11:38:24 ----HD---- C:\Documents and Settings\All Users\Datos de programa\CanonBJ
2008-07-26 11:38:14 ----A---- C:\WINDOWS\system32\CNMLM7X.DLL
2008-07-26 11:38:11 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-07-26 11:38:06 ----HD---- C:\Archivos de programa\CanonBJ
2008-07-26 11:37:15 ----D---- C:\Archivos de programa\Canon
2008-07-26 11:21:58 ----D---- C:\Documents and Settings\Me\Datos de programa\AdobeUM
2008-07-26 11:20:34 ----D---- C:\Documents and Settings\All Users\Datos de programa\Adobe Systems
2008-07-26 11:20:17 ----D---- C:\Archivos de programa\Archivos comunes\Adobe Systems Shared
2008-07-26 11:19:39 ----D---- C:\Archivos de programa\Archivos comunes\Adobe
2008-07-26 11:19:05 ----D---- C:\Documents and Settings\All Users\Datos de programa\Adobe
2008-07-26 11:15:40 ----D---- C:\Documents and Settings\Me\Datos de programa\Google
2008-07-26 11:15:40 ----D---- C:\Archivos de programa\Google
2008-07-26 11:09:31 ----D---- C:\Archivos de programa\iPod
2008-07-26 11:09:28 ----D---- C:\Archivos de programa\iTunes
2008-07-26 11:07:30 ----D---- C:\Documents and Settings\Me\Datos de programa\Macromedia
2008-07-26 10:53:56 ----D---- C:\Archivos de programa\QuickTime
2008-07-26 10:53:55 ----D---- C:\Documents and Settings\All Users\Datos de programa\Apple Computer
2008-07-26 10:53:30 ----D---- C:\Archivos de programa\Archivos comunes\Apple
2008-07-26 10:49:45 ----D---- C:\Documents and Settings\Me\Datos de programa\Apple Computer
2008-07-26 10:49:35 ----D---- C:\Archivos de programa\Safari
2008-07-26 10:49:25 ----D---- C:\Archivos de programa\Bonjour
2008-07-26 10:49:20 ----D---- C:\Documents and Settings\All Users\Datos de programa\Apple
2008-07-26 10:49:20 ----D---- C:\Archivos de programa\Apple Software Update
2008-07-26 10:40:00 ----D---- C:\Documents and Settings\All Users\Datos de programa\CyberLink
2008-07-26 10:38:49 ----N---- C:\WINDOWS\system32\msxml3a.dll
2008-07-26 10:38:02 ----D---- C:\Archivos de programa\CyberLink
2008-07-26 10:26:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-07-26 10:25:55 ----D---- C:\Archivos de programa\MSN Messenger
2008-07-26 10:20:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-07-26 10:19:13 ----D---- C:\Archivos de programa\MSXML 4.0
2008-07-26 10:12:51 ----HD---- C:\WINDOWS\msdownld.tmp
2008-07-26 10:12:41 ----D---- C:\WINDOWS\WBEM
2008-07-26 10:11:44 ----HDC---- C:\WINDOWS\ie7
2008-07-26 10:11:31 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-07-26 10:11:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-07-26 10:09:55 ----A---- C:\WINDOWS\system32\MRT.exe
2008-07-26 10:00:03 ----D---- C:\Archivos de programa\Windows Live Toolbar
2008-07-26 09:44:05 ----D---- C:\Documents and Settings\All Users\Datos de programa\Windows Genuine Advantage
2008-07-26 09:37:17 ----D---- C:\WINDOWS\Prefetch
2008-07-26 05:41:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-07-26 05:41:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-07-26 05:41:14 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2008-07-26 05:41:07 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-07-26 05:41:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-07-26 05:40:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-07-26 05:40:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-07-26 04:57:22 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-07-26 04:57:22 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-07-26 04:57:07 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-07-26 04:57:07 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\credssp.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\azroles.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-07-26 04:57:04 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\napstat.exe
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\mssha.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\qagent.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\onex.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\slserv.exe
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\slgen.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\setupn.exe
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\qutil.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-07-26 04:56:57 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-07-26 04:56:57 ----N---- C:\WINDOWS\slrundll.exe
2008-07-26 04:56:56 ----D---- C:\WINDOWS\system32\es-es
2008-07-26 04:56:55 ----D---- C:\WINDOWS\system32\es
2008-07-26 04:56:55 ----D---- C:\WINDOWS\system32\bits
2008-07-26 04:56:55 ----D---- C:\WINDOWS\l2schemas
2008-07-26 04:56:26 ----A---- C:\WINDOWS\system32\lpdsvc.dll
2008-07-26 04:55:10 ----A---- C:\WINDOWS\system32\lprmon.dll
2008-07-26 04:54:34 ----D---- C:\WINDOWS\ServicePackFiles
2008-07-26 04:52:27 ----D---- C:\WINDOWS\network diagnostic
2008-07-26 04:48:57 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-07-26 04:48:56 ----D---- C:\WINDOWS\EHome
2008-07-26 04:45:54 ----HD---- C:\9c0f5e184b30594cade6359ee1
2008-07-26 04:01:22 ----D---- C:\Documents and Settings\Me\Datos de programa\Adobe
2008-07-26 03:59:34 ----D---- C:\Archivos de programa\Adobe
2008-07-26 03:49:40 ----D---- C:\WINDOWS\system32\PreInstall
2008-07-26 03:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-07-26 03:49:38 ----HD---- C:\WINDOWS\$hf_mig$
2008-07-26 03:48:13 ----A---- C:\WINDOWS\system32\wpa.bak
2008-07-26 03:45:24 ----D---- C:\Documents and Settings\All Users\Datos de programa\Avira
2008-07-26 03:45:24 ----D---- C:\Archivos de programa\Avira
2008-07-26 03:42:09 ----SHD---- C:\RECYCLER
2008-07-26 03:40:35 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2008-07-26 03:40:29 ----N---- C:\WINDOWS\system32\picn20.dll
2008-07-26 03:40:28 ----N---- C:\WINDOWS\system32\ImagXpr5.dll
2008-07-26 03:40:28 ----N---- C:\WINDOWS\system32\imagx5.dll
2008-07-26 03:40:28 ----N---- C:\WINDOWS\system32\imagr5.dll
2008-07-26 03:40:27 ----D---- C:\Archivos de programa\Archivos comunes\Ahead
2008-07-26 03:40:27 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2008-07-26 03:40:22 ----D---- C:\Archivos de programa\Ahead
2008-07-26 03:35:40 ----D---- C:\WINDOWS\system32\Lang
2008-07-26 03:32:45 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-07-26 03:32:38 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-07-26 03:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2008-07-26 03:32:32 ----A---- C:\WINDOWS\ALCMTR.EXE
2008-07-26 03:32:31 ----A---- C:\WINDOWS\ALCWZRD.EXE
2008-07-26 03:32:29 ----N---- C:\WINDOWS\system32\ChCfg.exe
2008-07-26 03:32:29 ----D---- C:\WINDOWS\system32\RTCOM
2008-07-26 03:32:29 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2008-07-26 03:32:29 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2008-07-26 03:32:29 ----A---- C:\WINDOWS\RTLCPL.EXE
2008-07-26 03:32:29 ----A---- C:\WINDOWS\RTHDCPL.EXE
2008-07-26 03:32:22 ----D---- C:\Archivos de programa\Realtek
2008-07-26 03:32:20 ----N---- C:\WINDOWS\RtlExUpd.dll
2008-07-26 03:29:37 ----D---- C:\Archivos de programa\Intel
2008-07-26 03:28:52 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-07-26 03:27:56 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-07-26 03:27:52 ----D---- C:\TempEI4
2008-07-26 03:25:42 ----D---- C:\Archivos de programa\D-Link
2008-07-26 03:24:20 ----D---- C:\Documents and Settings\Me\Datos de programa\Help
2008-07-26 03:20:51 ----RSD---- C:\WINDOWS\assembly
2008-07-26 03:20:51 ----D---- C:\WINDOWS\Microsoft.NET
2008-07-26 03:20:50 ----D---- C:\WINDOWS\system32\URTTemp
2008-07-26 03:19:53 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2008-07-26 03:19:49 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2008-07-26 03:19:36 ----D---- C:\Archivos de programa\ATI Technologies
2008-07-26 03:16:49 ----HD---- C:\Archivos de programa\InstallShield Installation Information
2008-07-26 03:16:47 ----D---- C:\Archivos de programa\802.11 Wireless LAN
2008-07-26 03:16:22 ----D---- C:\WINDOWS\Downloaded Installations
2008-07-26 03:16:21 ----D---- C:\Archivos de programa\Archivos comunes\InstallShield
2008-07-26 03:10:25 ----D---- C:\Documents and Settings\Me\Datos de programa\Identities
2008-07-26 03:10:24 ----HD---- C:\Archivos de programa\Uninstall Information
2008-07-26 03:10:18 ----ASH---- C:\Documents and Settings\Me\Datos de programa\desktop.ini
2008-07-26 03:10:17 ----SD---- C:\Documents and Settings\Me\Datos de programa\Microsoft
2008-07-26 03:06:50 ----D---- C:\WINDOWS\SoftwareDistribution
2008-07-26 03:06:49 ----SD---- C:\WINDOWS\system32\Microsoft
2008-07-26 03:06:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-07-26 03:04:13 ----D---- C:\WINDOWS\system32\xircom
2008-07-26 03:04:13 ----D---- C:\Archivos de programa\xerox
2008-07-26 03:04:13 ----D---- C:\Archivos de programa\microsoft frontpage
2008-07-26 03:04:04 ----A---- C:\WINDOWS\control.ini
2008-07-26 03:04:04 ----A---- C:\AUTOEXEC.BAT
2008-07-26 03:03:50 ----A---- C:\WINDOWS\OEWABLog.txt
2008-07-26 03:03:47 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-07-26 03:03:06 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-07-26 03:03:06 ----RD---- C:\WINDOWS\Offline Web Pages
2008-07-26 03:03:06 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-07-26 03:03:01 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-07-26 03:02:57 ----HD---- C:\Archivos de programa\WindowsUpdate
2008-07-26 03:02:53 ----D---- C:\Archivos de programa\Servicios en línea
2008-07-26 03:02:41 ----D---- C:\WINDOWS\system32\DirectX
2008-07-26 03:02:24 ----A---- C:\WINDOWS\system32\atrace.dll
2008-07-26 03:02:21 ----A---- C:\WINDOWS\system32\desktop.ini
2008-07-26 03:02:21 ----A---- C:\WINDOWS\desktop.ini
2008-07-26 03:02:15 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-07-26 03:02:14 ----A---- C:\WINDOWS\system32\acctres.dll
2008-07-26 03:02:13 ----D---- C:\Archivos de programa\Archivos comunes\Services
2008-07-26 03:02:11 ----SD---- C:\WINDOWS\Tasks
2008-07-26 03:02:11 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-07-26 03:02:10 ----D---- C:\Archivos de programa\Archivos comunes\MSSoap
2008-07-26 03:02:07 ----D---- C:\WINDOWS\srchasst
2008-07-26 03:02:06 ----D---- C:\WINDOWS\system32\Macromed
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wups.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-07-26 03:02:02 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-07-26 03:02:02 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-07-26 03:02:02 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-07-26 03:02:02 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-07-26 03:01:59 ----D---- C:\Archivos de programa\Movie Maker
2008-07-26 03:01:55 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-07-26 03:01:55 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-07-26 03:01:55 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-07-26 03:01:55 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-07-26 03:01:52 ----D---- C:\WINDOWS\system32\Restore
2008-07-26 03:01:52 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-07-26 03:01:52 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-07-26 03:01:52 ----A---- C:\WINDOWS\system32\srclient.dll
2008-07-26 03:01:52 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-07-26 03:01:52 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-07-26 03:01:51 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-07-26 03:01:51 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-07-26 03:01:51 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-07-26 03:01:51 ----A---- C:\WINDOWS\system32\ils.dll
2008-07-26 03:01:50 ----A---- C:\WINDOWS\system32\msconf.dll
2008-07-26 03:01:50 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-07-26 03:01:48 ----D---- C:\Archivos de programa\NetMeeting
2008-07-26 03:01:48 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-07-26 03:01:48 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-07-26 03:01:47 ----A---- C:\WINDOWS\system32\inetres.dll
2008-07-26 03:01:47 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-07-26 03:01:45 ----D---- C:\Archivos de programa\Outlook Express
2008-07-26 03:01:45 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-07-26 03:01:45 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-07-26 03:01:45 ----A---- C:\WINDOWS\system32\mstask.dll
2008-07-26 03:01:44 ----A---- C:\WINDOWS\system32\isign32.dll
2008-07-26 03:01:44 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-07-26 03:01:44 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-07-26 03:01:44 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-07-26 03:01:39 ----D---- C:\Archivos de programa\Archivos comunes\System
2008-07-26 03:01:38 ----D---- C:\Archivos de programa\Internet Explorer
2008-07-26 03:01:28 ----D---- C:\Archivos de programa\ComPlus Applications
2008-07-26 03:01:26 ----A---- C:\WINDOWS\vbaddin.ini
2008-07-26 03:01:26 ----A---- C:\WINDOWS\vb.ini
2008-07-26 03:01:22 ----D---- C:\WINDOWS\Registration
2008-07-26 03:00:56 ----D---- C:\Archivos de programa\Windows Media Player
2008-07-26 03:00:51 ----D---- C:\Archivos de programa\Messenger
2008-07-26 03:00:48 ----D---- C:\Archivos de programa\MSN Gaming Zone
2008-07-26 03:00:48 ----A---- C:\WINDOWS\system32\write.exe
2008-07-26 03:00:40 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-07-26 03:00:40 ----A---- C:\WINDOWS\system32\hticons.dll
2008-07-26 03:00:40 ----A---- C:\WINDOWS\system32\avwav.dll
2008-07-26 03:00:40 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-07-26 03:00:40 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-07-26 03:00:39 ----A---- C:\WINDOWS\system32\winchat.exe
2008-07-26 03:00:35 ----D---- C:\WINDOWS\Cursores
2008-07-26 03:00:34 ----A---- C:\WINDOWS\system32\getuname.dll
2008-07-26 03:00:34 ----A---- C:\WINDOWS\system32\charmap.exe
2008-07-26 03:00:33 ----A---- C:\WINDOWS\system32\winmine.exe
2008-07-26 03:00:33 ----A---- C:\WINDOWS\system32\sol.exe
2008-07-26 03:00:33 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-07-26 03:00:33 ----A---- C:\WINDOWS\system32\freecell.exe
2008-07-26 03:00:33 ----A---- C:\WINDOWS\system32\calc.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\tskill.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\tscon.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\shadow.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\reset.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\regini.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\msg.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\logoff.exe
2008-07-26 03:00:31 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-07-26 03:00:31 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-07-26 03:00:31 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\stclient.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-07-26 03:00:26 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-07-26 03:00:17 ----D---- C:\Archivos de programa\MSN
2008-07-26 03:00:16 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-07-26 03:00:16 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-07-26 03:00:16 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-07-26 03:00:16 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-07-26 03:00:15 ----D---- C:\Archivos de programa\Windows NT
2008-07-26 03:00:15 ----A---- C:\WINDOWS\system32\spider.exe
2008-07-26 03:00:15 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-07-26 03:00:15 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-07-26 03:00:13 ----D---- C:\WINDOWS\system32\MsDtc
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-07-26 03:00:11 ----D---- C:\WINDOWS\system32\Com
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\colbact.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-07-26 03:00:1

2008-07-26 03:00:11 ----D---- C:\WINDOWS\system32\Com
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\colbact.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-07-26 03:00:10 ----A---- C:\WINDOWS\system32\comuid.dll
2008-07-26 03:00:10 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-07-26 03:00:10 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-07-25 21:50:47 ----SH---- C:\boot.ini
2008-07-25 21:45:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-07-25 21:45:22 ----RSD---- C:\WINDOWS\Fonts
2008-07-25 21:45:22 ----RD---- C:\WINDOWS\Web
2008-07-25 21:45:22 ----HD---- C:\WINDOWS\inf
2008-07-25 21:45:22 ----D---- C:\WINDOWS\WinSxS
2008-07-25 21:45:22 ----D---- C:\WINDOWS\twain_32
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Temp
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\wins
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\wbem
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\usmt
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\spool
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\ShellExt
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\Setup
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\ras
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\oobe
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\npp
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\mui
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\inetsrv
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\IME
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\icsxml
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\ias
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\export
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\drivers
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\dhcp
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\config
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\3com_dmi
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\3082
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\3076
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\2052
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1054
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1042
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1041
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1037
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1033
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1031
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1028
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1025
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system
2008-07-25 21:45:22 ----D---- C:\WINDOWS\security
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Resources
2008-07-25 21:45:22 ----D---- C:\WINDOWS\repair
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Provisioning
2008-07-25 21:45:22 ----D---- C:\WINDOWS\PeerNet
2008-07-25 21:45:22 ----D---- C:\WINDOWS\pchealth
2008-07-25 21:45:22 ----D---- C:\WINDOWS\mui
2008-07-25 21:45:22 ----D---- C:\WINDOWS\msapps
2008-07-25 21:45:22 ----D---- C:\WINDOWS\msagent
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Media
2008-07-25 21:45:22 ----D---- C:\WINDOWS\java
2008-07-25 21:45:22 ----D---- C:\WINDOWS\ime
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Help
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Driver Cache
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Debug
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Cursors
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Connection Wizard
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Config
2008-07-25 21:45:22 ----D---- C:\WINDOWS\AppPatch
2008-07-25 21:45:22 ----D---- C:\WINDOWS\addins
2008-07-25 21:45:22 ----D---- C:\WINDOWS
2008-07-25 20:58:59 ----A---- C:\WINDOWS\system32\h323log.txt
2008-07-25 20:53:54 ----A---- C:\WINDOWS\system32\usbui.dll
2008-07-25 20:52:56 ----A---- C:\WINDOWS\imsins.BAK
2008-07-25 20:52:54 ----SHD---- C:\WINDOWS\Installer
2008-07-25 20:52:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-07-25 20:52:53 ----D---- C:\Archivos de programa\Archivos comunes\ODBC
2008-07-25 20:52:53 ----A---- C:\WINDOWS\ODBCINST.INI
2008-07-25 20:52:51 ----D---- C:\Archivos de programa\Archivos comunes\SpeechEngines
2008-07-25 20:52:50 ----D---- C:\Archivos de programa\Archivos comunes\Microsoft Shared
2008-07-25 20:52:50 ----D---- C:\Archivos de programa\Archivos comunes
2008-07-25 20:52:50 ----D---- C:\Archivos de programa
2008-07-25 20:52:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-07-25 20:52:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-07-25 20:52:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-07-25 20:52:43 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-07-25 20:52:43 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-07-25 20:52:43 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-07-25 20:52:43 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-07-25 20:52:43 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-07-25 20:52:42 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-07-25 20:52:42 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-07-25 20:52:39 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-07-25 20:52:39 ----A---- C:\WINDOWS\system32\irclass.dll
2008-07-25 20:52:39 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-07-25 20:52:39 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-07-25 20:52:39 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-07-25 20:52:37 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-07-25 20:52:37 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-07-25 20:52:37 ----A---- C:\WINDOWS\system32\batt.dll
2008-07-25 20:52:37 ----A---- C:\WINDOWS\notepad.exe
2008-07-25 20:52:36 ----A---- C:\WINDOWS\system32\storprop.dll
2008-07-25 20:52:29----ASH----C:\Documents and Settings\All Users\Datos de programa\desktop.ini
2008-07-25 20:52:26 ----RA---- C:\WINDOWS\SET8.tmp
2008-07-25 20:52:24 ----RA---- C:\WINDOWS\SET4.tmp
2008-07-25 20:52:22 ----RA---- C:\WINDOWS\SET3.tmp
2008-07-25 20:51:57 ----D---- C:\WINDOWS\system32\CatRoot2
2008-07-25 20:51:57 ----D---- C:\WINDOWS\system32\CatRoot
2008-07-25 20:51:52 ----SD---- C:\Documents and Settings\All Users\Datos de programa\Microsoft
2008-07-25 20:51:34 ----A---- C:\WINDOWS\setuplog.txt
2008-07-25 20:51:31 ----SHD---- C:\System Volume Information
2008-07-25 20:51:31 ----D---- C:\Documents and Settings
2008-06-18 12:52:28 ----A---- C:\WINDOWS\system32\DivXCodecVersionChecker.exe

List of drivers

R1 avgio;avgio; \??\C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-03-04 79424]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 intelppm;Controlador de procesador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]
R3 avgntflt;avgntflt; \??\C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-15 34760]
R3 FETNDISB;D-Link PCI Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\dlkfet5b.sys [2007-05-16 43008]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Controlador de bus de Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Controlador de clases HID de Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-05-04 2951680]
R3 mouhid;Controlador HID de mouse; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-20 12416]
R3 SMBios;Intel ® System Management BIOS Service; C:\WINDOWS\system32\DRIVERS\SMBios.sys [2004-06-06 36484]
R3 usbehci;Controlador minipuerto de la controladora mejorada USB 2.0 de Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Concentrador habilitado USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Clase de impresora USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Controlador minipuerto de la controladora de host universal USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 usbscan;Controlador de escáner USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

List of services

R2 aawservice;Lavasoft Ad-Aware Service; C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe [2008-07-27 611664]
R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler; C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-03-07 68865]
R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-03-26 147201]
R2 Apple Mobile Device;Apple Mobile Device; C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-10 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504]
R2 Bonjour Service;Servicio Bonjour; C:\Archivos de programa\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;Servicio del iPod; C:\Archivos de programa\iPod\bin\iPodService.exe [2008-07-10 532264]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-02-01 516096]
S3 Adobe LM Service;Adobe LM Service; C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-07-26 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe [2008-08-19 82584]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 LPDSVC;Servidor de impresión TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-20 19456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Archivos de programa\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Servicio Lector del diario USN de Carpetas para compartir de Messenger; C:\Archivos de programa\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Servicio de uso compartido de red del Reproductor de Windows Media; C:\Archivos de programa\Windows Media Player\WMPNetwk.exe [2006-11-03 916480]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

Hello gcvela,

We are nearly finished the removal

Please do an online scan with Kaspersky WebScanner

Make sure you are using Internet Explorer for this. Click on Kaspersky Online Scanner and click Accept

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
  
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  Extended (if available otherwise Standard)
  • Scan Options:
  Scan Archives
  Scan Mail Bases
• Click OK
• Now under select a target to scan:
  Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  
  • Now click on the Save as Text button:
• Save the file to your desktop.
• Copy and paste that information in your next post.

And please tell me how your computer is running now.

Regards,
Egwene.

Egwene,

The computer seems to be running fine. However, I ran the kapersky online scanner and it found threats.
Here's the log:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, September 15, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, September 15, 2008 20:36:22
Records in database: 1237593
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\

Scan statistics:
Files scanned: 70569
Threat name: 5
Infected objects: 7
Suspicious objects: 0
Duration of the scan: 01:10:32


File name / Threat name / Threats count
C:\Documents and Settings\Me\Escritorio\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Documents and Settings\Me\Escritorio\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Documents and Settings\Me\Mis documentos\Mi música\the pixies\Pixies - Surfer Rosa - All over the world.mp3 Infected: Trojan-Downloader.WMA.Wimad.n 1
C:\_OTMoveIt\MovedFiles\09152008_131326\Documents and Settings\All Users\Datos de programa\bojyjink\nelqxijs.exe Infected: Trojan.Win32.Obfuscated.gx 1
C:\_OTMoveIt\MovedFiles\09152008_131326\Documents and Settings\Me\CONFIG~1\Temp\c.exe Infected: Trojan.Win32.FraudPack.jw 1
C:\_OTMoveIt\MovedFiles\09152008_131326\WINDOWS\system32\filohchg.exe Infected: Trojan.Win32.Obfuscated.gx 1
C:\_OTMoveIt\MovedFiles\09152008_151637\WINDOWS\system32\lphca55j0e7aa.exe Infected: Backdoor.Win32.Frauder.fk 1

The selected area was scanned.

Hello gcvela,

Please download the OTMoveIt2 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  [kill explorer]
  C:\Documents and Settings\Me\Mis documentos\Mi música\the pixies\Pixies - Surfer Rosa - All over the world.mp3
  purity
  emptytemp
  [start explorer]
  
  
• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

---

Congralutations, your log looks clean

1) Run OTcleanIT :

Please Download OTcleanIT (OldTimer) : http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe

Open it and double-click on the "CleanUp" boutton.

2) Flush your system restore :

Now lets Reset and Re-enable your System Restore to remove any infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected, but that's good news).

Turn OFF System Restore.

* On the Desktop, right-click My Computer.
* Click Properties.
* Click the System Restore tab.
* Check Turn off System Restore.
* Click Apply, and then click OK.


Restart your computer.

Turn ON System Restore.

* On the Desktop, right-click My Computer.
* Click Properties.
* Click the System Restore tab.
* UN-Check Turn off System Restore.
* Click Apply, and then click OK.

System Restore will now be active again.

3) Update windows :

Another essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vunerable. It is best if you have these set to download automatically.

Automatic Updates for Windows

* Click Start.
* Select Settings and then Control Panel.
* Select Automatic Updates.
* Click Automatic (recommended)
* Choose a day and a time when you know the computer will be on and connected to the internet.
* Click Apply then OK.

4) Prevention/protection :

The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

• If you haven't a firewall on your computer, I advice you to install one of the following : Kerio / Commodo / ZoneAlarme.
  
• Spybot Search & Destroy - Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.
  
• AdAware - Another very powerful tool which searches and kills nasties that infect your system. AdAware and Spybot Search & Destroy compliment each other very well.
  
• SpywareBlaster - Great prevention tool to keep nasties from installing on your system.
  
• SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.
  
• IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
  
• ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  
• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• Google Toolbar - Free google toolbar that allows you to use the powerful Google search engine from the bar, but also blocks pop up windows.
  
• Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
  
• To reduce re-infection for malware in the future, I strongly recommend installing these free programs:
  
• SpywareBlaster protects against bad ActiveX.
  
• IE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all
  Have a look at this tutorial for IE-Spyad here
  
  Make Internet Explorer more secure
  
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
  
  
• MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.
  
  
• Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
  secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
  blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
  Here

Take a good look at the following suggestions for malware prevention by reading Tony Klein’s article 'How Did I Get Infected In The First Place'
Here

Thank you for your patience, and performing all of the procedures requested.

Regards,
Egwene.

Hi Egwene,

Thanks so much for the help. I followed the instructions you gave me and the computer's running smoothly.
I know how it got the virus since I downloaded an infected file, but nonetheless your recommendations are really handy!
There's just something that keeps bugging me. While I was doing what you asked me to, an alert window from the Avira Antivirus popped up saying there was an infected file still here.
I haven't had that problem since I rebooted the PC and finished following your instructions, but just to be certain I'll post the RSIT log so you can take a look.

Again, thanks so much!!

Logfile of random's system information tool 1.01 (written by random/random)
Run by Me at 2008-09-16 09:49:28
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 38 GB (50%) free of 76 GB
Total RAM: 1022 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:49:31 a.m., on 16/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe
C:\Archivos de programa\iTunes\iTunesHelper.exe
C:\Archivos de programa\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\ISUSPM.exe
C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe
C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Archivos de programa\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Documents and Settings\Me\Escritorio\RSIT.exe
C:\Archivos de programa\Trend Micro\HijackThis\Me.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Archivos de programa\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARCHIV~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RemoteControl] "C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Archivos de programa\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Archivos de programa\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Archivos de programa\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Archivos de programa\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [ISUSPM] "C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Archivos de programa\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Archivos de programa\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: Adición a la lista de impresión de Easy-WebPrint - res://C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Impresión a alta velocidad de Easy-WebPrint - res://C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Impresión de Easy-WebPrint - res://C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Vista previa de Easy-WebPrint - res://C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Archivos de programa\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARCHIV~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Archivos de programa\Bonjour\mDNSResponder.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe

--
End of file - 10677 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Archivos de programa\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\ARCHIV~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Archivos de programa\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-01 339968]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-05-04 14396416]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"avgnt"=C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-02-12 262401]
"RemoteControl"=C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208]
"LanguageShortcut"=C:\Archivos de programa\CyberLink\PowerDVD\Language\Language.exe [2006-05-18 49152]
"QuickTime Task"=C:\Archivos de programa\QuickTime\qttask.exe [2008-05-27 413696]
"AppleSyncNotifier"=C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]
"iTunesHelper"=C:\Archivos de programa\iTunes\iTunesHelper.exe [2008-07-10 289064]
"Acrobat Assistant 7.0"=C:\Archivos de programa\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2008-04-23 483328]
""=C:\WINDOWS\system32\
"Easy-PrintToolBox"=C:\Archivos de programa\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-13 409600]
"ISUSPM"=C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"SunJavaUpdateSched"=C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"GrooveMonitor"=C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"CloneCDTray"=C:\Archivos de programa\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]

C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe

C:\Documents and Settings\Me\Menú Inicio\Programas\Inicio
Yahoo! Widgets.lnk - C:\Archivos de programa\Yahoo!\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Archivos de programa\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\ARCHIV~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispScrSavPage"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Archivos de programa\MSN Messenger\msnmsgr.exe"="C:\Archivos de programa\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Archivos de programa\MSN Messenger\livecall.exe"="C:\Archivos de programa\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Archivos de programa\Bonjour\mDNSResponder.exe"="C:\Archivos de programa\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Archivos de programa\iTunes\iTunes.exe"="C:\Archivos de programa\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Archivos de programa\TVUPlayer\TVUPlayer.exe"="C:\Archivos de programa\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\Archivos de programa\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Archivos de programa\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Archivos de programa\Microsoft Office\Office12\GROOVE.EXE"="C:\Archivos de programa\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Archivos de programa\Microsoft Office\Office12\ONENOTE.EXE"="C:\Archivos de programa\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Games\Colin McRae Rally 2.0\CMR2.exe"="C:\Games\Colin McRae Rally 2.0\CMR2.exe:*:Disabled:Colin McRae Rally 2"
"C:\Archivos de programa\Internet Explorer\iexplore.exe"="C:\Archivos de programa\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Archivos de programa\MSN Messenger\msnmsgr.exe"="C:\Archivos de programa\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Archivos de programa\MSN Messenger\livecall.exe"="C:\Archivos de programa\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

List of files/folders created in the last three months

2008-09-16 00:09:52 ----D---- C:\Archivos de programa\Cupid Info Systems
2008-09-15 15:20:49 ----D---- C:\Documents and Settings\Me\Datos de programa\Malwarebytes
2008-09-15 15:20:46 ----D---- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
2008-09-15 15:20:46 ----D---- C:\Archivos de programa\Malwarebytes' Anti-Malware
2008-09-15 14:08:20 ----A---- C:\WINDOWS\system32\tmp.txt
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\Process.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-09-15 14:03:59 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-15 08:52:25 ----D---- C:\rsit
2008-09-15 01:36:46 ----D---- C:\Archivos de programa\Trend Micro
2008-09-15 00:59:43 ----A---- C:\WINDOWS\ntbtlog.txt
2008-09-15 00:50:07 ----A---- C:\WINDOWS\NeroDigital.ini
2008-09-14 23:40:04 ----D---- C:\Archivos de programa\CD Autorun Creator
2008-09-10 13:35:51 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-10 13:35:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-08 10:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-09-08 10:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-09-08 10:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-09-07 15:45:34 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-09-07 15:45:08 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-09-07 15:44:32 ----D---- C:\Archivos de programa\Windows Media Connect 2
2008-09-07 15:44:14 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-09-07 15:43:07 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-09-07 15:42:21 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-09-07 15:14:57 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-09-07 15:14:56 ----D---- C:\Archivos de programa\Xvid
2008-09-07 15:14:56 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2008-09-07 14:36:27 ----D---- C:\Documents and Settings\Me\Datos de programa\LimeWire
2008-08-28 18:26:54 ----D---- C:\WINDOWS\system32\LogFiles
2008-08-26 12:04:42 ----SH---- C:\WINDOWS\S5E521382.tmp
2008-08-26 12:03:03 ----D---- C:\Archivos de programa\SlySoft
2008-08-24 22:20:48 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2008-08-18 23:56:42 ----D---- C:\Archivos de programa\AutoCAD 2009
2008-08-18 23:56:42 ----D---- C:\Archivos de programa\Archivos comunes\Autodesk Shared
2008-08-18 23:37:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-08-18 23:32:38 ----D---- C:\WINDOWS\system32\XPSViewer
2008-08-18 23:32:36 ----D---- C:\WINDOWS\system32\en-us
2008-08-18 23:32:05 ----D---- C:\Archivos de programa\Reference Assemblies
2008-08-18 23:31:39 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-08-18 23:09:53 ----A---- C:\WINDOWS\system32\msonpmon.dll
2008-08-18 23:07:31 ----D---- C:\Archivos de programa\Microsoft Works
2008-08-18 23:07:15 ----D---- C:\Archivos de programa\MSBuild
2008-08-18 23:06:43 ----D---- C:\Archivos de programa\Microsoft Visual Studio
2008-08-18 23:05:48 ----D---- C:\Archivos de programa\Microsoft.NET
2008-08-18 23:01:37 ----D---- C:\Archivos de programa\Microsoft Visual Studio 8
2008-08-18 23:00:40 ----D---- C:\Documents and Settings\All Users\Datos de programa\Microsoft Help
2008-08-17 16:03:28 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-08-17 16:03:27 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-08-15 14:33:10 ----D---- C:\Documents and Settings\Me\Datos de programa\CyberLink
2008-08-14 08:36:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-14 08:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-14 08:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-14 08:36:45 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-14 08:36:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-14 08:36:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-14 08:36:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-13 14:09:52 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-08-10 23:23:25 ----D---- C:\Archivos de programa\Microsoft Silverlight
2008-07-30 21:35:55 ----HD---- C:\WINDOWS\PIF
2008-07-30 21:35:34 ----D---- C:\Documents and Settings\Me\Datos de programa\Windows Search
2008-07-30 20:59:50 ----D---- C:\Documents and Settings\Me\Datos de programa\Windows Desktop Search
2008-07-30 20:59:25 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-07-30 20:59:25 ----D---- C:\Archivos de programa\Windows Desktop Search
2008-07-30 20:59:12 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2008-07-30 20:59:06 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2008-07-30 18:45:10 ----A---- C:\WINDOWS\SCIENCE.ini
2008-07-30 18:45:09 ----RA---- C:\WINDOWS\MPLAYER.EXE
2008-07-30 18:45:09 ----RA---- C:\WINDOWS\MCIOLE.DLL
2008-07-29 17:26:45 ----A---- C:\WINDOWS\system32\pscVSWIA.dll
2008-07-29 17:26:45 ----A---- C:\WINDOWS\system32\pscUD113.dll
2008-07-29 17:26:45 ----A---- C:\WINDOWS\system32\pscND113.exe
2008-07-29 17:26:45 ----A---- C:\WINDOWS\system32\PSCLU113.dll
2008-07-29 17:26:18 ----A---- C:\WINDOWS\OPPRIN~1.INI
2008-07-29 17:26:06 ----A---- C:\WINDOWS\system32\opapi11.dll
2008-07-29 15:14:56 ----D---- C:\Documents and Settings\Me\Datos de programa\DivX
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxsfs.dll
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2008-07-28 16:02:48 ----N---- C:\WINDOWS\system32\pxafs.dll
2008-07-28 16:02:47 ----N---- C:\WINDOWS\system32\px.dll
2008-07-28 16:02:40 ----D---- C:\Archivos de programa\DivX
2008-07-27 22:04:44 ----D---- C:\WINDOWS\Sun
2008-07-27 22:04:44 ----D---- C:\Documents and Settings\Me\Datos de programa\Sun
2008-07-27 22:03:55 ----A---- C:\WINDOWS\system32\javaws.exe
2008-07-27 22:03:55 ----A---- C:\WINDOWS\system32\javaw.exe
2008-07-27 22:03:55 ----A---- C:\WINDOWS\system32\java.exe
2008-07-27 22:03:28 ----D---- C:\Archivos de programa\Java
2008-07-27 22:00:43 ----D---- C:\Archivos de programa\Archivos comunes\Java
2008-07-27 19:47:59 ----D---- C:\Games
2008-07-27 18:57:55 ----A---- C:\WINDOWS\system32\lfpng13n.dll
2008-07-27 18:57:54 ----A---- C:\WINDOWS\system32\lfgif13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\ltkrn13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\ltimg13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\ltfil13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\ltefx13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\ltdis13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\lfcmp13n.dll
2008-07-27 18:57:53 ----A---- C:\WINDOWS\system32\lfbmp13n.dll
2008-07-27 18:19:34 ----D---- C:\Documents and Settings\All Users\Datos de programa\InstallShield
2008-07-27 18:19:31 ----D---- C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021
2008-07-27 18:19:28 ----A---- C:\WINDOWS\minitab.ini
2008-07-27 18:19:12 ----D---- C:\Archivos de programa\Minitab 15
2008-07-27 18:07:41 ----D---- C:\Archivos de programa\Lingo
2008-07-27 18:00:14 ----D---- C:\Documents and Settings\All Users\Datos de programa\TVU Networks
2008-07-27 17:58:55 ----D---- C:\Documents and Settings\Me\Datos de programa\TVU Networks
2008-07-27 17:58:48 ----D---- C:\Archivos de programa\TVUPlayer
2008-07-27 17:01:51 ----D---- C:\Archivos de programa\Yahoo!
2008-07-27 16:37:37 ----D---- C:\Documents and Settings\All Users\Datos de programa\Lavasoft
2008-07-27 16:37:37 ----D---- C:\Archivos de programa\Lavasoft
2008-07-27 16:37:07 ----D---- C:\Archivos de programa\Archivos comunes\Wise Installation Wizard
2008-07-27 16:00:28 ----D---- C:\Documents and Settings\All Users\Datos de programa\Messenger Plus!
2008-07-27 16:00:12 ----D---- C:\Archivos de programa\Windows Live
2008-07-27 14:49:58 ----D---- C:\Documents and Settings\All Users\Datos de programa\WinZip
2008-07-27 14:49:55 ----D---- C:\Archivos de programa\WinZip
2008-07-27 14:40:04 ----D---- C:\Archivos de programa\Messenger Plus! Live
2008-07-26 23:24:53 ----D---- C:\WINDOWS\ie7updates
2008-07-26 12:09:32 ----D---- C:\Documents and Settings\Me\Datos de programa\Autodesk
2008-07-26 12:09:32 ----D---- C:\Documents and Settings\All Users\Datos de programa\Autodesk
2008-07-26 12:09:31 ----D---- C:\Archivos de programa\AutoCAD 2007
2008-07-26 12:06:46 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-07-26 11:56:52 ----A---- C:\WINDOWS\ODBC.INI
2008-07-26 11:56:48 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-07-26 11:56:16 ----D---- C:\Archivos de programa\Archivos comunes\DESIGNER
2008-07-26 11:56:04 ----D---- C:\WINDOWS\SHELLNEW
2008-07-26 11:56:02 ----D---- C:\Archivos de programa\Microsoft Office
2008-07-26 11:53:33 ----RHD---- C:\MSOCache
2008-07-26 11:39:20 ----A---- C:\WINDOWS\BJPSUNST.EXE
2008-07-26 11:38:48 ----A---- C:\WINDOWS\IsUn040a.exe
2008-07-26 11:38:24 ----HD---- C:\Documents and Settings\All Users\Datos de programa\CanonBJ
2008-07-26 11:38:14 ----A---- C:\WINDOWS\system32\CNMLM7X.DLL
2008-07-26 11:38:11 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-07-26 11:38:06 ----HD---- C:\Archivos de programa\CanonBJ
2008-07-26 11:37:15 ----D---- C:\Archivos de programa\Canon
2008-07-26 11:21:58 ----D---- C:\Documents and Settings\Me\Datos de programa\AdobeUM
2008-07-26 11:20:34 ----D---- C:\Documents and Settings\All Users\Datos de programa\Adobe Systems
2008-07-26 11:20:17 ----D---- C:\Archivos de programa\Archivos comunes\Adobe Systems Shared
2008-07-26 11:19:39 ----D---- C:\Archivos de programa\Archivos comunes\Adobe
2008-07-26 11:19:05 ----D---- C:\Documents and Settings\All Users\Datos de programa\Adobe
2008-07-26 11:15:40 ----D---- C:\Documents and Settings\Me\Datos de programa\Google
2008-07-26 11:15:40 ----D---- C:\Archivos de programa\Google
2008-07-26 11:09:31 ----D---- C:\Archivos de programa\iPod
2008-07-26 11:09:28 ----D---- C:\Archivos de programa\iTunes
2008-07-26 11:07:30 ----D---- C:\Documents and Settings\Me\Datos de programa\Macromedia
2008-07-26 10:53:56 ----D---- C:\Archivos de programa\QuickTime
2008-07-26 10:53:55 ----D---- C:\Documents and Settings\All Users\Datos de programa\Apple Computer
2008-07-26 10:53:30 ----D---- C:\Archivos de programa\Archivos comunes\Apple
2008-07-26 10:49:45 ----D---- C:\Documents and Settings\Me\Datos de programa\Apple Computer
2008-07-26 10:49:35 ----D---- C:\Archivos de programa\Safari
2008-07-26 10:49:25 ----D---- C:\Archivos de programa\Bonjour
2008-07-26 10:49:20 ----D---- C:\Documents and Settings\All Users\Datos de programa\Apple
2008-07-26 10:49:20 ----D---- C:\Archivos de programa\Apple Software Update
2008-07-26 10:40:00 ----D---- C:\Documents and Settings\All Users\Datos de programa\CyberLink
2008-07-26 10:38:49 ----N---- C:\WINDOWS\system32\msxml3a.dll
2008-07-26 10:38:02 ----D---- C:\Archivos de programa\CyberLink
2008-07-26 10:26:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-07-26 10:25:55 ----D---- C:\Archivos de programa\MSN Messenger
2008-07-26 10:20:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-07-26 10:19:13 ----D---- C:\Archivos de programa\MSXML 4.0
2008-07-26 10:12:51 ----HD---- C:\WINDOWS\msdownld.tmp
2008-07-26 10:12:41 ----D---- C:\WINDOWS\WBEM
2008-07-26 10:11:44 ----HDC---- C:\WINDOWS\ie7
2008-07-26 10:11:31 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-07-26 10:11:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-07-26 10:09:55 ----A---- C:\WINDOWS\system32\MRT.exe
2008-07-26 10:00:03 ----D---- C:\Archivos de programa\Windows Live Toolbar
2008-07-26 09:44:05 ----D---- C:\Documents and Settings\All Users\Datos de programa\Windows Genuine Advantage
2008-07-26 09:37:17 ----D---- C:\WINDOWS\Prefetch
2008-07-26 05:41:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-07-26 05:41:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-07-26 05:41:14 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2008-07-26 05:41:07 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-07-26 05:41:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-07-26 05:40:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-07-26 05:40:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-07-26 04:57:22 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-07-26 04:57:22 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-07-26 04:57:07 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-07-26 04:57:07 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\credssp.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\azroles.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-07-26 04:57:06 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-07-26 04:57:05 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-07-26 04:57:04 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-07-26 04:57:03 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\napstat.exe
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\mssha.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-07-26 04:57:02 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\qagent.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\onex.dll
2008-07-26 04:57:01 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\slserv.exe
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\slgen.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\setupn.exe
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-07-26 04:57:00 ----N---- C:\WINDOWS\system32\qutil.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-07-26 04:56:59 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-07-26 04:56:57 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-07-26 04:56:57 ----N---- C:\WINDOWS\slrundll.exe
2008-07-26 04:56:56 ----D---- C:\WINDOWS\system32\es-es
2008-07-26 04:56:55 ----D---- C:\WINDOWS\system32\es
2008-07-26 04:56:55 ----D---- C:\WINDOWS\system32\bits
2008-07-26 04:56:55 ----D---- C:\WINDOWS\l2schemas
2008-07-26 04:56:26 ----A---- C:\WINDOWS\system32\lpdsvc.dll
2008-07-26 04:55:10 ----A---- C:\WINDOWS\system32\lprmon.dll
2008-07-26 04:54:34 ----D---- C:\WINDOWS\ServicePackFiles
2008-07-26 04:52:27 ----D---- C:\WINDOWS\network diagnostic
2008-07-26 04:48:57 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-07-26 04:48:56 ----D---- C:\WINDOWS\EHome
2008-07-26 04:45:54 ----HD---- C:\9c0f5e184b30594cade6359ee1
2008-07-26 04:01:22 ----D---- C:\Documents and Settings\Me\Datos de programa\Adobe
2008-07-26 03:59:34 ----D---- C:\Archivos de programa\Adobe
2008-07-26 03:49:40 ----D---- C:\WINDOWS\system32\PreInstall
2008-07-26 03:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-07-26 03:49:38 ----HD---- C:\WINDOWS\$hf_mig$
2008-07-26 03:48:13 ----A---- C:\WINDOWS\system32\wpa.bak
2008-07-26 03:45:24 ----D---- C:\Documents and Settings\All Users\Datos de programa\Avira
2008-07-26 03:45:24 ----D---- C:\Archivos de programa\Avira
2008-07-26 03:42:09 ----SHD---- C:\RECYCLER
2008-07-26 03:40:35 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2008-07-26 03:40:29 ----N---- C:\WINDOWS\system32\picn20.dll
2008-07-26 03:40:28 ----N---- C:\WINDOWS\system32\ImagXpr5.dll
2008-07-26 03:40:28 ----N---- C:\WINDOWS\system32\imagx5.dll
2008-07-26 03:40:28 ----N---- C:\WINDOWS\system32\imagr5.dll
2008-07-26 03:40:27 ----D---- C:\Archivos de programa\Archivos comunes\Ahead
2008-07-26 03:40:27 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2008-07-26 03:40:22 ----D---- C:\Archivos de programa\Ahead
2008-07-26 03:35:40 ----D---- C:\WINDOWS\system32\Lang
2008-07-26 03:32:45 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-07-26 03:32:38 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-07-26 03:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2008-07-26 03:32:32 ----A---- C:\WINDOWS\ALCMTR.EXE
2008-07-26 03:32:31 ----A---- C:\WINDOWS\ALCWZRD.EXE
2008-07-26 03:32:29 ----N---- C:\WINDOWS\system32\ChCfg.exe
2008-07-26 03:32:29 ----D---- C:\WINDOWS\system32\RTCOM
2008-07-26 03:32:29 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2008-07-26 03:32:29 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2008-07-26 03:32:29 ----A---- C:\WINDOWS\RTLCPL.EXE
2008-07-26 03:32:29 ----A---- C:\WINDOWS\RTHDCPL.EXE
2008-07-26 03:32:22 ----D---- C:\Archivos de programa\Realtek
2008-07-26 03:32:20 ----N---- C:\WINDOWS\RtlExUpd.dll
2008-07-26 03:29:37 ----D---- C:\Archivos de programa\Intel
2008-07-26 03:28:52 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-07-26 03:27:56 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-07-26 03:27:52 ----D---- C:\TempEI4
2008-07-26 03:25:42 ----D---- C:\Archivos de programa\D-Link
2008-07-26 03:24:20 ----D---- C:\Documents and Settings\Me\Datos de programa\Help
2008-07-26 03:20:51 ----RSD---- C:\WINDOWS\assembly
2008-07-26 03:20:51 ----D---- C:\WINDOWS\Microsoft.NET
2008-07-26 03:20:50 ----D---- C:\WINDOWS\system32\URTTemp
2008-07-26 03:19:53 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2008-07-26 03:19:49 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2008-07-26 03:19:36 ----D---- C:\Archivos de programa\ATI Technologies
2008-07-26 03:16:49 ----HD---- C:\Archivos de programa\InstallShield Installation Information
2008-07-26 03:16:47 ----D---- C:\Archivos de programa\802.11 Wireless LAN
2008-07-26 03:16:22 ----D---- C:\WINDOWS\Downloaded Installations
2008-07-26 03:16:21 ----D---- C:\Archivos de programa\Archivos comunes\InstallShield
2008-07-26 03:10:25 ----D---- C:\Documents and Settings\Me\Datos de programa\Identities
2008-07-26 03:10:24 ----HD---- C:\Archivos de programa\Uninstall Information
2008-07-26 03:10:18 ----ASH---- C:\Documents and Settings\Me\Datos de programa\desktop.ini
2008-07-26 03:10:17 ----SD---- C:\Documents and Settings\Me\Datos de programa\Microsoft
2008-07-26 03:06:50 ----D---- C:\WINDOWS\SoftwareDistribution
2008-07-26 03:06:49 ----SD---- C:\WINDOWS\system32\Microsoft
2008-07-26 03:06:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-07-26 03:04:13 ----D---- C:\WINDOWS\system32\xircom
2008-07-26 03:04:13 ----D---- C:\Archivos de programa\xerox
2008-07-26 03:04:13 ----D---- C:\Archivos de programa\microsoft frontpage
2008-07-26 03:04:04 ----A---- C:\WINDOWS\control.ini
2008-07-26 03:04:04 ----A---- C:\AUTOEXEC.BAT
2008-07-26 03:03:50 ----A---- C:\WINDOWS\OEWABLog.txt
2008-07-26 03:03:47 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-07-26 03:03:06 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-07-26 03:03:06 ----RD---- C:\WINDOWS\Offline Web Pages
2008-07-26 03:03:06 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-07-26 03:03:01 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-07-26 03:02:57 ----HD---- C:\Archivos de programa\WindowsUpdate
2008-07-26 03:02:53 ----D---- C:\Archivos de programa\Servicios en línea
2008-07-26 03:02:41 ----D---- C:\WINDOWS\system32\DirectX
2008-07-26 03:02:24 ----A---- C:\WINDOWS\system32\atrace.dll
2008-07-26 03:02:21 ----A---- C:\WINDOWS\system32\desktop.ini
2008-07-26 03:02:21 ----A---- C:\WINDOWS\desktop.ini
2008-07-26 03:02:15 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-07-26 03:02:14 ----A---- C:\WINDOWS\system32\acctres.dll
2008-07-26 03:02:13 ----D---- C:\Archivos de programa\Archivos comunes\Services
2008-07-26 03:02:11 ----SD---- C:\WINDOWS\Tasks
2008-07-26 03:02:11 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-07-26 03:02:10 ----D---- C:\Archivos de programa\Archivos comunes\MSSoap
2008-07-26 03:02:07 ----D---- C:\WINDOWS\srchasst
2008-07-26 03:02:06 ----D---- C:\WINDOWS\system32\Macromed
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wups.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-07-26 03:02:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-07-26 03:02:02 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-07-26 03:02:02 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-07-26 03:02:02 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-07-26 03:02:02 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-07-26 03:01:59 ----D---- C:\Archivos de programa\Movie Maker
2008-07-26 03:01:55 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-07-26 03:01:55 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-07-26 03:01:55 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-07-26 03:01:55 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-07-26 03:01:52 ----D---- C:\WINDOWS\system32\Restore
2008-07-26 03:01:52 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-07-26 03:01:52 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-07-26 03:01:52 ----A---- C:\WINDOWS\system32\srclient.dll
2008-07-26 03:01:52 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-07-26 03:01:52 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-07-26 03:01:51 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-07-26 03:01:51 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-07-26 03:01:51 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-07-26 03:01:51 ----A---- C:\WINDOWS\system32\ils.dll
2008-07-26 03:01:50 ----A---- C:\WINDOWS\system32\msconf.dll
2008-07-26 03:01:50 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-07-26 03:01:48 ----D---- C:\Archivos de programa\NetMeeting
2008-07-26 03:01:48 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-07-26 03:01:48 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-07-26 03:01:47 ----A---- C:\WINDOWS\system32\inetres.dll
2008-07-26 03:01:47 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-07-26 03:01:45 ----D---- C:\Archivos de programa\Outlook Express
2008-07-26 03:01:45 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-07-26 03:01:45 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-07-26 03:01:45 ----A---- C:\WINDOWS\system32\mstask.dll
2008-07-26 03:01:44 ----A---- C:\WINDOWS\system32\isign32.dll
2008-07-26 03:01:44 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-07-26 03:01:44 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-07-26 03:01:44 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-07-26 03:01:39 ----D---- C:\Archivos de programa\Archivos comunes\System
2008-07-26 03:01:38 ----D---- C:\Archivos de programa\Internet Explorer
2008-07-26 03:01:28 ----D---- C:\Archivos de programa\ComPlus Applications
2008-07-26 03:01:26 ----A---- C:\WINDOWS\vbaddin.ini
2008-07-26 03:01:26 ----A---- C:\WINDOWS\vb.ini
2008-07-26 03:01:22 ----D---- C:\WINDOWS\Registration
2008-07-26 03:00:56 ----D---- C:\Archivos de programa\Windows Media Player
2008-07-26 03:00:51 ----D---- C:\Archivos de programa\Messenger
2008-07-26 03:00:48 ----D---- C:\Archivos de programa\MSN Gaming Zone
2008-07-26 03:00:48 ----A---- C:\WINDOWS\system32\write.exe
2008-07-26 03:00:40 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-07-26 03:00:40 ----A---- C:\WINDOWS\system32\hticons.dll
2008-07-26 03:00:40 ----A---- C:\WINDOWS\system32\avwav.dll
2008-07-26 03:00:40 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-07-26 03:00:40 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-07-26 03:00:39 ----A---- C:\WINDOWS\system32\winchat.exe
2008-07-26 03:00:35 ----D---- C:\WINDOWS\Cursores
2008-07-26 03:00:34 ----A---- C:\WINDOWS\system32\getuname.dll
2008-07-26 03:00:34 ----A---- C:\WINDOWS\system32\charmap.exe
2008-07-26 03:00:33 ----A---- C:\WINDOWS\system32\winmine.exe
2008-07-26 03:00:33 ----A---- C:\WINDOWS\system32\sol.exe
2008-07-26 03:00:33 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-07-26 03:00:33 ----A---- C:\WINDOWS\system32\freecell.exe
2008-07-26 03:00:33 ----A---- C:\WINDOWS\system32\calc.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\tskill.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\tscon.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\shadow.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\reset.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\regini.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\msg.exe
2008-07-26 03:00:32 ----A---- C:\WINDOWS\system32\logoff.exe
2008-07-26 03:00:31 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-07-26 03:00:31 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-07-26 03:00:31 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\stclient.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-07-26 03:00:30 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-07-26 03:00:26 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-07-26 03:00:17 ----D---- C:\Archivos de programa\MSN
2008-07-26 03:00:16 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-07-26 03:00:16 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-07-26 03:00:16 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-07-26 03:00:16 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-07-26 03:00:15 ----D---- C:\Archivos de programa\Windows NT
2008-07-26 03:00:15 ----A---- C:\WINDOWS\system32\spider.exe
2008-07-26 03:00:15 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-07-26 03:00:15 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-07-26 03:00:14 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-07-26 03:00:13 ----D---- C:\WINDOWS\system32\MsDtc
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-07-26 03:00:13 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-07-26 03:00:12 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-07-26 03:00:11 ----D---- C:\WINDOWS\system32\Com
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\colbact.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-07-26 03:00:11 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-07-26 03:00:10 ----A---- C:\WINDOWS\system32\comuid.dll
2008-07-26 03:00:10 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-07-26 03:00:10 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-07-26 03:00:05 ----A--

Here's the rest of the log:

2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-07-26 03:00:05 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-07-25 21:50:47 ----SH---- C:\boot.ini
2008-07-25 21:45:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-07-25 21:45:22 ----RSD---- C:\WINDOWS\Fonts
2008-07-25 21:45:22 ----RD---- C:\WINDOWS\Web
2008-07-25 21:45:22 ----HD---- C:\WINDOWS\inf
2008-07-25 21:45:22 ----D---- C:\WINDOWS\WinSxS
2008-07-25 21:45:22 ----D---- C:\WINDOWS\twain_32
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Temp
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\wins
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\wbem
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\usmt
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\spool
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\ShellExt
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\Setup
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\ras
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\oobe
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\npp
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\mui
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\inetsrv
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\IME
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\icsxml
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\ias
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\export
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\drivers
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\dhcp
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\config
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\3com_dmi
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\3082
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\3076
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\2052
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1054
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1042
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1041
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1037
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1033
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1031
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1028
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32\1025
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system32
2008-07-25 21:45:22 ----D---- C:\WINDOWS\system
2008-07-25 21:45:22 ----D---- C:\WINDOWS\security
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Resources
2008-07-25 21:45:22 ----D---- C:\WINDOWS\repair
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Provisioning
2008-07-25 21:45:22 ----D---- C:\WINDOWS\PeerNet
2008-07-25 21:45:22 ----D---- C:\WINDOWS\pchealth
2008-07-25 21:45:22 ----D---- C:\WINDOWS\mui
2008-07-25 21:45:22 ----D---- C:\WINDOWS\msapps
2008-07-25 21:45:22 ----D---- C:\WINDOWS\msagent
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Media
2008-07-25 21:45:22 ----D---- C:\WINDOWS\java
2008-07-25 21:45:22 ----D---- C:\WINDOWS\ime
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Help
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Driver Cache
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Debug
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Cursors
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Connection Wizard
2008-07-25 21:45:22 ----D---- C:\WINDOWS\Config
2008-07-25 21:45:22 ----D---- C:\WINDOWS\AppPatch
2008-07-25 21:45:22 ----D---- C:\WINDOWS\addins
2008-07-25 21:45:22 ----D---- C:\WINDOWS
2008-07-25 20:58:59 ----A---- C:\WINDOWS\system32\h323log.txt
2008-07-25 20:53:54 ----A---- C:\WINDOWS\system32\usbui.dll
2008-07-25 20:52:56 ----A---- C:\WINDOWS\imsins.BAK
2008-07-25 20:52:54 ----SHD---- C:\WINDOWS\Installer
2008-07-25 20:52:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-07-25 20:52:53 ----D---- C:\Archivos de programa\Archivos comunes\ODBC
2008-07-25 20:52:53 ----A---- C:\WINDOWS\ODBCINST.INI
2008-07-25 20:52:51 ----D---- C:\Archivos de programa\Archivos comunes\SpeechEngines
2008-07-25 20:52:50 ----D---- C:\Archivos de programa\Archivos comunes\Microsoft Shared
2008-07-25 20:52:50 ----D---- C:\Archivos de programa\Archivos comunes
2008-07-25 20:52:50 ----D---- C:\Archivos de programa
2008-07-25 20:52:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-07-25 20:52:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-07-25 20:52:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-07-25 20:52:46 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-07-25 20:52:44 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-07-25 20:52:43 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-07-25 20:52:43 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-07-25 20:52:43 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-07-25 20:52:43 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-07-25 20:52:43 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-07-25 20:52:42 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-07-25 20:52:42 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-07-25 20:52:41 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-07-25 20:52:39 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-07-25 20:52:39 ----A---- C:\WINDOWS\system32\irclass.dll
2008-07-25 20:52:39 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-07-25 20:52:39 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-07-25 20:52:39 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-07-25 20:52:37 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-07-25 20:52:37 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-07-25 20:52:37 ----A---- C:\WINDOWS\system32\batt.dll
2008-07-25 20:52:37 ----A---- C:\WINDOWS\notepad.exe
2008-07-25 20:52:36 ----A---- C:\WINDOWS\system32\storprop.dll
2008-07-25 20:52:29----ASH----C:\Documents and Settings\All Users\Datos de programa\desktop.ini
2008-07-25 20:52:26 ----RA---- C:\WINDOWS\SET8.tmp
2008-07-25 20:52:24 ----RA---- C:\WINDOWS\SET4.tmp
2008-07-25 20:52:22 ----RA---- C:\WINDOWS\SET3.tmp
2008-07-25 20:51:57 ----D---- C:\WINDOWS\system32\CatRoot2
2008-07-25 20:51:57 ----D---- C:\WINDOWS\system32\CatRoot
2008-07-25 20:51:52 ----SD---- C:\Documents and Settings\All Users\Datos de programa\Microsoft
2008-07-25 20:51:34 ----A---- C:\WINDOWS\setuplog.txt
2008-07-25 20:51:31 ----SHD---- C:\System Volume Information
2008-07-25 20:51:31 ----D---- C:\Documents and Settings
2008-06-18 12:52:28 ----A---- C:\WINDOWS\system32\DivXCodecVersionChecker.exe

List of drivers

R1 avgio;avgio; \??\C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-03-04 79424]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 intelppm;Controlador de procesador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]
R3 avgntflt;avgntflt; \??\C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-15 34760]
R3 FETNDISB;D-Link PCI Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\dlkfet5b.sys [2007-05-16 43008]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Controlador de bus de Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Controlador de clases HID de Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-05-04 2951680]
R3 mouhid;Controlador HID de mouse; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-20 12416]
R3 SMBios;Intel ® System Management BIOS Service; C:\WINDOWS\system32\DRIVERS\SMBios.sys [2004-06-06 36484]
R3 usbehci;Controlador minipuerto de la controladora mejorada USB 2.0 de Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Concentrador habilitado USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Controlador minipuerto de la controladora de host universal USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 usbprint;Clase de impresora USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Controlador de escáner USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

List of services

R2 aawservice;Lavasoft Ad-Aware Service; C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe [2008-07-27 611664]
R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler; C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-03-07 68865]
R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Archivos de programa\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-03-26 147201]
R2 Apple Mobile Device;Apple Mobile Device; C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-10 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504]
R2 Bonjour Service;Servicio Bonjour; C:\Archivos de programa\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;Servicio del iPod; C:\Archivos de programa\iPod\bin\iPodService.exe [2008-07-10 532264]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-02-01 516096]
S3 Adobe LM Service;Adobe LM Service; C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-07-26 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe [2008-08-19 82584]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 LPDSVC;Servidor de impresión TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-20 19456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Archivos de programa\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Servicio Lector del diario USN de Carpetas para compartir de Messenger; C:\Archivos de programa\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Servicio de uso compartido de red del Reproductor de Windows Media; C:\Archivos de programa\Windows Media Player\WMPNetwk.exe [2006-11-03 916480]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

Hello gcvela,

Your log looks clean



Give me the full path of this file, please, to be sure.

Regards,
Egwene.

Here it is:

Virus or unwanted program 'DR/Tool.Reboot.F.154 [dropper]'
detected in file 'C:\Documents and Settings\Me\Escritorio\SmitfraudFix.exe.
Action performed: Deny access

Egwene,

I just noticed that the file is no longer on my computer.
Sorry for the trouble.

I think the computer's clean after all.

Thank you very much! And best of luck in your training!

Regards,
gcvela