[code] OTScanIt logfile created on: 29/04/2008 23:36:33 OTScanIt by OldTimer - Version 1.0.11.9 Folder = C:\Documents and Settings\Kings\Escritorio\OTScanIt Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 75,23% Memory free 3,85 Gb Paging File | 3,42 Gb Available in Paging File | 89,02% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa Drive C: | 24,41 Gb Total Space | 13,67 Gb Free Space | 56,00% Space Free | Partition Type: NTFS Drive D: | 28,26 Gb Total Space | 18,26 Gb Free Space | 64,63% Space Free | Partition Type: NTFS Drive E: | 55,89 Gb Total Space | 24,84 Gb Free Space | 44,45% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JORGEREYES Current User Name: Kings Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4183 | Size = 495616 bytes | Modified Date = 05/12/2007 3:53:58 | Attr = ] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4183 | Size = 495616 bytes | Modified Date = 05/12/2007 3:53:58 | Attr = ] lvprcsrv.exe -> %CommonProgramFiles%\LogiShrd\LVMVFM\LVPrcSrv.exe -> Logitech Inc. [Ver = 10.5.0.1094 | Size = 109344 bytes | Modified Date = 22/12/2006 12:33:10 | Attr = ] aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.2.0.26 | Size = 194240 bytes | Modified Date = 31/10/2006 10:32:09 | Attr = ] ramaint.exe -> %ProgramFiles%\LogMeIn\x86\ramaint.exe -> LogMeIn, Inc. [Ver = 4.0.680 | Size = 116032 bytes | Modified Date = 15/11/2007 18:46:14 | Attr = ] logmein.exe -> %ProgramFiles%\LogMeIn\x86\LogMeIn.exe -> LogMeIn, Inc. [Ver = 3.0.596 | Size = 63040 bytes | Modified Date = 03/08/2007 15:09:34 | Attr = ] vprosvc.exe -> %ProgramFiles%\Norton Ghost\Agent\VProSvc.exe -> Symantec Corporation [Ver = 12.0.0.18971 | Size = 2578024 bytes | Modified Date = 23/01/2007 19:35:50 | Attr = ] dkvujyra.exe -> %AllUsersProfile%\Datos de programa\zqpulkfs\dkvujyra.exe -> [Ver = | Size = 43008 bytes | Modified Date = 29/04/2008 23:13:38 | Attr = ] cthelper.exe -> %SystemRoot%\system32\CTHELPER.EXE -> Creative Technology Ltd [Ver = 1, 0, 0, 2 | Size = 24576 bytes | Modified Date = 02/07/2002 17:56:00 | Attr = ] mom.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\MOM.exe -> Advanced Micro Devices Inc. [Ver = 2.0.0.0 | Size = 49152 bytes | Modified Date = 17/07/2007 11:13:56 | Attr = ] logmeinsystray.exe -> %ProgramFiles%\LogMeIn\x86\LogMeInSystray.exe -> LogMeIn, Inc. [Ver = 3.0.596 | Size = 63048 bytes | Modified Date = 03/08/2007 15:09:34 | Attr = ] rswhjxw.exe -> %SystemRoot%\system32\rswhjxw.exe -> [Ver = | Size = 221532 bytes | Modified Date = 13/06/2007 14:22:28 | Attr = RHS] msprint.exe -> %UserProfile%\Configuración local\Temp\msprint.exe -> [Ver = | Size = 42496 bytes | Modified Date = 29/04/2008 23:13:35 | Attr = ] zmvqhkde.exe -> %SystemRoot%\system32\zmvqhkde.exe -> [Ver = | Size = 102400 bytes | Modified Date = 29/04/2008 23:13:37 | Attr = ] ccc.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\CCC.exe -> ATI Technologies Inc. [Ver = 2.0.0.0 | Size = 49152 bytes | Modified Date = 17/07/2007 11:13:34 | Attr = ] daemoncfg.exe -> %ProgramFiles%\OpenSTA\Server\DaemonCFG.exe -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 77824 bytes | Modified Date = 30/08/2007 0:37:02 | Attr = ] omnina~1.exe -> %ProgramFiles%\OpenSTA\Server\OmniOrb\omniNames.exe -> [Ver = | Size = 61440 bytes | Modified Date = 12/06/2007 23:54:38 | Attr = ] archmgrdmn.exe -> %ProgramFiles%\OpenSTA\Server\ArchMgrDmn.exe -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 69632 bytes | Modified Date = 01/09/2007 1:51:10 | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.14: 2008040413 | Size = 7660656 bytes | Modified Date = 07/04/2008 8:49:38 | Attr = ] spybotsd.exe -> %ProgramFiles%\Spybot - Search & Destroy\SpybotSD.exe -> Safer Networking Limited [Ver = 1, 5, 2, 20 | Size = 5146448 bytes | Modified Date = 28/01/2008 11:43:36 | Attr = RHS] otscanit.exe -> %UserProfile%\Escritorio\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.11.9 | Size = 371712 bytes | Modified Date = 29/04/2008 23:17:16 | Attr = ] [Win32 Services - Non-Microsoft Only] (Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.65.010 | Size = 69632 bytes | Modified Date = 25/12/2007 20:48:17 | Attr = ] (AresChatServer) Ares Chatroom server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Ares\chatServer.exe -> Ares Development Group [Ver = 2.0.7.3029 | Size = 263168 bytes | Modified Date = 20/03/2007 2:19:14 | Attr = ] (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4183 | Size = 495616 bytes | Modified Date = 05/12/2007 3:53:58 | Attr = ] (ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ati2sgag.exe -> [Ver = 5.13.0027 | Size = 593920 bytes | Modified Date = 05/12/2007 14:17:00 | Attr = ] (Autodesk Licensing Service) Autodesk Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Autodesk Shared\Service\AdskScSrv.exe -> Autodesk [Ver = 2.80.011 | Size = 85096 bytes | Modified Date = 07/03/2008 14:08:27 | Attr = ] (Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.2.0.26 | Size = 194240 bytes | Modified Date = 31/10/2006 10:32:09 | Attr = ] (dmadmin) Servicio del administrador de discos lógicos [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., VERITAS Software [Ver = 2600.2180.503.0 | Size = 225792 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 04/01/2007 2:40:21 | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.50.42618 | Size = 69632 bytes | Modified Date = 14/11/2005 1:06:04 | Attr = ] (LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_2.EXE -> Symantec Corporation [Ver = 3.2.0.26 | Size = 2541248 bytes | Modified Date = 31/10/2006 10:32:09 | Attr = ] (LMIMaint) LogMeIn Maintenance Service [Win32_Own | Auto | Running] -> %ProgramFiles%\LogMeIn\x86\ramaint.exe -> LogMeIn, Inc. [Ver = 4.0.680 | Size = 116032 bytes | Modified Date = 15/11/2007 18:46:14 | Attr = ] (LogMeIn) LogMeIn [Win32_Own | Auto | Running] -> %ProgramFiles%\LogMeIn\x86\LogMeIn.exe -> LogMeIn, Inc. [Ver = 3.0.596 | Size = 63040 bytes | Modified Date = 03/08/2007 15:09:34 | Attr = ] (LVPrcSrv) Process Monitor [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LogiShrd\LVMVFM\LVPrcSrv.exe -> Logitech Inc. [Ver = 10.5.0.1094 | Size = 109344 bytes | Modified Date = 22/12/2006 12:33:10 | Attr = ] (LVSrvLauncher) LVSrvLauncher [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\LogiShrd\SrvLnch\SrvLnch.exe -> Logitech Inc. [Ver = 10.5.0.1094 | Size = 105248 bytes | Modified Date = 22/12/2006 12:34:52 | Attr = ] (Norton Ghost) Norton Ghost [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Ghost\Agent\VProSvc.exe -> Symantec Corporation [Ver = 12.0.0.18971 | Size = 2578024 bytes | Modified Date = 23/01/2007 19:35:50 | Attr = ] (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\HPZipm12.exe -> HP [Ver = 6, 0, 0, 0 | Size = 65795 bytes | Modified Date = 09/03/2003 21:31:02 | Attr = ] [Driver Services - Non-Microsoft Only] (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6755 | Size = 2782208 bytes | Modified Date = 05/12/2007 6:26:40 | Attr = ] (Cdr4_xp) Cdr4_xp [Kernel | System | Running] -> %SystemRoot%\system32\drivers\cdr4_xp.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2432 bytes | Modified Date = 05/10/2006 3:42:42 | Attr = ] (Cdralw2k) Cdralw2k [Kernel | System | Running] -> %SystemRoot%\system32\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2560 bytes | Modified Date = 05/10/2006 3:42:42 | Attr = ] (cdudf_xp) cdudf_xp [File_System | System | Running] -> %SystemRoot%\system32\drivers\Cdudf_xp.sys -> Roxio [Ver = 6.0.0.171 built by: WinDDK | Size = 249344 bytes | Modified Date = 13/01/2003 10:19:26 | Attr = ] (ctac32k) Creative AC3 Software Decoder [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctac32k.sys -> Creative Technology Ltd [Ver = 5.12.01.0245-1.31.0050 | Size = 127948 bytes | Modified Date = 19/07/2002 10:46:28 | Attr = ] (ctaud2k) Creative Audio Driver (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctaud2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0252-1.31.0120 | Size = 837548 bytes | Modified Date = 19/07/2002 10:47:52 | Attr = ] (ctljystk) Puerto de juegos de Creative SB Live! [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ctljystk.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3712 bytes | Modified Date = 17/08/2001 20:19:20 | Attr = ] (ctprxy2k) Creative Proxy Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctprxy2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 11068 bytes | Modified Date = 19/07/2002 10:48:08 | Attr = ] (ctsfm2k) Creative SoundFont Management Device Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctsfm2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0140-0.75.1490 (beta-release) | Size = 213860 bytes | Modified Date = 19/07/2002 10:48:22 | Attr = ] (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800256 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] (dmio) Controlador del administrador de discos lógicos [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 154240 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] (dmload) dmload [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] (dvd_2K) dvd_2K [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Dvd_2k.sys -> Roxio [Ver = 6.0.0.171 | Size = 21654 bytes | Modified Date = 13/01/2003 10:19:26 | Attr = ] (emu10k) Creative SB Live! (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\emu10k1m.sys -> Creative Technology Ltd. [Ver = 5.12.01.3300 built by: WinDDK | Size = 283904 bytes | Modified Date = 17/08/2001 20:19:26 | Attr = ] (emu10k1) Controlador del administrador Creative Interface (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ctlfacem.sys -> Creative Technology Ltd. [Ver = 5.12.01.2108 built by: WinDDK | Size = 6912 bytes | Modified Date = 17/08/2001 20:19:28 | Attr = ] (emupia) E-mu Plug-in Architecture Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\emupia2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 156604 bytes | Modified Date = 19/07/2002 10:48:32 | Attr = ] (fnetusb) fnetusb [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\fnetusb.sys -> [Ver = | Size = 13696 bytes | Modified Date = 19/10/2007 21:23:43 | Attr = ] (GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 23/01/2007 18:52:40 | Attr = ] (ha10kx2k) Creative Hardware Abstract Layer Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ha10kx2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0250-1.31.0090 | Size = 998004 bytes | Modified Date = 24/07/2002 13:52:26 | Attr = ] (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hpzid412.sys -> HP [Ver = 6, 0, 0, 0 | Size = 51024 bytes | Modified Date = 09/03/2003 21:31:00 | Attr = ] (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HPZipr12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 16080 bytes | Modified Date = 09/03/2003 21:31:02 | Attr = ] (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HPZius12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 21456 bytes | Modified Date = 09/03/2003 21:31:02 | Attr = ] (LMIInfo) LogMeIn Kernel Information Provider [Kernel | Auto | Running] -> %ProgramFiles%\LogMeIn\x86\rainfo.sys -> LogMeIn, Inc. [Ver = 7.50.596 | Size = 12992 bytes | Modified Date = 03/08/2007 15:09:34 | Attr = ] (lmimirr) lmimirr [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\lmimirr.sys -> LogMeIn, Inc. [Ver = 2.50.596 | Size = 10144 bytes | Modified Date = 03/08/2007 15:04:52 | Attr = ] (LMIRfsDriver) LogMeIn Remote File System Driver [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\LMIRfsDriver.sys -> LogMeIn, Inc. [Ver = 2.4.2.0 | Size = 46112 bytes | Modified Date = 03/08/2007 15:09:34 | Attr = ] (LVcKap) Logitech AEC Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Lvckap.sys -> [Ver = | Size = 1683232 bytes | Modified Date = 22/12/2006 12:30:42 | Attr = ] (LVMVDrv) Logitech Machine Vision Engine Loader [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LVMVdrv.sys -> Logitech Inc. [Ver = 10.5.0.1094 | Size = 1963680 bytes | Modified Date = 22/12/2006 12:32:24 | Attr = ] (LVPr2Mon) Logitech LVPr2Mon Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LVPr2Mon.sys -> [Ver = | Size = 25632 bytes | Modified Date = 22/12/2006 12:32:48 | Attr = ] (LVUSBSta) Logitech USB Monitor Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LVUSBSta.sys -> Logitech Inc. [Ver = 10.5.0.1091 | Size = 41248 bytes | Modified Date = 15/12/2006 6:41:55 | Attr = R ] (mmc_2K) mmc_2K [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Mmc_2k.sys -> Roxio [Ver = 6.0.0.171 | Size = 22758 bytes | Modified Date = 13/01/2003 10:19:26 | Attr = ] (ossrv) Creative OS Services Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctoss2k.sys -> Creative Technology Ltd. [Ver = 5.12.01.0245-1.31.0050 | Size = 195432 bytes | Modified Date = 19/07/2002 10:48:04 | Attr = ] (PID_0928) Logitech QuickCam Express(PID_0928) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LV561AV.SYS -> Logitech Inc. [Ver = 10.5.0.1091 | Size = 490016 bytes | Modified Date = 15/12/2006 6:37:10 | Attr = R ] (Ptilink) Controlador de vínculo paralelo directo [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] (pwd_2k) pwd_2k [Kernel | System | Running] -> %SystemRoot%\system32\drivers\pwd_2K.sys -> Roxio [Ver = 6.0.0.171 | Size = 118422 bytes | Modified Date = 13/01/2003 10:19:26 | Attr = ] (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.67a | Size = 43872 bytes | Modified Date = 23/02/2008 3:38:33 | Attr = ] (rtl8139) Controlador de Windows NT del adaptador Fast Ethernet PCI basado en Realtek RTL8139(A/B/C) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 03/08/2004 22:31:34 | Attr = ] (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 13/11/2007 11:25:53 | Attr = ] (sfman) Controlador del administrador Creative SoundFont (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\sfmanm.sys -> Creative Technology Ltd. [Ver = 4.10.3300 | Size = 36480 bytes | Modified Date = 17/08/2001 20:19:34 | Attr = ] (sojubus) sojubus [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sojubus.sys -> [Ver = 3.41.0.0 built by: WinDDK | Size = 123520 bytes | Modified Date = 05/10/2003 10:41:14 | Attr = ] (sojuscsi) sojuscsi [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sojuscsi.sys -> [Ver = 3.41.0.0 built by: WinDDK | Size = 5504 bytes | Modified Date = 28/09/2003 10:57:52 | Attr = ] (symsnap) Symantec Volume Snap Shot Driver [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\symsnap.sys -> StorageCraft [Ver = 6.0.1.18200 | Size = 131944 bytes | Modified Date = 23/01/2007 19:06:36 | Attr = ] (UdfReadr_xp) UdfReadr_xp [File_System | System | Running] -> %SystemRoot%\system32\drivers\UdfReadr_xp.sys -> Roxio [Ver = 6.0.0.171 built by: WinDDK | Size = 206464 bytes | Modified Date = 13/01/2003 10:19:26 | Attr = ] (v2imount) Symantec V2i Mount Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\v2imount.sys -> Symantec Corporation [Ver = 0.5.1.18776 | Size = 37864 bytes | Modified Date = 23/01/2007 19:06:34 | Attr = ] (VProEventMonitor) Symantec Event Monitor Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\vproeventmonitor.sys -> Symantec Corporation [Ver = 0.5.1.18188 | Size = 14072 bytes | Modified Date = 23/01/2007 19:03:46 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> [] -> File not found 085e197f -> %SystemRoot%\system32\lkhgrabi.dll [rundll32.exe "C:\WINDOWS\system32\lkhgrabi.dll",b] -> [Ver = | Size = 97856 bytes | Modified Date = 29/04/2008 23:23:03 | Attr = ] DelayLoad -> %UserProfile%\Configuración local\Temp\msprint.exe [C:\DOCUME~1\Kings\CONFIG~1\Temp\msprint.exe] -> [Ver = | Size = 42496 bytes | Modified Date = 29/04/2008 23:13:35 | Attr = ] LogMeIn GUI -> %ProgramFiles%\LogMeIn\x86\LogMeInSystray.exe ["C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe"] -> LogMeIn, Inc. [Ver = 3.0.596 | Size = 63048 bytes | Modified Date = 03/08/2007 15:09:34 | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Archivos de programa\QuickTime\qttask.exe" -atboottime] -> Apple Inc. [Ver = 7.3.1 | Size = 286720 bytes | Modified Date = 11/12/2007 10:56:54 | Attr = ] StartCCC -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"] -> [Ver = | Size = 90112 bytes | Modified Date = 10/11/2006 12:35:24 | Attr = ] Ulead AutoDetector -> %CommonProgramFiles%\Ulead Systems\AutoDetector\Monitor.exe [C:\Archivos de programa\Archivos comunes\Ulead Systems\AutoDetector\Monitor.exe] -> Ulead Systems, Inc. [Ver = 2.1.0.0 | Size = 94208 bytes | Modified Date = 28/07/2005 8:32:20 | Attr = ] Ulead Calendar Checker -> %ProgramFiles%\Ulead Systems\Ulead Photo Express 6\CalCheck.exe [C:\Archivos de programa\Ulead Systems\Ulead Photo Express 6\CalCheck.exe] -> Ulead Systems, Inc. [Ver = 6, 0, 0, 0 | Size = 69632 bytes | Modified Date = 22/08/2005 9:10:54 | Attr = ] UpdReg -> %SystemRoot%\Updreg.EXE [C:\WINDOWS\UpdReg.EXE] -> Creative Technology Ltd. [Ver = 1.0.2 | Size = 90112 bytes | Modified Date = 11/05/2000 1:00:00 | Attr = ] Windows Serviece Agents -> %SystemRoot%\system32\rswhjxw.exe [rswhjxw.exe] -> [Ver = | Size = 221532 bytes | Modified Date = 13/06/2007 14:22:28 | Attr = RHS] WINDVDPatch -> %SystemRoot%\system32\CTHELPER.EXE [CTHELPER.EXE] -> Creative Technology Ltd [Ver = 1, 0, 0, 2 | Size = 24576 bytes | Modified Date = 02/07/2002 17:56:00 | Attr = ] < RunServices [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices -> Windows Serviece Agents -> %SystemRoot%\system32\rswhjxw.exe [rswhjxw.exe] -> [Ver = | Size = 221532 bytes | Modified Date = 13/06/2007 14:22:28 | Attr = RHS] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> amva -> %SystemRoot%\system32\amvo.exe [C:\WINDOWS\system32\amvo.exe] -> File not found LogitechSetup -> F:\Setup\Setup.exe [F:\Setup\Setup.exe /start /restart /l:esp] -> File not found sdybakda -> %SystemRoot%\system32\zmvqhkde.exe [C:\WINDOWS\system32\zmvqhkde.exe] -> [Ver = | Size = 102400 bytes | Modified Date = 29/04/2008 23:13:37 | Attr = ] SpybotSD TeaTimer -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe] -> Safer Networking Limited [Ver = 1, 5, 2, 16 | Size = 2097488 bytes | Modified Date = 28/01/2008 11:43:40 | Attr = RHS] Windows Serviece Agents -> %SystemRoot%\system32\rswhjxw.exe [rswhjxw.exe] -> [Ver = | Size = 221532 bytes | Modified Date = 13/06/2007 14:22:28 | Attr = RHS] < Run [HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\] > -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> amva -> %SystemRoot%\system32\amvo.exe [C:\WINDOWS\system32\amvo.exe] -> File not found LogitechSetup -> F:\Setup\Setup.exe [F:\Setup\Setup.exe /start /restart /l:esp] -> File not found sdybakda -> %SystemRoot%\system32\zmvqhkde.exe [C:\WINDOWS\system32\zmvqhkde.exe] -> [Ver = | Size = 102400 bytes | Modified Date = 29/04/2008 23:13:37 | Attr = ] SpybotSD TeaTimer -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe] -> Safer Networking Limited [Ver = 1, 5, 2, 16 | Size = 2097488 bytes | Modified Date = 28/01/2008 11:43:40 | Attr = RHS] Windows Serviece Agents -> %SystemRoot%\system32\rswhjxw.exe [rswhjxw.exe] -> [Ver = | Size = 221532 bytes | Modified Date = 13/06/2007 14:22:28 | Attr = RHS] < Administrador Startup Folder > -> C:\Documents and Settings\Administrador\Menú Inicio\Programas\Inicio -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio -> %AllUsersProfile%\Menú Inicio\Programas\Inicio\Adobe Acrobat Speed Launcher.lnk -> %SystemRoot%\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe -> [Ver = | Size = 25214 bytes | Modified Date = 25/12/2007 20:48:13 | Attr = R ] %AllUsersProfile%\Menú Inicio\Programas\Inicio\OpenSTA NameServer.lnk -> %SystemRoot%\Installer\{6F8A16A2-7E57-11D4-948F-00C04F89E392}\_5bcd6cdc.exe -> [Ver = | Size = 1078 bytes | Modified Date = 24/04/2008 18:55:19 | Attr = R ] < Default User Startup Folder > -> C:\Documents and Settings\Default User\Menú Inicio\Programas\Inicio -> < Kings Startup Folder > -> C:\Documents and Settings\Kings\Menú Inicio\Programas\Inicio -> < LogMeInRemoteUser Startup Folder > -> C:\Documents and Settings\LogMeInRemoteUser\Menú Inicio\Programas\Inicio -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> wbsys.dll -> %SystemRoot%\system32\wbsys.dll -> Stardock.Net, Inc [Ver = 5, 5, 0, 0 | Size = 42672 bytes | Modified Date = 11/07/2007 15:06:58 | Attr = ] *MultiFile Done* -> -> < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> {49760F4C-E802-4076-9E47-D7AA0FCC181B} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\bdkpfxqw.dll [bdkpfxqw] -> [Ver = | Size = 225280 bytes | Modified Date = 30/04/2008 2:17:18 | Attr = ] {6F47950E-2C9D-45E3-9986-6CD85A636A14} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\qadovnel.dll [qadovnel] -> [Ver = | Size = 188416 bytes | Modified Date = 30/04/2008 2:17:00 | Attr = ] < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {CE86878F-D099-4FFC-A4DC-E51D192063B1} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mlJbaXrS.dll [] -> [Ver = | Size = 37376 bytes | Modified Date = 29/04/2008 23:13:38 | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\PE_C_ADMINISTRADOR] > -> HKEY_USERS\PE_C_ADMINISTRADOR\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\PE_C_LOGMEINREMOTEUSER] > -> HKEY_USERS\PE_C_LOGMEINREMOTEUSER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003] > -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4176 | Size = 122880 bytes | Modified Date = 05/12/2007 3:55:20 | Attr = ] LMIinit -> %SystemRoot%\system32\LMIinit.dll -> LogMeIn, Inc. [Ver = 4.0.680 | Size = 87352 bytes | Modified Date = 15/11/2007 18:46:22 | Attr = ] mlJbaXrS -> %SystemRoot%\system32\mlJbaXrS.dll -> [Ver = | Size = 37376 bytes | Modified Date = 29/04/2008 23:13:38 | Attr = ] WBSrv -> %ProgramFiles%\Stardock\Object Desktop\WindowBlinds\WbSrv.dll -> Stardock Corporation [Ver = 5, 0, 0, 1 | Size = 226992 bytes | Modified Date = 07/02/2007 17:31:20 | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Oi1UQ8BU9I -> C:\Documents and Settings\All Users\Datos de programa\zqpulkfs\dkvujyra.exe [C:\Documents and Settings\All Users\Datos de programa\zqpulkfs\dkvujyra.exe] -> [Ver = | Size = 43008 bytes | Modified Date = 29/04/2008 23:13:38 | Attr = ] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\System Patcher -> BTCPatcher.exe -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\NTSpool -> C:\WINDOWS\system32\NTSpool.exe [NTSpool.exe] -> [Ver = | Size = 724992 bytes | Modified Date = 25/12/2007 20:34:33 | Attr = ] HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1 -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\PE_C_ADMINISTRADOR] > -> HKEY_USERS\PE_C_ADMINISTRADOR\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\PE_C_ADMINISTRADOR\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\PE_C_ADMINISTRADOR\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\PE_C_ADMINISTRADOR\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\PE_C_LOGMEINREMOTEUSER] > -> HKEY_USERS\PE_C_LOGMEINREMOTEUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\PE_C_LOGMEINREMOTEUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\PE_C_LOGMEINREMOTEUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\PE_C_LOGMEINREMOTEUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003] > -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\System Patcher -> BTCPatcher.exe -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\NTSpool -> C:\WINDOWS\system32\NTSpool.exe [NTSpool.exe] -> [Ver = | Size = 724992 bytes | Modified Date = 25/12/2007 20:34:33 | Attr = ] HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1 -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> SCSI miniport -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> Controlador de CD-ROM -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> C:\WINDOWS\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found TORiSAN CD-ROM CDR_C36 -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomPIONEER_DVD-RW__DVR-111D________________1.23____\46_0444a3050323237315737204c202020202020 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> SCSI\CdRom&Ven_AXV&Prod_CD/DVD-ROM&Rev_2.2a\2&220aad77&0&000 -> < Drives - Autoruns > -> -> AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [Ver = | Size = 0 bytes | Modified Date = 24/12/2007 18:11:03 | Attr = ] < HOSTS File > (236727 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.com.mx/ -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\PE_C_ADMINISTRADOR\] > -> -> < Internet Explorer Settings [HKEY_USERS\PE_C_LOGMEINREMOTEUSER\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\] > -> -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\: Main\\Start Page -> http://www.google.com.mx/ -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4387 domain(s) found. -> 33 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4386 domain(s) found. -> 32 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4386 domain(s) found. -> 32 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\PE_C_ADMINISTRADOR\] > -> HKEY_USERS\PE_C_ADMINISTRADOR\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\PE_C_ADMINISTRADOR\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4386 domain(s) found. -> 32 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\PE_C_ADMINISTRADOR\] > -> HKEY_USERS\PE_C_ADMINISTRADOR\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\PE_C_ADMINISTRADOR\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\PE_C_LOGMEINREMOTEUSER\] > -> HKEY_USERS\PE_C_LOGMEINREMOTEUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\PE_C_LOGMEINREMOTEUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4386 domain(s) found. -> 32 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\PE_C_LOGMEINREMOTEUSER\] > -> HKEY_USERS\PE_C_LOGMEINREMOTEUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\PE_C_LOGMEINREMOTEUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4386 domain(s) found. -> 32 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\] > -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4386 domain(s) found. -> 32 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\] > -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 63136 bytes | Modified Date = 14/12/2004 1:56:50 | Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 28/01/2008 11:43:28 | Attr = ] {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {AE7CD045-E861-484f-8273-0445EE161910} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [AcroIEToolbarHelper Class] -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] {CE86878F-D099-4FFC-A4DC-E51D192063B1} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mlJbaXrS.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 37376 bytes | Modified Date = 29/04/2008 23:13:38 | Attr = ] {E88995DC-CB69-4460-B14E-71F2B44D1998} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\gndarmblxbt.dll [DVA Gate] -> [Ver = | Size = 274432 bytes | Modified Date = 30/04/2008 2:18:08 | Attr = ] {FCDEEFE6-CF0A-48F0-AD2E-E9F310A0A500} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\hgGxYRll.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 280576 bytes | Modified Date = 29/04/2008 23:21:49 | Attr = ] < Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {182EC0BE-5110-49C8-A062-BEB1D02A220B} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] {CF99FDD9-209D-460E-AFAD-E780FFCA314D} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\wxdbpfvo.dll [wxdbpfvo] -> [Ver = | Size = 155648 bytes | Modified Date = 30/04/2008 2:19:06 | Attr = ] {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Styler\TB\StylerTB.dll [StylerToolBar] -> StyleFantasist [Ver = 1, 1, 8, 0 | Size = 102400 bytes | Modified Date = 02/05/2006 4:31:26 | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\] > -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search && Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 28/01/2008 11:43:28 | Attr = ] < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> Convert link target to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert link target to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert selected links to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert selected links to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert selection to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert selection to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\] > -> HKEY_USERS\S-1-5-21-1220945662-329068152-839522115-1003\Software\Microsoft\Internet Explorer\MenuExt\ -> Convert link target to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert link target to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert selected links to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert selected links to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert selection to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert selection to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] Convert to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 225280 bytes | Modified Date = 14/12/2004 2:13:40 | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {62EB35AB-485D-42AE-8DD6-55153FF3C7EC} -> () -> {8C475BE5-2DC0-4F19-906A-66051291526B} -> (NIC Fast Ethernet PCI Familia RTL8139 de Realtek ) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {6414512B-B978-451D-A0D8-FCFDF33E833C}[HKEY_LOCAL_MACHINE] -> http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198516662031[WUWebControl Class] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll\\{6414512B-B978-451D-A0D8-FCFDF33E833C} -> -> [Registry - Additional Scans - Non-Microsoft Only] < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> Acrobat.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe [C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 69632 bytes | Modified Date = 14/12/2004 4:44:40 | Attr = ] AcrobatInfo.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcrobatInfo.exe [C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 32256 bytes | Modified Date = 14/12/2004 2:36:08 | Attr = ] AcroDist.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Distillr\acrodist.exe [C:\Archivos de programa\Adobe\Acrobat 7.0\Distillr\] -> Adobe Systems Incorporated. [Ver = 7.0.0.2004121400 | Size = 196608 bytes | Modified Date = 14/12/2004 2:12:46 | Attr = ] ActiveSetupRoxioCD.exe -> %CommonProgramFiles%\Roxio Shared\Project Selector\ActiveSetupRoxioCD.exe [C:\Archivos de programa\Archivos comunes\Roxio Shared\Project Selector\] -> [Ver = | Size = 57344 bytes | Modified Date = 13/01/2003 14:08:12 | Attr = ] ADGJDet.EXE -> %ProgramFiles%\Creative\SBLive\Program\ADGJDet.exe [C:\Archivos de programa\Creative\SBLive\PROGRAM] -> [Ver = 1, 0, 2, 0 | Size = 28672 bytes | Modified Date = 29/11/2001 1:00:00 | Attr = ] Ahqrun.exe -> %ProgramFiles%\Creative\SBLive\AudioHQ\Ahqrun.exe [C:\Archivos de programa\Creative\SBLive\AudioHQ;C:\Archivos de programa\Creative\ShareDLL;C:\Archivos de programa\Creative\SBLive\AudioHQ\AHQ] -> Creative Technology Ltd [Ver = 1.0.6 | Size = 102400 bytes | Modified Date = 02/12/1999 11:29:08 | Attr = ] AHQTBU.EXE -> %ProgramFiles%\Creative\SBLive\AudioHQ\AHQTbU.exe [C:\Archivos de programa\Creative\SBLive\AudioHQ;C:\Archivos de programa\Creative\ShareDLL;C:\Archivos de programa\Creative\SBLive\AudioHQ\AHQ] -> Creative Technology Ltd. [Ver = 1.13.0 | Size = 176128 bytes | Modified Date = 18/01/2002 1:13:00 | Attr = ] Alcohol.exe -> %ProgramFiles%\Alcohol Soft\Alcohol 120\Alcohol.exe [C:\Archivos de programa\Alcohol Soft\Alcohol 120\] -> Alcohol Soft Development Team [Ver = 1.4.7.1005 | Size = 1414144 bytes | Modified Date = 05/10/2003 18:07:32 | Attr = ] AUDIOHQU.EXE -> %ProgramFiles%\Creative\SBLive\AudioHQ\AudioHQU.exe [C:\Archivos de programa\Creative\SBLive\AudioHQ;C:\Archivos de programa\Creative\ShareDLL;C:\Archivos de programa\Creative\SBLive\AudioHQ\AHQ] -> Creative Technology Ltd. [Ver = 1.14.0 | Size = 274432 bytes | Modified Date = 18/01/2002 1:14:00 | Attr = ] CDEngine.dll -> %CommonProgramFiles%\Roxio Shared\CDEngine\CDENGINE.DLL [C:\Archivos de programa\Archivos comunes\Roxio Shared\CDEngine\] -> Roxio [Ver = 6.0.0.171 | Size = 765952 bytes | Modified Date = 13/01/2003 14:12:44 | Attr = ] CDLabel.exe -> %CommonProgramFiles%\Roxio Shared\Label Creator\CDLabel.exe [C:\Archivos de programa\Archivos comunes\Roxio Shared\Label Creator\] -> Roxio [Ver = 6.0.0.171 | Size = 3072110 bytes | Modified Date = 13/01/2003 14:17:36 | Attr = ] cmmgr32.exe -> %SystemRoot%\system32\cmmgr32.exe [C:\WINDOWS\system32] -> File not found Creator.dll -> %CommonProgramFiles%\Roxio Shared\CreatorAPI\Creator.dll [C:\Archivos de programa\Archivos comunes\Roxio Shared\CreatorAPI\] -> Roxio [Ver = 6.0.0.171 | Size = 937984 bytes | Modified Date = 13/01/2003 14:14:40 | Attr = ] Creatorc.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\Easy CD Creator\creatorc.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\Easy CD Creator\] -> Roxio [Ver = 6.0.0.171 | Size = 1114223 bytes | Modified Date = 13/01/2003 14:15:10 | Attr = ] CTCplFW.exe -> %ProgramFiles%\Creative\SBLive\Diagnostics\CTCplFW.exe [C:\Archivos de programa\Creative\SBLive\Diagnostics] -> Creative Technology Ltd. [Ver = 1.12.00 | Size = 192512 bytes | Modified Date = 07/08/2001 11:18:24 | Attr = ] DaemonCfg.exe -> %ProgramFiles%\OpenSTA\Server\DaemonCFG.exe [C:\Archivos de programa\OpenSTA\Common] -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 77824 bytes | Modified Date = 30/08/2007 0:37:02 | Attr = ] Directcd.exe -> %CommonProgramFiles%\Roxio Shared\System\DirectCD.exe [C:\Archivos de programa\Archivos comunes\Roxio Shared\System\] -> Roxio Inc., [Ver = 6, 0, 0, 1 | Size = 40960 bytes | Modified Date = 04/12/2002 22:51:34 | Attr = ] DiscCopier.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\Easy CD Creator\DiscCopier.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\Easy CD Creator\] -> Roxio [Ver = 6.0.0.171 | Size = 1355776 bytes | Modified Date = 13/01/2003 14:19:12 | Attr = ] DrgToDsc.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\DragToDisc\] -> Roxio [Ver = 6.0.0.171 | Size = 757760 bytes | Modified Date = 13/01/2003 10:19:26 | Attr = ] E: -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe [C:\Archivos de programa\Mozilla Firefox] -> Mozilla Corporation [Ver = 1.8.1.14: 2008040413 | Size = 7660656 bytes | Modified Date = 07/04/2008 8:49:38 | Attr = ] FormDesigner.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Designer 7.0\FormDesigner.exe [C:\Archivos de programa\Adobe\Acrobat 7.0\Designer 7.0\] -> Adobe Systems Incorporated [Ver = 7, 0, 041126, 0 | Size = 9392128 bytes | Modified Date = 26/11/2004 9:40:14 | Attr = R ] Gateway.exe -> %ProgramFiles%\OpenSTA\Engines\Web\Gateway.exe [C:\Archivos de programa\OpenSTA\Common] -> File not found gwconsole.exe -> %ProgramFiles%\OpenSTA\Engines\Web\gwconsole.exe [C:\Archivos de programa\OpenSTA\Common] -> File not found hpqaprnt.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Album\hpqaprnt.exe [C:\Archivos de programa\Hewlett-Packard\Digital Imaging\Album\;C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin] -> [Ver = 2.0.0.126 | Size = 671744 bytes | Modified Date = 01/10/2002 0:51:30 | Attr = ] HpqCmon.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe [C:\Archivos de programa\Hewlett-Packard\Digital Imaging\Unload\] -> [Ver = 2.0.0.133 | Size = 90112 bytes | Modified Date = 07/10/2002 0:23:20 | Attr = ] HpqPhUnl.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe [C:\Archivos de programa\Hewlett-Packard\Digital Imaging\Unload\;C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin] -> [Ver = 2.0.0.133 | Size = 454656 bytes | Modified Date = 07/10/2002 0:22:34 | Attr = ] HpqUnSet.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Unload\HpqUnSet.exe [C:\Archivos de programa\Hewlett-Packard\Digital Imaging\Unload\] -> [Ver = 2.0.0.133 | Size = 57344 bytes | Modified Date = 07/10/2002 0:23:38 | Attr = ] hypertrm.exe -> %ProgramFiles%\Windows NT\hypertrm.exe [Reg Error: Value Path does not exist or could not be read.] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 28160 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] install.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found LUALL.EXE -> %ProgramFiles%\Symantec\LiveUpdate\LUALL.EXE [C:\Archivos de programa\Symantec\LiveUpdate] -> Symantec Corporation [Ver = 3.2.0.26 | Size = 927424 bytes | Modified Date = 31/10/2006 10:32:09 | Attr = ] ModelFileHandler.exe -> %CommonProgramFiles%\LogiShrd\LQCVFX\ModelFileHandler.exe [C:\Archivos de programa\Archivos comunes\Logishrd\LQCVFX\] -> Logitech Inc. [Ver = 10.5.0.1096 | Size = 113176 bytes | Modified Date = 22/12/2006 12:28:14 | Attr = ] mplayer2.exe -> %ProgramFiles%\Windows Media Player\mplayer2.exe ["C:\Archivos de programa\Windows Media Player"] -> [Ver = | Size = 4639 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] MrfInst.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\DragToDisc\MRW\MrfInst.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\DragToDisc\MRW\] -> Roxio [Ver = 6.0.0.171 | Size = 275223 bytes | Modified Date = 13/01/2003 10:19:26 | Attr = ] msimn.exe -> [%ProgramFiles%\Outlook Express] -> File not found MsoHtmEd.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found OSCommander.exe -> %ProgramFiles%\OpenSTA\BaseUI\OSCommander.exe [C:\Archivos de programa\OpenSTA\Common] -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 307200 bytes | Modified Date = 01/09/2007 1:51:54 | Attr = ] PictureViewer.exe -> %ProgramFiles%\QuickTime\PictureViewer.exe [C:\Archivos de programa\QuickTime\] -> Apple Inc. [Ver = 7.3.1 | Size = 483328 bytes | Modified Date = 11/12/2007 10:56:42 | Attr = ] pinball.exe -> %ProgramFiles%\Windows NT\Pinball\PINBALL.EXE [C:\Archivos de programa\Windows NT\Pinball] -> Cinematronics [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 284160 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] pmstudio.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\PMStudio\PMStudio.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\PMStudio\] -> Roxio [Ver = 1.0.0.216 | Size = 765952 bytes | Modified Date = 13/01/2003 14:35:10 | Attr = ] projselector.exe -> %CommonProgramFiles%\Roxio Shared\Project Selector\projselector.exe [C:\Archivos de programa\Archivos comunes\Roxio Shared\Project Selector\] -> Roxio [Ver = 6.0.0.171 | Size = 114688 bytes | Modified Date = 13/01/2003 14:15:34 | Attr = ] Quickcam10.exe -> %ProgramFiles%\Logitech\QuickCam10\QuickCam10.exe [C:\Archivos de programa\Logitech\QuickCam10\] -> [Ver = | Size = 756248 bytes | Modified Date = 22/12/2006 12:28:26 | Attr = ] QuickTimePlayer.exe -> %ProgramFiles%\QuickTime\QuickTimePlayer.exe [C:\Archivos de programa\QuickTime\] -> Apple Inc. [Ver = 7.3.1 | Size = 6948144 bytes | Modified Date = 11/12/2007 10:57:36 | Attr = ] RDefault.exe -> %ProgramFiles%\Creative\SBLive\Program\RDefault.exe [C:\Archivos de programa\Creative\SBLive\Program] -> Creative Technology Ltd [Ver = 1, 0, 1, 0 | Size = 24576 bytes | Modified Date = 07/10/2002 1:00:00 | Attr = ] RelayCfg.exe -> %ProgramFiles%\OpenSTA\Server\RelayCfg.exe [C:\Archivos de programa\OpenSTA\Common] -> OpenSTA Open Source Team [Ver = 1,4,4,1 | Size = 131072 bytes | Modified Date = 01/09/2007 1:56:26 | Attr = ] Retrieve.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\Easy CD Creator\Retrieve.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\Easy CD Creator\] -> Roxio [Ver = 6.0.0.171 | Size = 765952 bytes | Modified Date = 13/01/2003 14:17:50 | Attr = ] Rox6pTutorial.exe -> %CommonProgramFiles%\Roxio Shared\Support\Rox6pTutorial.exe [C:\Archivos de programa\Archivos comunes\Roxio Shared\Support\] -> Macromedia, Inc. [Ver = 6,0,21,0 | Size = 11689688 bytes | Modified Date = 13/01/2003 14:08:34 | Attr = ] RoxAssist.exe -> %CommonProgramFiles%\Roxio Shared\Upgrade\roxassist.exe [C:\Archivos de programa\Archivos comunes\Roxio Shared\Upgrade\] -> Roxio [Ver = 6.0.0.171 | Size = 86016 bytes | Modified Date = 13/01/2003 14:15:40 | Attr = ] ROXIOPhotoSuite.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\PhotoSuite\ROXIOPhotoSuite.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\PhotoSuite\] -> Roxio Inc. [Ver = 5.0.1366.0 | Size = 938030 bytes | Modified Date = 15/12/2002 7:24:38 | Attr = ] RoxioPlayer.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\Roxio Player\RoxioPlayer.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\Roxio Player\] -> Roxio Inc. [Ver = 6.0.1615.1 | Size = 364544 bytes | Modified Date = 08/01/2003 18:50:08 | Attr = ] roxregister.exe -> %CommonProgramFiles%\Roxio Shared\Support\roxregister.exe [C:\Archivos de programa\Archivos comunes\Roxio Shared\Support\] -> Roxio [Ver = 6.0.0.171 | Size = 794624 bytes | Modified Date = 13/01/2003 14:15:44 | Attr = ] Roxupdate.exe -> %CommonProgramFiles%\Roxio Shared\Upgrade\Roxupdate.exe [C:\Archivos de programa\Archivos comunes\Roxio Shared\Upgrade\] -> Roxio [Ver = 6.0.0.171 | Size = 73728 bytes | Modified Date = 13/01/2003 14:15:38 | Attr = ] RxMediaX.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\AudioCentral\RxMediaX.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\] -> Roxio, Inc. [Ver = 1.0.98 | Size = 266240 bytes | Modified Date = 09/01/2003 10:20:20 | Attr = ] RxMon.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\] -> Roxio, Inc. [Ver = 1.0.100 | Size = 253952 bytes | Modified Date = 09/01/2003 9:21:26 | Attr = ] RxPlayer.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\AudioCentral\RxPlayer.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\] -> Roxio, Inc. [Ver = 1.0.98 | Size = 438272 bytes | Modified Date = 09/01/2003 10:20:20 | Attr = ] RxSoundEditor.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\AudioCentral\RxSoundEditor.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\] -> Roxio, Inc. [Ver = 1.0.98 | Size = 364544 bytes | Modified Date = 09/01/2003 10:20:20 | Attr = ] RxTagEditor.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\AudioCentral\RxTagEditor.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\] -> Roxio, Inc. [Ver = 1.0.98 | Size = 339968 bytes | Modified Date = 09/01/2003 10:20:20 | Attr = ] Scandisc.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\DragToDisc\Scandisc.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\DragToDisc\] -> Roxio [Ver = 6.0.0.171 | Size = 659456 bytes | Modified Date = 13/01/2003 10:19:26 | Attr = ] setup.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found SNMPPlugin.exe -> Reg Error: Value does not exist or could not be read. [C:\Archivos de programa\OpenSTA\Common] -> File not found SurMix2.exe -> %ProgramFiles%\Creative\SBLive\SurMix2\SurMix2.exe [C:\Archivos de programa\Creative\SBLive\SurMix2;C:\Archivos de programa\Creative\ShareDLL] -> [Ver = 2.00.19.0 | Size = 86016 bytes | Modified Date = 08/01/2002 2:00:00 | Attr = ] table30.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found TestInfo.exe -> Reg Error: Value does not exist or could not be read. [C:\Archivos de programa\OpenSTA\Common] -> File not found TestInit.exe -> Reg Error: Value does not exist or could not be read. [C:\Archivos de programa\OpenSTA\Common] -> File not found TestManager.exe -> Reg Error: Value does not exist or could not be read. [C:\Archivos de programa\OpenSTA\Common] -> File not found TExecuter_htp.exe -> %ProgramFiles%\OpenSTA\Engines\TExecuter_htp.exe [C:\Archivos de programa\OpenSTA\Common] -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 1163264 bytes | Modified Date = 01/09/2007 1:58:08 | Attr = ] TExecuter_ntp.exe -> Reg Error: Value does not exist or could not be read. [C:\Archivos de programa\OpenSTA\Common] -> File not found TExecuter_smp.exe -> Reg Error: Value does not exist or could not be read. [C:\Archivos de programa\OpenSTA\Common] -> File not found tutorial.exe -> %CommonProgramFiles%\Roxio Shared\Support\Roxioscan.exe [C:\Archivos de programa\Archivos comunes\Roxio Shared\Support\] -> File not found UdfrChk.exe -> %ProgramFiles%\Roxio\Easy CD Creator 6\DragToDisc\UdfrChk.exe [C:\Archivos de programa\Roxio\Easy CD Creator 6\DragToDisc\] -> [Ver = | Size = 40960 bytes | Modified Date = 13/01/2003 10:19:26 | Attr = ] V2iBrowser.exe -> Reg Error: Value does not exist or could not be read. [C:\Archivos de programa\Norton Ghost\Browser\] -> File not found VProConsole.exe -> %ProgramFiles%\Norton Ghost\Console\VProConsole.exe [C:\Archivos de programa\Norton Ghost\Console\] -> Symantec Corporation [Ver = 12.0.0.18971 | Size = 562800 bytes | Modified Date = 23/01/2007 19:36:12 | Attr = ] VProConsole_.exe -> %ProgramFiles%\Norton Ghost\Console\VProConsole_.exe [C:\Archivos de programa\Norton Ghost\Console\] -> Symantec Corporation [Ver = 12.0.0.18971 | Size = 1369712 bytes | Modified Date = 23/01/2007 19:36:12 | Attr = ] wab.exe -> [%ProgramFiles%\Outlook Express] -> File not found wabmig.exe -> [%ProgramFiles%\Outlook Express] -> File not found WebcamSnapshot.exe -> %ProgramFiles%\Logitech\QuickCam10\QuickCam10.exe [C:\Archivos de programa\Logitech\QuickCam10\] -> [Ver = | Size = 756248 bytes | Modified Date = 22/12/2006 12:28:26 | Attr = ] winnt32.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found WinRAR.exe -> %ProgramFiles%\WinRAR\WinRAR.exe [C:\Archivos de programa\WinRAR] -> [Ver = | Size = 936960 bytes | Modified Date = 20/09/2007 18:34:22 | Attr = ] WORDPAD.EXE -> [Reg Error: Value Path does not exist or could not be read.] -> File not found WRITE.EXE -> [Reg Error: Value Path does not exist or could not be read.] -> File not found < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] C:\WINDOWS\system32\hgGxYRll -> %SystemRoot%\system32\hgGxYRll.dll -> [Ver = | Size = 280576 bytes | Modified Date = 29/04/2008 23:21:49 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> 0 [binary data] -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 15/06/2005 18:50:46 | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 25/04/2007 15:22:37 | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 24/03/2006 5:37:56 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 652 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 184832 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 119808 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> 63 D6 6D FD 0B 0B 87 84 78 54 26 F6 C8 14 9C 1B 64 63 37 64 61 31 63 66 00 FD 07 00 57 72 00 00 34 FA 07 00 56 82 47 75 20 FA 07 00 40 FD 07 00 4C FD 07 00 CB AB 7C 5A F6 3D 7D 1F FE AA 2E DC [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> 93 DE 58 97 52 3A 97 59 B2 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> BB D7 DF 96 2C C2 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\Auth132 -> C:\WINDOWS\system32\iissuba.dll [IISSUBA] -> Microsoft Corporation [Ver = 6.0.2600.0 (xpclient.010817-1148) | Size = 9216 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> 4F FB 40 31 8C 81 78 F3 44 4E D5 EA 9A FB 9C A3 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> 6A 36 06 E1 58 46 C8 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> 00 E0 FC 37 AD 86 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> 00 E0 FC 37 AD 86 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> 00 E0 FC 37 AD 86 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Ofrece servicios de traducción de direcciones, direccionamiento, resolución de nombres y/o servicios de prevención de intrusión para una red doméstica o de pequeña empresa. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Firewall de Windows/Conexión compartida a Internet (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 935 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 332288 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 142848 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 13:44:50 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe -> C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe [C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 11:34:02 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Archivos de programa\Windows Live\Messenger\livecall.exe -> C:\Archivos de programa\Windows Live\Messenger\livecall.exe [C:\Archivos de programa\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 17:18:24 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:*:Enabled:@xpsp2res.dll,-22004 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:*:Enabled:@xpsp2res.dll,-22005 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:*:Enabled:@xpsp2res.dll,-22001 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:*:Enabled:@xpsp2res.dll,-22002 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 142848 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 13:44:50 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\eMule\emule.exe -> C:\Archivos de programa\eMule\emule.exe [C:\Archivos de programa\eMule\emule.exe:*:Enabled:eMule] -> http://www.emule-project.net [Ver = 0.48.0 Unicode | Size = 5308416 bytes | Modified Date = 13/05/2007 15:57:46 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\Archivos de programa\Steam\SteamApps\rjorge99\counter-strike source\hl2.exe -> D:\Archivos de programa\Steam\SteamApps\rjorge99\counter-strike source\hl2.exe [D:\Archivos de programa\Steam\SteamApps\rjorge99\counter-strike source\hl2.exe:*:Enabled:hl2] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\Ares\Ares.exe -> C:\Archivos de programa\Ares\Ares.exe [C:\Archivos de programa\Ares\Ares.exe:*:Enabled:Ares p2p for windows] -> Ares Development Group [Ver = 2.0.9.3030 | Size = 962560 bytes | Modified Date = 23/11/2007 17:18:16 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\The All-Seeing Eye\eye.exe -> C:\Archivos de programa\The All-Seeing Eye\eye.exe [C:\Archivos de programa\The All-Seeing Eye\eye.exe:*:Enabled:Yahoo! All-Seeing Eye] -> Yahoo! Inc. [Ver = 2, 6, 0, 254 | Size = 498432 bytes | Modified Date = 25/12/2007 15:06:11 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\Archivos de programa\Steam\SteamApps\rjorge99\day of defeat source\hl2.exe -> D:\Archivos de programa\Steam\SteamApps\rjorge99\day of defeat source\hl2.exe [D:\Archivos de programa\Steam\SteamApps\rjorge99\day of defeat source\hl2.exe:*:Enabled:hl2] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\VideoLAN\VLC\vlc.exe -> C:\Archivos de programa\VideoLAN\VLC\vlc.exe [C:\Archivos de programa\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player] -> [Ver = | Size = 95744 bytes | Modified Date = 27/02/2008 21:36:16 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe -> C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe [C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 11:34:02 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\Windows Live\Messenger\livecall.exe -> C:\Archivos de programa\Windows Live\Messenger\livecall.exe [C:\Archivos de programa\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 17:18:24 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\uTorrent\uTorrent.exe -> C:\Archivos de programa\uTorrent\uTorrent.exe [C:\Archivos de programa\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [Ver = | Size = 219952 bytes | Modified Date = 09/04/2008 18:17:43 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\TORRENT\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe -> D:\TORRENT\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe [D:\TORRENT\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\OpenSTA\Server\CyrDmn.exe -> C:\Archivos de programa\OpenSTA\Server\CyrDmn.exe [C:\Archivos de programa\OpenSTA\Server\CyrDmn.exe:*:Enabled:OpenSTA Daemon] -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 110592 bytes | Modified Date = 01/09/2007 1:55:36 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\OpenSTA\Server\ArchMgrDmn.exe -> C:\Archivos de programa\OpenSTA\Server\ArchMgrDmn.exe [C:\Archivos de programa\OpenSTA\Server\ArchMgrDmn.exe:*:Enabled:Architecture Manager Daemon] -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 69632 bytes | Modified Date = 01/09/2007 1:51:10 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\OpenSTA\Server\OmniOrb\omniNames.exe -> C:\Archivos de programa\OpenSTA\Server\OmniOrb\omniNames.exe [C:\Archivos de programa\OpenSTA\Server\OmniOrb\omniNames.exe:*:Enabled:omniNames] -> [Ver = | Size = 61440 bytes | Modified Date = 12/06/2007 23:54:38 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\OpenSTA\Engines\Web\Modeller\gateway.exe -> C:\Archivos de programa\OpenSTA\Engines\Web\Modeller\gateway.exe [C:\Archivos de programa\OpenSTA\Engines\Web\Modeller\gateway.exe:*:Enabled:HTTP Gateway] -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 180224 bytes | Modified Date = 30/08/2007 0:58:28 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\OpenSTA\BaseUI\TestPlugin.exe -> C:\Archivos de programa\OpenSTA\BaseUI\TestPlugin.exe [C:\Archivos de programa\OpenSTA\BaseUI\TestPlugin.exe:*:Enabled:Test Plugin Component] -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 135168 bytes | Modified Date = 01/09/2007 1:57:44 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\OpenSTA\Engines\TExecuter_htp.exe -> C:\Archivos de programa\OpenSTA\Engines\TExecuter_htp.exe [C:\Archivos de programa\OpenSTA\Engines\TExecuter_htp.exe:*:Enabled:HTTP Test Executer(TP)] -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 1163264 bytes | Modified Date = 01/09/2007 1:58:08 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\OpenSTA\Engines\TestManager.exe -> C:\Archivos de programa\OpenSTA\Engines\TestManager.exe [C:\Archivos de programa\OpenSTA\Engines\TestManager.exe:*:Enabled:Test Manager] -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 208896 bytes | Modified Date = 01/09/2007 1:52:58 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Archivos de programa\OpenSTA\Server\DaemonCFG.exe -> C:\Archivos de programa\OpenSTA\Server\DaemonCFG.exe [C:\Archivos de programa\OpenSTA\Server\DaemonCFG.exe:*:Enabled:OpenSTA Name Server] -> OpenSTA Open Source Team [Ver = 1.4.4.1 | Size = 77824 bytes | Modified Date = 30/08/2007 0:37:02 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\rswhjxw.exe -> C:\WINDOWS\system32\rswhjxw.exe [C:\WINDOWS\system32\rswhjxw.exe:*:Disabled:rswhjxw] -> [Ver = | Size = 221532 bytes | Modified Date = 13/06/2007 14:22:28 | Attr = RHS] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Actualizaciones automáticas -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Habilita la descarga e instalación de actualizaciones de Windows. Si el servicio está deshabilitado, este equipo no podrá usar la característica Actualizaciones automáticas ni el sitio Web de Windows Update. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Description -> Habilita usuarios remotos para que modifiquen la configuración del Registro en este equipo. Si se detiene este servicio, cualquier usuario en este equipo puede modificar el Registro. Si este servicio está deshabilitado, cualquier servicio que explícitamente dependa de él no podrá iniciarse. -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 26/07/2005 5:40:01 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DisplayName -> Registro remoto -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k LocalService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ObjectName -> NT AUTHORITY\LocalService -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Group -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\FailureActions -> 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 E0 AD 08 00 01 00 00 00 E8 03 00 00 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\\ServiceDll -> C:\WINDOWS\system32\regsvc.dll [%SystemRoot%\system32\regsvc.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\0 -> Root\LEGACY_REMOTEREGISTRY\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Type -> 16 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Start -> 4 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ImagePath -> C:\WINDOWS\system32\tlntsvr.exe [C:\WINDOWS\system32\tlntsvr.exe] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 74240 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DisplayName -> Telnet -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 26/07/2005 5:40:01 | Attr = ] TCPIP -> -> File not found NTLMSSP -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Description -> Permite que un usuario remoto inicie sesión en el equipo y ejecute programas , y sea compatible con varios clientes de Telnet TCP/IP, incluyendo los equipos basados en UNIX y Windows. Si este servicio se detiene, es posible que el acceso al usuario remoto no esté disponible. Si este servicio está deshabilitado, cualquier servicio que explícitamente dependa de él no podrá iniciarse. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ -> 0 -> [Key] -> 0 -> FriendlyName = Mi página de inicio actual -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^hp psc 1000 series.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.021 | Size = 147456 bytes | Modified Date = 09/04/2003 18:21:38 | Attr = ] C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^hpoddt01.exe.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe -> Hewlett-Packard [Ver = 1, 0, 0, 1 | Size = 28672 bytes | Modified Date = 09/04/2003 18:11:12 | Attr = ] < Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> Acrobat Assistant 7.0 hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %ProgramFiles%\Adobe\Acrobat 7.0\Distillr\acrotray.exe -> Adobe Systems Inc. [Ver = 6.0.1.2004121400 | Size = 483328 bytes | Modified Date = 14/12/2004 2:12:02 | Attr = ] Jet Detection hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %ProgramFiles%\Creative\SBLive\Program\ADGJDet.exe -> [Ver = 1, 0, 2, 0 | Size = 28672 bytes | Modified Date = 29/11/2001 1:00:00 | Attr = ] LogitechCommunicationsManager hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %CommonProgramFiles%\LogiShrd\LComMgr\Communications_Helper.exe -> Logitech Inc. [Ver = 1.4.5.1201 | Size = 497176 bytes | Modified Date = 22/12/2006 12:27:28 | Attr = ] LogitechQuickCamRibbon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %ProgramFiles%\Logitech\QuickCam10\QuickCam10.exe -> [Ver = | Size = 756248 bytes | Modified Date = 22/12/2006 12:28:26 | Attr = ] Norton Ghost 12.0 hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %ProgramFiles%\Norton Ghost\Agent\VProTray.exe -> Symantec Corporation [Ver = 12.0.0.18971 | Size = 2020968 bytes | Modified Date = 23/01/2007 19:35:52 | Attr = ] QuickTime Task hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %ProgramFiles%\QuickTime\QTTask.exe -> Apple Inc. [Ver = 7.3.1 | Size = 286720 bytes | Modified Date = 11/12/2007 10:56:54 | Attr = ] RoxioAudioCentral hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %ProgramFiles%\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe -> Roxio, Inc. [Ver = 1.0.100 | Size = 253952 bytes | Modified Date = 09/01/2003 9:21:26 | Attr = ] RoxioDragToDisc hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %ProgramFiles%\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe -> Roxio [Ver = 6.0.0.171 | Size = 757760 bytes | Modified Date = 13/01/2003 10:19:26 | Attr = ] RoxioEngineUtility hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %CommonProgramFiles%\Roxio Shared\System\EngUtil.exe -> Roxio [Ver = 6.0.0.3 | Size = 69632 bytes | Modified Date = 13/01/2003 14:05:42 | Attr = ] [Files/Folders - Created Within 90 days] .rnd -> %SystemDrive%\.rnd -> [Ver = | Size = 1024 bytes | Created Date = 06/03/2008 8:35:19 | Attr = ] hpfr3420.xml -> %SystemDrive%\hpfr3420.xml -> [Ver = | Size = 526 bytes | Created Date = 06/03/2008 17:09:31 | Attr = ] mzn1.exe -> %SystemDrive%\mzn1.exe -> [Ver = | Size = 221532 bytes | Created Date = 28/04/2008 14:38:37 | Attr = ] sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 268 bytes | Created Date = 05/03/2008 18:47:40 | Attr = H ] sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 268 bytes | Created Date = 05/03/2008 19:14:56 | Attr = H ] sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Created Date = 05/03/2008 18:47:40 | Attr = H ] sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Created Date = 05/03/2008 19:14:56 | Attr = H ] temp -> %SystemDrive%\temp -> [Folder | Created Date = 05/03/2008 18:11:03 | Attr = ] VSNAP.IDX -> %SystemDrive%\VSNAP.IDX -> [Ver = | Size = 4096 bytes | Created Date = 06/03/2008 14:20:58 | Attr = HS] VTPFiles -> %SystemDrive%\VTPFiles -> [Folder | Created Date = 10/04/2008 16:32:56 | Attr = ] fnetusb.sys -> %SystemRoot%\System32\drivers\fnetusb.sys -> [Ver = | Size = 13696 bytes | Created Date = 31/03/2008 15:09:16 | Attr = ] LMIRfsDriver.sys -> %SystemRoot%\System32\drivers\LMIRfsDriver.sys -> LogMeIn, Inc. [Ver = 2.4.2.0 | Size = 46112 bytes | Created Date = 06/03/2008 8:35:28 | Attr = ] LV561AV.SYS -> %SystemRoot%\System32\drivers\LV561AV.SYS -> Logitech Inc. [Ver = 10.5.0.1091 | Size = 490016 bytes | Created Date = 09/04/2008 16:11:21 | Attr = R ] LVUSBSta.sys -> %SystemRoot%\System32\drivers\LVUSBSta.sys -> Logitech Inc. [Ver = 10.5.0.1091 | Size = 41248 bytes | Created Date = 09/04/2008 16:11:21 | Attr = R ] pxhelp20.sys -> %SystemRoot%\System32\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.67a | Size = 43872 bytes | Created Date = 23/02/2008 3:38:33 | Attr = ] akttzn.exe -> %SystemRoot%\System32\akttzn.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] anticipator.dll -> %SystemRoot%\System32\anticipator.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] appmgmt -> %SystemRoot%\System32\appmgmt -> [Folder | Created Date = 08/03/2008 13:20:38 | Attr = ] 4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> awtoolb.dll -> %SystemRoot%\System32\awtoolb.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] bdn.com -> %SystemRoot%\System32\bdn.com -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] bsva-egihsg52.exe -> %SystemRoot%\System32\bsva-egihsg52.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] CVIRTE -> %SystemRoot%\System32\CVIRTE -> [Folder | Created Date = 31/03/2008 15:08:28 | Attr = ] DivX.dll -> %SystemRoot%\System32\DivX.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 682496 bytes | Created Date = 21/02/2008 3:04:04 | Attr = ] DivXCodecVersionChecker.exe -> %SystemRoot%\System32\DivXCodecVersionChecker.exe -> DivX, Inc. [Ver = 6, 7, 0, 1 | Size = 156992 bytes | Created Date = 21/02/2008 3:03:42 | Attr = ] divxdec.ax -> %SystemRoot%\System32\divxdec.ax -> DivX, Inc. [Ver = 6.8.0.0 | Size = 630784 bytes | Created Date = 21/02/2008 3:03:58 | Attr = ] DivXMedia.ax -> %SystemRoot%\System32\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Created Date = 21/02/2008 3:03:54 | Attr = ] DivXsm.exe -> %SystemRoot%\System32\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 4 | Size = 524288 bytes | Created Date = 21/02/2008 3:05:52 | Attr = ] divxsm.tlb -> %SystemRoot%\System32\divxsm.tlb -> [Ver = | Size = 4816 bytes | Created Date = 21/02/2008 3:05:52 | Attr = ] DivXWMPExtType.dll -> %SystemRoot%\System32\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Created Date = 21/02/2008 3:03:24 | Attr = ] divx_xx07.dll -> %SystemRoot%\System32\divx_xx07.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Created Date = 21/02/2008 3:04:04 | Attr = ] divx_xx0c.dll -> %SystemRoot%\System32\divx_xx0c.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Created Date = 21/02/2008 3:04:04 | Attr = ] divx_xx11.dll -> %SystemRoot%\System32\divx_xx11.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 802816 bytes | Created Date = 21/02/2008 3:04:04 | Attr = ] dpcproxy.exe -> %SystemRoot%\System32\dpcproxy.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] dpl100.dll -> %SystemRoot%\System32\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 81920 bytes | Created Date = 21/02/2008 3:04:16 | Attr = ] dpl100.dll.manifest -> %SystemRoot%\System32\dpl100.dll.manifest -> [Ver = | Size = 416 bytes | Created Date = 21/02/2008 3:04:16 | Attr = ] dpu10.dll -> %SystemRoot%\System32\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 21/02/2008 3:04:06 | Attr = ] dpu11.dll -> %SystemRoot%\System32\dpu11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 21/02/2008 3:04:06 | Attr = ] dpuGUI10.dll -> %SystemRoot%\System32\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Created Date = 21/02/2008 3:04:08 | Attr = ] dpuGUI11.dll -> %SystemRoot%\System32\dpuGUI11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Created Date = 21/02/2008 3:04:08 | Attr = ] dpus11.dll -> %SystemRoot%\System32\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Created Date = 21/02/2008 3:04:06 | Attr = ] dpv11.dll -> %SystemRoot%\System32\dpv11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Created Date = 21/02/2008 3:04:06 | Attr = ] dtu100.dll -> %SystemRoot%\System32\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 196608 bytes | Created Date = 21/02/2008 3:04:16 | Attr = ] dtu100.dll.manifest -> %SystemRoot%\System32\dtu100.dll.manifest -> [Ver = | Size = 416 bytes | Created Date = 21/02/2008 3:04:16 | Attr = ] emesx.dll -> %SystemRoot%\System32\emesx.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] fccbCvvs.dll -> %SystemRoot%\System32\fccbCvvs.dll -> [Ver = | Size = 37376 bytes | Created Date = 29/04/2008 23:14:40 | Attr = ] fnetusb.sys -> %SystemRoot%\System32\fnetusb.sys -> [Ver = | Size = 13696 bytes | Created Date = 31/03/2008 15:09:16 | Attr = ] h@tkeysh@@k.dll -> %SystemRoot%\System32\h@tkeysh@@k.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] hgGxYRll.dll -> %SystemRoot%\System32\hgGxYRll.dll -> [Ver = | Size = 280576 bytes | Created Date = 29/04/2008 23:21:44 | Attr = ] hoproxy.dll -> %SystemRoot%\System32\hoproxy.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] hxiwlgpm.dat -> %SystemRoot%\System32\hxiwlgpm.dat -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] hxiwlgpm.exe -> %SystemRoot%\System32\hxiwlgpm.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] ibarghkl.ini -> %SystemRoot%\System32\ibarghkl.ini -> [Ver = | Size = 1482638 bytes | Created Date = 29/04/2008 23:23:15 | Attr = HS] IOSUBSYS -> %SystemRoot%\System32\IOSUBSYS -> [Folder | Created Date = 29/04/2008 18:53:58 | Attr = ] LClock.cpl -> %SystemRoot%\System32\LClock.cpl -> [Ver = | Size = 172032 bytes | Created Date = 10/04/2008 17:03:29 | Attr = ] libdivx.dll -> %SystemRoot%\System32\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Created Date = 21/02/2008 3:05:34 | Attr = ] lkhgrabi.dll -> %SystemRoot%\System32\lkhgrabi.dll -> [Ver = | Size = 97856 bytes | Created Date = 29/04/2008 23:23:02 | Attr = ] llRYxGgh.ini -> %SystemRoot%\System32\llRYxGgh.ini -> [Ver = | Size = 11108 bytes | Created Date = 29/04/2008 23:21:50 | Attr = HS] llRYxGgh.ini2 -> %SystemRoot%\System32\llRYxGgh.ini2 -> [Ver = | Size = 10698 bytes | Created Date = 29/04/2008 23:21:50 | Attr = HS] LMIinit.dll -> %SystemRoot%\System32\LMIinit.dll -> LogMeIn, Inc. [Ver = 4.0.680 | Size = 87352 bytes | Created Date = 06/03/2008 8:35:21 | Attr = ] LMIport.dll -> %SystemRoot%\System32\LMIport.dll -> LogMeIn, Inc. [Ver = 0.2.0.0 | Size = 21496 bytes | Created Date = 06/03/2008 8:35:28 | Attr = ] LMIRfsClientNP.dll -> %SystemRoot%\System32\LMIRfsClientNP.dll -> LogMeIn, Inc. [Ver = 2.1.3.0 | Size = 83288 bytes | Created Date = 06/03/2008 8:35:28 | Attr = ] lvcodec2.dll -> %SystemRoot%\System32\lvcodec2.dll -> Logitech Inc. [Ver = 10.5.0.1091 | Size = 264992 bytes | Created Date = 09/04/2008 16:11:21 | Attr = R ] lvcoinst.dll -> %SystemRoot%\System32\lvcoinst.dll -> Logitech Inc. [Ver = 10.5.0.1091 | Size = 133920 bytes | Created Date = 09/04/2008 16:11:21 | Attr = R ] lvcoinst.ini -> %SystemRoot%\System32\lvcoinst.ini -> [Ver = | Size = 48205 bytes | Created Date = 09/04/2008 16:11:21 | Attr = R ] LVUI2.dll -> %SystemRoot%\System32\LVUI2.dll -> Logitech Inc. [Ver = 10.5.0.1091 | Size = 215840 bytes | Created Date = 09/04/2008 16:11:21 | Attr = R ] LVUI2RC.dll -> %SystemRoot%\System32\LVUI2RC.dll -> Logitech Inc. [Ver = 10.5.0.1091 | Size = 527136 bytes | Created Date = 09/04/2008 16:11:21 | Attr = R ] medup012.dll -> %SystemRoot%\System32\medup012.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] medup020.dll -> %SystemRoot%\System32\medup020.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] mlJbaXrS.dll -> %SystemRoot%\System32\mlJbaXrS.dll -> [Ver = | Size = 37376 bytes | Created Date = 29/04/2008 23:13:38 | Attr = ] modifype.exe -> %SystemRoot%\System32\modifype.exe -> [Ver = | Size = 8636 bytes | Created Date = 10/04/2008 16:32:55 | Attr = ] moveex.exe -> %SystemRoot%\System32\moveex.exe -> [Ver = | Size = 69632 bytes | Created Date = 10/04/2008 16:32:55 | Attr = ] msgp.exe -> %SystemRoot%\System32\msgp.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] msnbho.dll -> %SystemRoot%\System32\msnbho.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] mssecu.exe -> %SystemRoot%\System32\mssecu.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] msvchost.exe -> %SystemRoot%\System32\msvchost.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] mtr2.exe -> %SystemRoot%\System32\mtr2.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] mwin32.exe -> %SystemRoot%\System32\mwin32.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] netode.exe -> %SystemRoot%\System32\netode.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] newsd32.exe -> %SystemRoot%\System32\newsd32.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] PCDLIB32.DLL -> %SystemRoot%\System32\PCDLIB32.DLL -> Eastman Kodak [Ver = 3, 0, 0, 0 | Size = 212480 bytes | Created Date = 29/04/2008 23:09:25 | Attr = ] ps1.exe -> %SystemRoot%\System32\ps1.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] pskill.exe -> %SystemRoot%\System32\pskill.exe -> Sysinternals - www.sysinternals.com [Ver = 1.03 | Size = 94208 bytes | Created Date = 10/04/2008 16:32:55 | Attr = ] psof1.exe -> %SystemRoot%\System32\psof1.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] psoft1.exe -> %SystemRoot%\System32\psoft1.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] px.dll -> %SystemRoot%\System32\px.dll -> Sonic Solutions [Ver = 3.2.46.500 | Size = 514808 bytes | Created Date = 29/04/2008 18:54:06 | Attr = ] pxdrv.dll -> %SystemRoot%\System32\pxdrv.dll -> Sonic Solutions [Ver = 1.01.95a | Size = 477944 bytes | Created Date = 29/04/2008 18:54:06 | Attr = ] pxhpinst.exe -> %SystemRoot%\System32\pxhpinst.exe -> Sonic Solutions [Ver = 3.00.41a | Size = 68344 bytes | Created Date = 29/04/2008 18:54:06 | Attr = ] pxmas.dll -> %SystemRoot%\System32\pxmas.dll -> Sonic Solutions [Ver = 3.2.46.500 | Size = 183032 bytes | Created Date = 29/04/2008 18:54:06 | Attr = ] pxwave.dll -> %SystemRoot%\System32\pxwave.dll -> Sonic Solutions [Ver = 3.2.46.500 | Size = 379640 bytes | Created Date = 29/04/2008 18:54:06 | Attr = ] qt-dx331.dll -> %SystemRoot%\System32\qt-dx331.dll -> [Ver = | Size = 3596288 bytes | Created Date = 21/02/2008 3:05:44 | Attr = ] regc64.dll -> %SystemRoot%\System32\regc64.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] regm64.dll -> %SystemRoot%\System32\regm64.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] reico.exe -> %SystemRoot%\System32\reico.exe -> Dead Knight [Ver = | Size = 19968 bytes | Created Date = 10/04/2008 16:32:55 | Attr = ] Repository.reg -> %SystemRoot%\System32\Repository.reg -> [Ver = | Size = 13092 bytes | Created Date = 09/04/2008 16:11:22 | Attr = R ] rqRIYQjJ.dll -> %SystemRoot%\System32\rqRIYQjJ.dll -> [Ver = | Size = 37376 bytes | Created Date = 29/04/2008 23:14:30 | Attr = ] Rundl1.exe -> %SystemRoot%\System32\Rundl1.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] smp -> %SystemRoot%\System32\smp -> [Folder | Created Date = 29/04/2008 23:15:32 | Attr = ] sncntr.exe -> %SystemRoot%\System32\sncntr.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] ssldivx.dll -> %SystemRoot%\System32\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Created Date = 21/02/2008 3:05:34 | Attr = ] ssurf022.dll -> %SystemRoot%\System32\ssurf022.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] ssvchost.com -> %SystemRoot%\System32\ssvchost.com -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] ssvchost.exe -> %SystemRoot%\System32\ssvchost.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] sysreq.exe -> %SystemRoot%\System32\sysreq.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] taack.dat -> %SystemRoot%\System32\taack.dat -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] taack.exe -> %SystemRoot%\System32\taack.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] temp#01.exe -> %SystemRoot%\System32\temp#01.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] thun.dll -> %SystemRoot%\System32\thun.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] thun32.dll -> %SystemRoot%\System32\thun32.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] Uharc.exe -> %SystemRoot%\System32\Uharc.exe -> [Ver = | Size = 111104 bytes | Created Date = 10/04/2008 16:32:55 | Attr = ] Ulead Photo Express ScreenSaver.scr -> %SystemRoot%\System32\Ulead Photo Express ScreenSaver.scr -> Ulead Systems, Inc. [Ver = 6, 0, 0, 0 | Size = 40960 bytes | Created Date = 29/04/2008 23:09:25 | Attr = ] VBIEWER.OCX -> %SystemRoot%\System32\VBIEWER.OCX -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] vbsys2.dll -> %SystemRoot%\System32\vbsys2.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] vcatchpi.dll -> %SystemRoot%\System32\vcatchpi.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] VIRepair -> %SystemRoot%\System32\VIRepair -> [Folder | Created Date = 10/04/2008 19:25:37 | Attr = ] vistartup.bmp -> %SystemRoot%\System32\vistartup.bmp -> [Ver = | Size = 49208 bytes | Created Date = 10/04/2008 17:03:28 | Attr = ] VITrans -> %SystemRoot%\System32\VITrans -> [Folder | Created Date = 10/04/2008 19:24:28 | Attr = ] viwc.exe -> %SystemRoot%\System32\viwc.exe -> [Ver = | Size = 329029 bytes | Created Date = 10/04/2008 17:03:40 | Attr = ] vxblock.dll -> %SystemRoot%\System32\vxblock.dll -> Sonic Solutions [Ver = 1.00.72a | Size = 39672 bytes | Created Date = 29/04/2008 18:54:06 | Attr = ] wbload.dll -> %SystemRoot%\System32\wbload.dll -> [Ver = | Size = 20480 bytes | Created Date = 10/04/2008 18:35:05 | Attr = ] wbsys.dll -> %SystemRoot%\System32\wbsys.dll -> Stardock.Net, Inc [Ver = 5, 5, 0, 0 | Size = 42672 bytes | Created Date = 10/04/2008 17:46:48 | Attr = ] winlogonpc.exe -> %SystemRoot%\System32\winlogonpc.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] winsystem.exe -> %SystemRoot%\System32\winsystem.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] WINWGPX.EXE -> %SystemRoot%\System32\WINWGPX.EXE -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] zmvqhkde.exe -> %SystemRoot%\System32\zmvqhkde.exe -> [Ver = | Size = 102400 bytes | Created Date = 29/04/2008 23:13:37 | Attr = ] a.bat -> %SystemRoot%\a.bat -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] bdkpfxqw.dll -> %SystemRoot%\bdkpfxqw.dll -> [Ver = | Size = 225280 bytes | Created Date = 29/04/2008 23:14:02 | Attr = ] bdn.com -> %SystemRoot%\bdn.com -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] FVProtect.exe -> %SystemRoot%\FVProtect.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] gndarmblxbt.dll -> %SystemRoot%\gndarmblxbt.dll -> [Ver = | Size = 274432 bytes | Created Date = 29/04/2008 23:14:02 | Attr = ] hpoins01.dat -> %SystemRoot%\hpoins01.dat -> [Ver = | Size = 19582 bytes | Created Date = 05/03/2008 18:12:07 | Attr = ] hpomdl01.dat -> %SystemRoot%\hpomdl01.dat -> [Ver = | Size = 16606 bytes | Created Date = 05/03/2008 18:12:07 | Attr = ] Icon_1.ico -> %SystemRoot%\Icon_1.ico -> [Ver = | Size = 78942 bytes | Created Date = 10/04/2008 16:33:09 | Attr = ] Icon_2.ico -> %SystemRoot%\Icon_2.ico -> [Ver = | Size = 78942 bytes | Created Date = 10/04/2008 16:59:53 | Attr = ] iTunesMusic.exe -> %SystemRoot%\iTunesMusic.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1188 bytes | Created Date = 21/04/2008 22:22:27 | Attr = ] mslagent -> %SystemRoot%\mslagent -> [Folder | Created Date = 29/04/2008 23:15:32 | Attr = ] 8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> mssecu.exe -> %SystemRoot%\mssecu.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 21/04/2008 22:18:10 | Attr = ] qadovnel.dll -> %SystemRoot%\qadovnel.dll -> [Ver = | Size = 188416 bytes | Created Date = 29/04/2008 23:14:02 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 29/04/2008 23:28:21 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 29/04/2008 23:28:21 | Attr = H ] spwoqbmv.exe -> %SystemRoot%\spwoqbmv.exe -> [Ver = | Size = 94208 bytes | Created Date = 29/04/2008 23:14:02 | Attr = ] userconfig9x.dll -> %SystemRoot%\userconfig9x.dll -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] WB.ini -> %SystemRoot%\WB.ini -> [Ver = | Size = 0 bytes | Created Date = 10/04/2008 19:04:20 | Attr = ] winsystem.exe -> %SystemRoot%\winsystem.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:49 | Attr = ] WMSysPr8.prx -> %SystemRoot%\WMSysPr8.prx -> [Ver = | Size = 156910 bytes | Created Date = 05/04/2008 15:13:08 | Attr = ] wxdbpfvo.dll -> %SystemRoot%\wxdbpfvo.dll -> [Ver = | Size = 155648 bytes | Created Date = 29/04/2008 23:14:02 | Attr = ] xbaqktfv.exe -> %SystemRoot%\xbaqktfv.exe -> [Ver = | Size = 94208 bytes | Created Date = 29/04/2008 23:14:02 | Attr = ] FRU Task #Hewlett-Packard#hp psc 1200 series#1204737541.job -> %SystemRoot%\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1204737541.job -> [Ver = | Size = 404 bytes | Created Date = 05/03/2008 18:20:00 | Attr = ] [Files Created - Additional Folder Scans - Non-Microsoft Only] Autodesk -> %AllUsersProfile%\Datos de programa\Autodesk -> [Folder | Created Date = 07/03/2008 14:05:38 | Attr = ] Logitech -> %AllUsersProfile%\Datos de programa\Logitech -> [Folder | Created Date = 05/03/2008 17:50:17 | Attr = ] Spybot - Search & Destroy -> %AllUsersProfile%\Datos de programa\Spybot - Search & Destroy -> [Folder | Created Date = 29/04/2008 23:20:56 | Attr = ] Ulead Systems -> %AllUsersProfile%\Datos de programa\Ulead Systems -> [Folder | Created Date = 29/04/2008 23:08:09 | Attr = ] WLInstaller -> %AllUsersProfile%\Datos de programa\WLInstaller -> [Folder | Created Date = 19/03/2008 11:09:45 | Attr = ] zqpulkfs -> %AllUsersProfile%\Datos de programa\zqpulkfs -> [Folder | Created Date = 29/04/2008 23:15:32 | Attr = ] {AC90994C-8970-4D38-B465-3DF6B6A1843C} -> %AllUsersProfile%\Datos de programa\{AC90994C-8970-4D38-B465-3DF6B6A1843C} -> [Folder | Created Date = 31/03/2008 15:09:14 | Attr = ] Autodesk -> %AppData%\Autodesk -> [Folder | Created Date = 07/03/2008 14:05:38 | Attr = ] DivX -> %AppData%\DivX -> [Folder | Created Date = 13/03/2008 15:20:16 | Attr = ] Hewlett-Packard -> %AppData%\Hewlett-Packard -> [Folder | Created Date = 05/03/2008 18:19:57 | Attr = ] Mozilla -> %AppData%\Mozilla -> [Folder | Created Date = 21/04/2008 22:18:07 | Attr = ] Styler -> %AppData%\Styler -> [Folder | Created Date = 10/04/2008 19:25:35 | Attr = ] Ulead Systems -> %AppData%\Ulead Systems -> [Folder | Created Date = 29/04/2008 23:08:09 | Attr = ] uTorrent -> %AppData%\uTorrent -> [Folder | Created Date = 09/04/2008 18:17:41 | Attr = ] ViStart -> %AppData%\ViStart -> [Folder | Created Date = 10/04/2008 16:39:03 | Attr = ] vlc -> %AppData%\vlc -> [Folder | Created Date = 09/03/2008 12:46:25 | Attr = ] Autodesk -> %UserProfile%\Configuración local\Datos de programa\Autodesk -> [Folder | Created Date = 07/03/2008 14:05:38 | Attr = ] Google -> %UserProfile%\Configuración local\Datos de programa\Google -> [Folder | Created Date = 29/04/2008 18:54:10 | Attr = ] IconCache.db -> %UserProfile%\Configuración local\Datos de programa\IconCache.db -> [Ver = | Size = 4316840 bytes | Created Date = 29/04/2008 23:14:52 | Attr = H ] Identities -> %UserProfile%\Configuración local\Datos de programa\Identities -> [Folder | Created Date = 21/04/2008 22:28:30 | Attr = ] Mozilla -> %UserProfile%\Configuración local\Datos de programa\Mozilla -> [Folder | Created Date = 21/04/2008 22:18:07 | Attr = ] Seven Zip -> %UserProfile%\Configuración local\Datos de programa\Seven Zip -> [Folder | Created Date = 31/03/2008 15:08:05 | Attr = ] Stardock -> %UserProfile%\Configuración local\Datos de programa\Stardock -> [Folder | Created Date = 10/04/2008 16:38:55 | Attr = ] Stardock -> %AllUsersProfile%\Documentos\Stardock -> [Folder | Created Date = 10/04/2008 17:46:49 | Attr = ] 1A.doc -> %UserProfile%\Mis documentos\1A.doc -> [Ver = | Size = 225792 bytes | Created Date = 24/03/2008 8:25:37 | Attr = ] Contactos para rjorge99 (hotmail).ctt -> %UserProfile%\Mis documentos\Contactos para rjorge99 (hotmail).ctt -> [Ver = | Size = 21691 bytes | Created Date = 05/04/2008 18:52:29 | Attr = ] eTIQUETAS.doc -> %UserProfile%\Mis documentos\eTIQUETAS.doc -> [Ver = | Size = 32256 bytes | Created Date = 07/03/2008 16:11:18 | Attr = ] LinkWare Files -> %UserProfile%\Mis documentos\LinkWare Files -> [Folder | Created Date = 31/03/2008 15:10:58 | Attr = ] Multipack.jpg -> %UserProfile%\Mis documentos\Multipack.jpg -> [Ver = | Size = 1598572 bytes | Created Date = 28/03/2008 2:03:17 | Attr = ] pelon.doc -> %UserProfile%\Mis documentos\pelon.doc -> [Ver = | Size = 43008 bytes | Created Date = 15/04/2008 19:20:37 | Attr = ] PRACTICAS -> %UserProfile%\Mis documentos\PRACTICAS -> [Folder | Created Date = 28/03/2008 2:03:16 | Attr = ] PRECIOS.xls -> %UserProfile%\Mis documentos\PRECIOS.xls -> [Ver = | Size = 24064 bytes | Created Date = 22/04/2008 14:21:00 | Attr = ] Picasa2.lnk -> %AllUsersProfile%\Escritorio\Picasa2.lnk -> [Ver = | Size = 715 bytes | Created Date = 29/04/2008 18:54:06 | Attr = ] Ulead Photo Express 6.0.lnk -> %AllUsersProfile%\Escritorio\Ulead Photo Express 6.0.lnk -> [Ver = | Size = 1739 bytes | Created Date = 29/04/2008 23:09:25 | Attr = ] blackbird.jpg -> %UserProfile%\Escritorio\blackbird.jpg -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] DSCN6541.MOV -> %UserProfile%\Escritorio\DSCN6541.MOV -> [Ver = | Size = 12210286 bytes | Created Date = 24/04/2008 19:09:38 | Attr = ] DSCN6544.MOV -> %UserProfile%\Escritorio\DSCN6544.MOV -> [Ver = | Size = 19294982 bytes | Created Date = 24/04/2008 19:09:38 | Attr = ] DSCN6545.MOV -> %UserProfile%\Escritorio\DSCN6545.MOV -> [Ver = | Size = 35856678 bytes | Created Date = 24/04/2008 19:09:38 | Attr = ] EditorFKWP1.5.exe -> %UserProfile%\Escritorio\EditorFKWP1.5.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] EditorFKWP2.0.exe -> %UserProfile%\Escritorio\EditorFKWP2.0.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] filemanagerclient.exe -> %UserProfile%\Escritorio\filemanagerclient.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] fkwp1.5.exe -> %UserProfile%\Escritorio\fkwp1.5.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] fkwp2.0.exe -> %UserProfile%\Escritorio\fkwp2.0.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] FOTOS -> %UserProfile%\Escritorio\FOTOS -> [Folder | Created Date = 29/04/2008 18:55:44 | Attr = ] fwebd.exe -> %UserProfile%\Escritorio\fwebd.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] FWebdEditor.exe -> %UserProfile%\Escritorio\FWebdEditor.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] Guitar Pro 5.lnk -> %UserProfile%\Escritorio\Guitar Pro 5.lnk -> [Ver = | Size = 654 bytes | Created Date = 28/04/2008 16:47:42 | Attr = ] OTScanIt -> %UserProfile%\Escritorio\OTScanIt -> [Folder | Created Date = 29/04/2008 23:24:32 | Attr = ] OTScanIt.exe -> %UserProfile%\Escritorio\OTScanIt.exe -> [Ver = | Size = 542565 bytes | Created Date = 29/04/2008 23:23:26 | Attr = ] PRODUCTOS MAGIA -> %UserProfile%\Escritorio\PRODUCTOS MAGIA -> [Folder | Created Date = 22/04/2008 14:17:38 | Attr = ] Spybot - Search & Destroy.lnk -> %UserProfile%\Escritorio\Spybot - Search & Destroy.lnk -> [Ver = | Size = 982 bytes | Created Date = 29/04/2008 23:21:00 | Attr = ] Thumbs.db -> %UserProfile%\Escritorio\Thumbs.db -> [Ver = | Size = 4096 bytes | Created Date = 23/04/2008 16:20:51 | Attr = HS] @Alternate Data Stream - 0 bytes -> %UserProfile%\Escritorio\Thumbs.db:encryptable Trojan.Win32.BlackBird.exe -> %UserProfile%\Escritorio\Trojan.Win32.BlackBird.exe -> [Ver = | Size = 4096 bytes | Created Date = 29/04/2008 23:13:50 | Attr = ] Ulead6_www.x-caleta.com_Jesusbo.part1.rar -> %UserProfile%\Escritorio\Ulead6_www.x-caleta.com_Jesusbo.part1.rar -> [Ver = | Size = 94371840 bytes | Created Date = 29/04/2008 19:50:33 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Escritorio\Ulead6_www.x-caleta.com_Jesusbo.part1.rar:Zone.Identifier Ulead_Photo_Express_6.0 -> %UserProfile%\Escritorio\Ulead_Photo_Express_6.0 -> [Folder | Created Date = 29/04/2008 23:15:32 | Attr = ] Ulead_Photo_Express_6.0.zip -> %UserProfile%\Escritorio\Ulead_Photo_Express_6.0.zip -> [Ver = | Size = 586504 bytes | Created Date = 29/04/2008 23:13:01 | Attr = ] Ulead_Photo_Express_6.0.zip.exe -> %UserProfile%\Escritorio\Ulead_Photo_Express_6.0.zip.exe -> [Ver = | Size = 742001 bytes | Created Date = 29/04/2008 23:12:45 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Escritorio\Ulead_Photo_Express_6.0.zip.exe:Zone.Identifier virii -> %UserProfile%\Escritorio\virii -> [Folder | Created Date = 29/04/2008 23:15:32 | Attr = ] OpenSTA NameServer.lnk -> %AllUsersProfile%\Menú Inicio\Programas\Inicio\OpenSTA NameServer.lnk -> [Ver = | Size = 2267 bytes | Created Date = 24/04/2008 18:55:17 | Attr = ] Autodesk Shared -> %CommonProgramFiles%\Autodesk Shared -> [Folder | Created Date = 07/03/2008 14:05:38 | Attr = ] Hewlett-Packard -> %CommonProgramFiles%\Hewlett-Packard -> [Folder | Created Date = 05/03/2008 18:14:11 | Attr = ] LogiShrd -> %CommonProgramFiles%\LogiShrd -> [Folder | Created Date = 05/03/2008 17:50:18 | Attr = ] Logitech -> %CommonProgramFiles%\Logitech -> [Folder | Created Date = 05/03/2008 17:52:49 | Attr = ] Ulead Systems -> %CommonProgramFiles%\Ulead Systems -> [Folder | Created Date = 29/04/2008 23:09:25 | Attr = ] WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller -> [Folder | Created Date = 19/03/2008 11:10:02 | Attr = HS] akl -> %ProgramFiles%\akl -> [Folder | Created Date = 29/04/2008 23:15:32 | Attr = ] Alcohol Soft -> %ProgramFiles%\Alcohol Soft -> [Folder | Created Date = 09/04/2008 18:27:11 | Attr = ] AutoCAD 2008 -> %ProgramFiles%\AutoCAD 2008 -> [Folder | Created Date = 07/03/2008 14:05:38 | Attr = ] coolpro2 -> %ProgramFiles%\coolpro2 -> [Folder | Created Date = 05/04/2008 15:11:42 | Attr = ] DivX -> %ProgramFiles%\DivX -> [Folder | Created Date = 13/03/2008 13:52:16 | Attr = ] Fluke Networks -> %ProgramFiles%\Fluke Networks -> [Folder | Created Date = 31/03/2008 15:08:28 | Attr = ] Google -> %ProgramFiles%\Google -> [Folder | Created Date = 29/04/2008 18:53:57 | Attr = ] Guitar Pro 5 -> %ProgramFiles%\Guitar Pro 5 -> [Folder | Created Date = 28/04/2008 16:47:36 | Attr = ] Hewlett-Packard -> %ProgramFiles%\Hewlett-Packard -> [Folder | Created Date = 05/03/2008 18:12:48 | Attr = ] Inet Delivery -> %ProgramFiles%\Inet Delivery -> [Folder | Created Date = 29/04/2008 23:15:32 | Attr = ] LClock -> %ProgramFiles%\LClock -> [Folder | Created Date = 10/04/2008 17:03:28 | Attr = ] Logitech -> %ProgramFiles%\Logitech -> [Folder | Created Date = 05/03/2008 17:50:17 | Attr = ] LogMeIn -> %ProgramFiles%\LogMeIn -> [Folder | Created Date = 06/03/2008 8:35:13 | Attr = ] Microsoft CAPICOM 2.1.0.2 -> %ProgramFiles%\Microsoft CAPICOM 2.1.0.2 -> [Folder | Created Date = 20/03/2008 17:57:22 | Attr = ] Mozilla Firefox -> %ProgramFiles%\Mozilla Firefox -> [Folder | Created Date = 21/04/2008 22:18:02 | Attr = ] MSXML 4.0 -> %ProgramFiles%\MSXML 4.0 -> [Folder | Created Date = 07/03/2008 7:49:49 | Attr = ] OpenSTA -> %ProgramFiles%\OpenSTA -> [Folder | Created Date = 24/04/2008 18:55:14 | Attr = ] Picasa2 -> %ProgramFiles%\Picasa2 -> [Folder | Created Date = 29/04/2008 18:53:49 | Attr = ] Spybot - Search & Destroy -> %ProgramFiles%\Spybot - Search & Destroy -> [Folder | Created Date = 29/04/2008 23:20:56 | Attr = ] Stardock -> %ProgramFiles%\Stardock -> [Folder | Created Date = 10/04/2008 17:46:47 | Attr = ] Styler -> %ProgramFiles%\Styler -> [Folder | Created Date = 10/04/2008 16:36:44 | Attr = ] TrueTransparency -> %ProgramFiles%\TrueTransparency -> [Folder | Created Date = 10/04/2008 16:36:47 | Attr = ] Ulead Systems -> %ProgramFiles%\Ulead Systems -> [Folder | Created Date = 29/04/2008 23:08:14 | Attr = ] uTorrent -> %ProgramFiles%\uTorrent -> [Folder | Created Date = 09/04/2008 18:17:43 | Attr = ] VideoLAN -> %ProgramFiles%\VideoLAN -> [Folder | Created Date = 09/03/2008 12:45:03 | Attr = ] ViOrb -> %ProgramFiles%\ViOrb -> [Folder | Created Date = 10/04/2008 17:03:33 | Attr = ] Vista Sidebar -> %ProgramFiles%\Vista Sidebar -> [Folder | Created Date = 10/04/2008 17:03:29 | Attr = ] ViStart -> %ProgramFiles%\ViStart -> [Folder | Created Date = 10/04/2008 17:03:33 | Attr = ] VisualTooltip -> %ProgramFiles%\VisualTooltip -> [Folder | Created Date = 10/04/2008 17:03:33 | Attr = ] WinFlip -> %ProgramFiles%\WinFlip -> [Folder | Created Date = 10/04/2008 16:36:47 | Attr = ] [Files/Folders - Modified Within 90 days] .rnd -> %SystemDrive%\.rnd -> [Ver = | Size = 1024 bytes | Modified Date = 06/03/2008 8:35:20 | Attr = ] Archivos de programa -> %ProgramFiles% -> [Folder | Modified Date = 29/04/2008 23:20:56 | Attr = R ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 05/03/2008 18:20:33 | Attr = HS] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 10/04/2008 19:12:43 | Attr = ] hpfr3420.xml -> %SystemDrive%\hpfr3420.xml -> [Ver = | Size = 526 bytes | Modified Date = 29/04/2008 19:26:56 | Attr = ] mzn1.exe -> %SystemDrive%\mzn1.exe -> [Ver = | Size = 221532 bytes | Modified Date = 28/04/2008 19:47:21 | Attr = ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 23/04/2008 15:39:45 | Attr = RHS] sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 268 bytes | Modified Date = 05/03/2008 18:47:40 | Attr = H ] sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 268 bytes | Modified Date = 05/03/2008 19:14:56 | Attr = H ] sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 05/03/2008 18:47:40 | Attr = H ] sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Modified Date = 05/03/2008 19:14:56 | Attr = H ] temp -> %SystemDrive%\temp -> [Folder | Modified Date = 05/03/2008 18:11:03 | Attr = ] VSNAP.IDX -> %SystemDrive%\VSNAP.IDX -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:15:36 | Attr = HS] VTPFiles -> %SystemDrive%\VTPFiles -> [Folder | Modified Date = 10/04/2008 19:27:32 | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 29/04/2008 23:28:21 | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 29/04/2008 23:24:18 | Attr = ] hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 236727 bytes | Modified Date = 29/04/2008 23:24:18 | Attr = R ] pxhelp20.sys -> %SystemRoot%\System32\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.67a | Size = 43872 bytes | Modified Date = 23/02/2008 3:38:33 | Attr = ] 3076 -> %SystemRoot%\System32\3076 -> [Folder | Modified Date = 10/04/2008 22:41:48 | Attr = ] 4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> akttzn.exe -> %SystemRoot%\System32\akttzn.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] anticipator.dll -> %SystemRoot%\System32\anticipator.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] appmgmt -> %SystemRoot%\System32\appmgmt -> [Folder | Modified Date = 08/03/2008 13:20:38 | Attr = ] AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [Ver = | Size = 1959 bytes | Modified Date = 03/04/2008 8:49:17 | Attr = ] awtoolb.dll -> %SystemRoot%\System32\awtoolb.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] BASSMOD.dll -> %SystemRoot%\System32\BASSMOD.dll -> [Ver = | Size = 10752 bytes | Modified Date = 10/04/2008 19:33:29 | Attr = ] bdn.com -> %SystemRoot%\System32\bdn.com -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] BMXBkpCtrlState-{00000002-00000000-00000004-00001102-00000002-80641102}.rfx -> %SystemRoot%\System32\BMXBkpCtrlState-{00000002-00000000-00000004-00001102-00000002-80641102}.rfx -> [Ver = | Size = 24888 bytes | Modified Date = 29/04/2008 23:15:36 | Attr = ] BMXCtrlState-{00000002-00000000-00000004-00001102-00000002-80641102}.rfx -> %SystemRoot%\System32\BMXCtrlState-{00000002-00000000-00000004-00001102-00000002-80641102}.rfx -> [Ver = | Size = 24888 bytes | Modified Date = 29/04/2008 23:15:36 | Attr = ] BMXState-{00000002-00000000-00000004-00001102-00000002-80641102}.rfx -> %SystemRoot%\System32\BMXState-{00000002-00000000-00000004-00001102-00000002-80641102}.rfx -> [Ver = | Size = 16420 bytes | Modified Date = 29/04/2008 23:15:36 | Attr = ] BMXStateBkp-{00000002-00000000-00000004-00001102-00000002-80641102}.rfx -> %SystemRoot%\System32\BMXStateBkp-{00000002-00000000-00000004-00001102-00000002-80641102}.rfx -> [Ver = | Size = 16420 bytes | Modified Date = 29/04/2008 23:15:36 | Attr = ] bsva-egihsg52.exe -> %SystemRoot%\System32\bsva-egihsg52.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 05/03/2008 17:55:49 | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 29/04/2008 23:17:38 | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 22/04/2008 12:48:56 | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2934 bytes | Modified Date = 03/04/2008 8:49:17 | Attr = ] CVIRTE -> %SystemRoot%\System32\CVIRTE -> [Folder | Modified Date = 31/03/2008 15:08:28 | Attr = ] DivX.dll -> %SystemRoot%\System32\DivX.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 682496 bytes | Modified Date = 21/02/2008 3:04:04 | Attr = ] DivXCodecVersionChecker.exe -> %SystemRoot%\System32\DivXCodecVersionChecker.exe -> DivX, Inc. [Ver = 6, 7, 0, 1 | Size = 156992 bytes | Modified Date = 21/02/2008 3:03:42 | Attr = ] divxdec.ax -> %SystemRoot%\System32\divxdec.ax -> DivX, Inc. [Ver = 6.8.0.0 | Size = 630784 bytes | Modified Date = 21/02/2008 3:03:58 | Attr = ] DivXMedia.ax -> %SystemRoot%\System32\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Modified Date = 21/02/2008 3:03:54 | Attr = ] DivXsm.exe -> %SystemRoot%\System32\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 4 | Size = 524288 bytes | Modified Date = 21/02/2008 3:05:52 | Attr = ] divxsm.tlb -> %SystemRoot%\System32\divxsm.tlb -> [Ver = | Size = 4816 bytes | Modified Date = 21/02/2008 3:05:52 | Attr = ] DivXWMPExtType.dll -> %SystemRoot%\System32\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Modified Date = 21/02/2008 3:03:24 | Attr = ] divx_xx07.dll -> %SystemRoot%\System32\divx_xx07.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Modified Date = 21/02/2008 3:04:04 | Attr = ] divx_xx0c.dll -> %SystemRoot%\System32\divx_xx0c.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Modified Date = 21/02/2008 3:04:04 | Attr = ] divx_xx11.dll -> %SystemRoot%\System32\divx_xx11.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 802816 bytes | Modified Date = 21/02/2008 3:04:04 | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 29/04/2008 23:17:45 | Attr = RHS] dpcproxy.exe -> %SystemRoot%\System32\dpcproxy.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] dpl100.dll -> %SystemRoot%\System32\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 81920 bytes | Modified Date = 21/02/2008 3:04:16 | Attr = ] dpl100.dll.manifest -> %SystemRoot%\System32\dpl100.dll.manifest -> [Ver = | Size = 416 bytes | Modified Date = 21/02/2008 3:04:16 | Attr = ] dpu10.dll -> %SystemRoot%\System32\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 21/02/2008 3:04:06 | Attr = ] dpu11.dll -> %SystemRoot%\System32\dpu11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 21/02/2008 3:04:06 | Attr = ] dpuGUI10.dll -> %SystemRoot%\System32\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Modified Date = 21/02/2008 3:04:08 | Attr = ] dpuGUI11.dll -> %SystemRoot%\System32\dpuGUI11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Modified Date = 21/02/2008 3:04:08 | Attr = ] dpus11.dll -> %SystemRoot%\System32\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Modified Date = 21/02/2008 3:04:06 | Attr = ] dpv11.dll -> %SystemRoot%\System32\dpv11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Modified Date = 21/02/2008 3:04:06 | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 29/04/2008 23:17:37 | Attr = ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 31/03/2008 15:09:19 | Attr = ] dtu100.dll -> %SystemRoot%\System32\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 196608 bytes | Modified Date = 21/02/2008 3:04:16 | Attr = ] dtu100.dll.manifest -> %SystemRoot%\System32\dtu100.dll.manifest -> [Ver = | Size = 416 bytes | Modified Date = 21/02/2008 3:04:16 | Attr = ] DVCState-{00000002-00000000-00000004-00001102-00000002-80641102}.dat -> %SystemRoot%\System32\DVCState-{00000002-00000000-00000004-00001102-00000002-80641102}.dat -> [Ver = | Size = 24 bytes | Modified Date = 29/04/2008 23:15:36 | Attr = ] DVCStateBkp-{00000002-00000000-00000004-00001102-00000002-80641102}.dat -> %SystemRoot%\System32\DVCStateBkp-{00000002-00000000-00000004-00001102-00000002-80641102}.dat -> [Ver = | Size = 24 bytes | Modified Date = 29/04/2008 23:15:36 | Attr = ] emesx.dll -> %SystemRoot%\System32\emesx.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] fccbCvvs.dll -> %SystemRoot%\System32\fccbCvvs.dll -> [Ver = | Size = 37376 bytes | Modified Date = 29/04/2008 23:14:40 | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 317952 bytes | Modified Date = 29/04/2008 23:16:24 | Attr = ] h@tkeysh@@k.dll -> %SystemRoot%\System32\h@tkeysh@@k.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] hgGxYRll.dll -> %SystemRoot%\System32\hgGxYRll.dll -> [Ver = | Size = 280576 bytes | Modified Date = 29/04/2008 23:21:49 | Attr = ] hoproxy.dll -> %SystemRoot%\System32\hoproxy.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] hxiwlgpm.dat -> %SystemRoot%\System32\hxiwlgpm.dat -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] hxiwlgpm.exe -> %SystemRoot%\System32\hxiwlgpm.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] ibarghkl.ini -> %SystemRoot%\System32\ibarghkl.ini -> [Ver = | Size = 1482638 bytes | Modified Date = 29/04/2008 23:23:27 | Attr = HS] IOSUBSYS -> %SystemRoot%\System32\IOSUBSYS -> [Folder | Modified Date = 29/04/2008 18:53:58 | Attr = ] libdivx.dll -> %SystemRoot%\System32\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Modified Date = 21/02/2008 3:05:34 | Attr = ] lkhgrabi.dll -> %SystemRoot%\System32\lkhgrabi.dll -> [Ver = | Size = 97856 bytes | Modified Date = 29/04/2008 23:23:03 | Attr = ] llRYxGgh.ini -> %SystemRoot%\System32\llRYxGgh.ini -> [Ver = | Size = 11108 bytes | Modified Date = 29/04/2008 23:37:15 | Attr = HS] llRYxGgh.ini2 -> %SystemRoot%\System32\llRYxGgh.ini2 -> [Ver = | Size = 10698 bytes | Modified Date = 29/04/2008 23:36:55 | Attr = HS] medup012.dll -> %SystemRoot%\System32\medup012.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] medup020.dll -> %SystemRoot%\System32\medup020.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] mlJbaXrS.dll -> %SystemRoot%\System32\mlJbaXrS.dll -> [Ver = | Size = 37376 bytes | Modified Date = 29/04/2008 23:13:38 | Attr = ] msgp.exe -> %SystemRoot%\System32\msgp.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] msnbho.dll -> %SystemRoot%\System32\msnbho.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] mssecu.exe -> %SystemRoot%\System32\mssecu.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] msvchost.exe -> %SystemRoot%\System32\msvchost.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] mtr2.exe -> %SystemRoot%\System32\mtr2.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] mwin32.exe -> %SystemRoot%\System32\mwin32.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] netode.exe -> %SystemRoot%\System32\netode.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] newsd32.exe -> %SystemRoot%\System32\newsd32.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 59780 bytes | Modified Date = 05/03/2008 18:03:06 | Attr = ] perfc00A.dat -> %SystemRoot%\System32\perfc00A.dat -> [Ver = | Size = 77888 bytes | Modified Date = 05/03/2008 18:03:06 | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 397560 bytes | Modified Date = 05/03/2008 18:03:06 | Attr = ] perfh00A.dat -> %SystemRoot%\System32\perfh00A.dat -> [Ver = | Size = 459350 bytes | Modified Date = 05/03/2008 18:03:06 | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 959696 bytes | Modified Date = 05/03/2008 18:03:05 | Attr = ] ps1.exe -> %SystemRoot%\System32\ps1.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] psof1.exe -> %SystemRoot%\System32\psof1.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] psoft1.exe -> %SystemRoot%\System32\psoft1.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] qt-dx331.dll -> %SystemRoot%\System32\qt-dx331.dll -> [Ver = | Size = 3596288 bytes | Modified Date = 21/02/2008 3:05:44 | Attr = ] regc64.dll -> %SystemRoot%\System32\regc64.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] regm64.dll -> %SystemRoot%\System32\regm64.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Modified Date = 09/04/2008 18:37:30 | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 29/04/2008 14:02:23 | Attr = ] rqRIYQjJ.dll -> %SystemRoot%\System32\rqRIYQjJ.dll -> [Ver = | Size = 37376 bytes | Modified Date = 29/04/2008 23:14:30 | Attr = ] Rundl1.exe -> %SystemRoot%\System32\Rundl1.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] settings.sfm -> %SystemRoot%\System32\settings.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 29/04/2008 23:15:36 | Attr = ] settingsbkup.sfm -> %SystemRoot%\System32\settingsbkup.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 29/04/2008 23:15:36 | Attr = ] smp -> %SystemRoot%\System32\smp -> [Folder | Modified Date = 29/04/2008 23:15:32 | Attr = ] sncntr.exe -> %SystemRoot%\System32\sncntr.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] ssldivx.dll -> %SystemRoot%\System32\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Modified Date = 21/02/2008 3:05:34 | Attr = ] ssurf022.dll -> %SystemRoot%\System32\ssurf022.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] ssvchost.com -> %SystemRoot%\System32\ssvchost.com -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] ssvchost.exe -> %SystemRoot%\System32\ssvchost.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] sysreq.exe -> %SystemRoot%\System32\sysreq.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] taack.dat -> %SystemRoot%\System32\taack.dat -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] taack.exe -> %SystemRoot%\System32\taack.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] temp#01.exe -> %SystemRoot%\System32\temp#01.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] thun.dll -> %SystemRoot%\System32\thun.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] thun32.dll -> %SystemRoot%\System32\thun32.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] VBIEWER.OCX -> %SystemRoot%\System32\VBIEWER.OCX -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] vbsys2.dll -> %SystemRoot%\System32\vbsys2.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] vcatchpi.dll -> %SystemRoot%\System32\vcatchpi.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] VIRepair -> %SystemRoot%\System32\VIRepair -> [Folder | Modified Date = 29/04/2008 14:08:59 | Attr = ] VITrans -> %SystemRoot%\System32\VITrans -> [Folder | Modified Date = 10/04/2008 19:24:28 | Attr = ] winlogonpc.exe -> %SystemRoot%\System32\winlogonpc.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] winsystem.exe -> %SystemRoot%\System32\winsystem.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] WINWGPX.EXE -> %SystemRoot%\System32\WINWGPX.EXE -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 29/04/2008 23:16:56 | Attr = ] zmvqhkde.exe -> %SystemRoot%\System32\zmvqhkde.exe -> [Ver = | Size = 102400 bytes | Modified Date = 29/04/2008 23:13:37 | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 08/04/2008 15:12:35 | Attr = H ] 8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> a.bat -> %SystemRoot%\a.bat -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 28/03/2008 2:03:35 | Attr = R S] bdkpfxqw.dll -> %SystemRoot%\bdkpfxqw.dll -> [Ver = | Size = 225280 bytes | Modified Date = 30/04/2008 2:17:18 | Attr = ] bdn.com -> %SystemRoot%\bdn.com -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 29/04/2008 23:16:26 | Attr = S] Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 10/04/2008 17:03:28 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 07/03/2008 14:06:06 | Attr = S] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 29/04/2008 23:09:27 | Attr = R S] FVProtect.exe -> %SystemRoot%\FVProtect.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] gndarmblxbt.dll -> %SystemRoot%\gndarmblxbt.dll -> [Ver = | Size = 274432 bytes | Modified Date = 30/04/2008 2:18:08 | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 07/03/2008 14:06:00 | Attr = ] hpoins01.dat -> %SystemRoot%\hpoins01.dat -> [Ver = | Size = 19582 bytes | Modified Date = 05/03/2008 18:15:04 | Attr = ] Icon_1.ico -> %SystemRoot%\Icon_1.ico -> [Ver = | Size = 78942 bytes | Modified Date = 10/04/2008 16:33:09 | Attr = ] Icon_2.ico -> %SystemRoot%\Icon_2.ico -> [Ver = | Size = 78942 bytes | Modified Date = 10/04/2008 16:59:53 | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Modified Date = 08/04/2008 15:12:33 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 29/04/2008 18:53:58 | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 24/04/2008 18:55:19 | Attr = HS] iTunesMusic.exe -> %SystemRoot%\iTunesMusic.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 10/04/2008 19:27:32 | Attr = ] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 07/03/2008 14:08:47 | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1188 bytes | Modified Date = 21/04/2008 22:22:28 | Attr = ] mslagent -> %SystemRoot%\mslagent -> [Folder | Modified Date = 29/04/2008 23:15:32 | Attr = ] mssecu.exe -> %SystemRoot%\mssecu.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 21/04/2008 22:18:10 | Attr = ] ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 498 bytes | Modified Date = 31/03/2008 15:10:58 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 29/04/2008 23:32:37 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 05/03/2008 18:20:33 | Attr = ] qadovnel.dll -> %SystemRoot%\qadovnel.dll -> [Ver = | Size = 188416 bytes | Modified Date = 30/04/2008 2:17:00 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 29/04/2008 23:28:21 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 29/04/2008 23:28:21 | Attr = H ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 24/04/2008 19:00:16 | Attr = ] spwoqbmv.exe -> %SystemRoot%\spwoqbmv.exe -> [Ver = | Size = 94208 bytes | Modified Date = 30/04/2008 2:19:30 | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 09/04/2008 16:11:21 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 255 bytes | Modified Date = 05/04/2008 15:13:13 | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 29/04/2008 23:23:27 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 07/04/2008 18:20:02 | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 29/04/2008 23:23:39 | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 09/04/2008 16:11:21 | Attr = ] userconfig9x.dll -> %SystemRoot%\userconfig9x.dll -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] WB.ini -> %SystemRoot%\WB.ini -> [Ver = | Size = 0 bytes | Modified Date = 10/04/2008 19:04:20 | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Modified Date = 29/04/2008 23:13:45 | Attr = R ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 688 bytes | Modified Date = 05/04/2008 15:13:13 | Attr = ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 07/03/2008 7:49:50 | Attr = ] winsystem.exe -> %SystemRoot%\winsystem.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:49 | Attr = ] WMSysPr8.prx -> %SystemRoot%\WMSysPr8.prx -> [Ver = | Size = 156910 bytes | Modified Date = 05/04/2008 15:13:08 | Attr = ] wxdbpfvo.dll -> %SystemRoot%\wxdbpfvo.dll -> [Ver = | Size = 155648 bytes | Modified Date = 30/04/2008 2:19:06 | Attr = ] xbaqktfv.exe -> %SystemRoot%\xbaqktfv.exe -> [Ver = | Size = 94208 bytes | Modified Date = 30/04/2008 2:17:36 | Attr = ] {00000002-00000000-00000004-00001102-00000002-80641102}.BAK -> %SystemRoot%\{00000002-00000000-00000004-00001102-00000002-80641102}.BAK -> [Ver = | Size = 3374302 bytes | Modified Date = 29/04/2008 23:17:16 | Attr = ] {00000002-00000000-00000004-00001102-00000002-80641102}.CDF -> %SystemRoot%\{00000002-00000000-00000004-00001102-00000002-80641102}.CDF -> [Ver = | Size = 3374302 bytes | Modified Date = 29/04/2008 23:17:16 | Attr = ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 298 bytes | Modified Date = 26/04/2008 13:29:00 | Attr = ] FRU Task #Hewlett-Packard#hp psc 1200 series#1204737541.job -> %SystemRoot%\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1204737541.job -> [Ver = | Size = 404 bytes | Modified Date = 07/04/2008 18:20:03 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 29/04/2008 23:16:29 | Attr = H ] C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader -> [Folder | Modified Date = 24/12/2007 19:08:42 | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 6570 bytes | Modified Date = 29/04/2008 23:17:50 | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 6570 bytes | Modified Date = 29/04/2008 23:17:50 | Attr = ] C:\Documents and Settings\All Users\Datos de programa\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 26/12/2007 10:44:51 | Attr = ] opa11.dat -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\OFFICE\DATA\opa11.dat -> [Ver = | Size = 8206 bytes | Modified Date = 07/03/2008 14:16:44 | Attr = ] C:\Documents and Settings\Kings\Configuración local\Temp\ -> C:\Documents and Settings\Kings\Configuración local\Temp -> [Folder | Modified Date = 29/04/2008 23:32:54 | Attr = ] msprint.exe -> C:\Documents and Settings\Kings\Configuración local\Temp\msprint.exe -> [Ver = | Size = 42496 bytes | Modified Date = 29/04/2008 23:13:35 | Attr = ] temp_01.exe -> C:\Documents and Settings\Kings\Configuración local\Temp\temp_01.exe -> [Ver = | Size = 724992 bytes | Modified Date = 25/12/2007 20:34:33 | Attr = ] 220 C:\Documents and Settings\Kings\Configuración local\Temp\*.tmp files -> C:\Documents and Settings\Kings\Configuración local\Temp\*.tmp -> C:\Documents and Settings\Kings\Configuración local\Temp\RarSFX0\Install\ -> C:\Documents and Settings\Kings\Configuración local\Temp\RarSFX0\Install -> [Folder | Modified Date = 25/12/2007 20:28:20 | Attr = ] setup.exe -> C:\Documents and Settings\Kings\Configuración local\Temp\RarSFX0\Install\setup.exe -> Symantec [Ver = 12.0.0.18971 | Size = 7468616 bytes | Modified Date = 23/01/2007 19:57:56 | Attr = ] C:\Documents and Settings\Kings\Configuración local\Temp\RarSFX0\Support\LUpdate\en\ -> C:\Documents and Settings\Kings\Configuración local\Temp\RarSFX0\Support\LUpdate\en -> [Folder | Modified Date = 25/12/2007 20:28:17 | Attr = ] LuCheck.exe -> C:\Documents and Settings\Kings\Configuración local\Temp\RarSFX0\Support\LUpdate\en\LuCheck.exe -> Symantec Corporation [Ver = 3.2.0.26 | Size = 169664 bytes | Modified Date = 23/01/2007 19:57:57 | Attr = R ] LUSetup.exe -> C:\Documents and Settings\Kings\Configuración local\Temp\RarSFX0\Support\LUpdate\en\LUSetup.exe -> [Ver = | Size = 2913728 bytes | Modified Date = 23/01/2007 19:57:57 | Attr = R ] C:\Documents and Settings\Kings\Configuración local\Temp\nse8.tmp\ -> C:\Documents and Settings\Kings\Configuración local\Temp\nse8.tmp\ -> [Folder | Modified Date = 29/04/2008 18:53:59 | Attr = ] NSIS_Picasa.dll -> C:\Documents and Settings\Kings\Configuración local\Temp\nse8.tmp\NSIS_Picasa.dll -> [Ver = | Size = 51200 bytes | Modified Date = 29/04/2008 18:53:46 | Attr = ] C:\Documents and Settings\Kings\Configuración local\Temp\ -> C:\Documents and Settings\Kings\Configuración local\Temp -> [Folder | Modified Date = 29/04/2008 23:32:54 | Attr = ] Perflib_Perfdata_61c.dat -> C:\Documents and Settings\Kings\Configuración local\Temp\Perflib_Perfdata_61c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 26/12/2007 10:40:27 | Attr = ] Perflib_Perfdata_734.dat -> C:\Documents and Settings\Kings\Configuración local\Temp\Perflib_Perfdata_734.dat -> [Ver = | Size = 16384 bytes | Modified Date = 26/12/2007 10:38:48 | Attr = ] Perflib_Perfdata_d84.dat -> C:\Documents and Settings\Kings\Configuración local\Temp\Perflib_Perfdata_d84.dat -> [Ver = | Size = 16384 bytes | Modified Date = 26/12/2007 14:02:46 | Attr = ] 220 C:\Documents and Settings\Kings\Configuración local\Temp\*.tmp files -> C:\Documents and Settings\Kings\Configuración local\Temp\*.tmp -> C:\Documents and Settings\Kings\Configuración local\Temp\_is61A\ -> C:\Documents and Settings\Kings\Configuración local\Temp\_is61A -> [Folder | Modified Date = 25/12/2007 20:30:28 | Attr = ] _ISMSIDEL.INI -> C:\Documents and Settings\Kings\Configuración local\Temp\_is61A\_ISMSIDEL.INI -> [Ver = | Size = 11 bytes | Modified Date = 25/12/2007 20:30:28 | Attr = ] C:\Documents and Settings\Kings\Configuración local\Temp\RarSFX0\Install\ -> C:\Documents and Settings\Kings\Configuración local\Temp\RarSFX0\Install -> [Folder | Modified Date = 25/12/2007 20:28:20 | Attr = ] Settings.ini -> C:\Documents and Settings\Kings\Configuración local\Temp\RarSFX0\Install\Settings.ini -> [Ver = | Size = 282 bytes | Modified Date = 23/01/2007 19:59:09 | Attr = ] C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 29/04/2008 23:23:39 | Attr = ] Perflib_Perfdata_2b4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_2b4.dat -> [Ver = | Size = 16384 bytes | Modified Date = 06/03/2008 8:21:54 | Attr = ] Perflib_Perfdata_3fc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3fc.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/12/2007 20:32:10 | Attr = ] Perflib_Perfdata_590.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_590.dat -> [Ver = | Size = 16384 bytes | Modified Date = 13/03/2008 8:37:53 | Attr = ] Perflib_Perfdata_598.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_598.dat -> [Ver = | Size = 16384 bytes | Modified Date = 07/03/2008 14:01:25 | Attr = ] Perflib_Perfdata_5a0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5a0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 09/04/2008 9:23:39 | Attr = ] Perflib_Perfdata_60c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_60c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 18/04/2008 20:09:11 | Attr = ] Perflib_Perfdata_678.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_678.dat -> [Ver = | Size = 16384 bytes | Modified Date = 16/04/2008 15:23:06 | Attr = ] Perflib_Perfdata_70c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_70c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 14/04/2008 15:58:36 | Attr = ] Perflib_Perfdata_b98.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_b98.dat -> [Ver = | Size = 16384 bytes | Modified Date = 26/12/2007 14:03:16 | Attr = ] Perflib_Perfdata_d8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_d8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 29/04/2008 23:16:45 | Attr = ] 40 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> [Files Modified - Additional Folder Scans - Non-Microsoft Only] Autodesk -> %AllUsersProfile%\Datos de programa\Autodesk -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] Logitech -> %AllUsersProfile%\Datos de programa\Logitech -> [Folder | Modified Date = 05/03/2008 17:50:17 | Attr = ] Microsoft -> %AllUsersProfile%\Datos de programa\Microsoft -> [Folder | Modified Date = 19/03/2008 11:10:17 | Attr = S] QTSBandwidthCache -> %AllUsersProfile%\Datos de programa\QTSBandwidthCache -> [Ver = | Size = 1751 bytes | Modified Date = 24/04/2008 19:13:30 | Attr = ] Spybot - Search & Destroy -> %AllUsersProfile%\Datos de programa\Spybot - Search & Destroy -> [Folder | Modified Date = 29/04/2008 23:22:25 | Attr = ] TEMP -> %AllUsersProfile%\Datos de programa\TEMP -> [Folder | Modified Date = 29/04/2008 23:17:39 | Attr = ] @Alternate Data Stream - 98 bytes -> %AllUsersProfile%\Datos de programa\TEMP:A73B0434 Ulead Systems -> %AllUsersProfile%\Datos de programa\Ulead Systems -> [Folder | Modified Date = 29/04/2008 23:09:33 | Attr = ] WLInstaller -> %AllUsersProfile%\Datos de programa\WLInstaller -> [Folder | Modified Date = 19/03/2008 11:09:45 | Attr = ] zqpulkfs -> %AllUsersProfile%\Datos de programa\zqpulkfs -> [Folder | Modified Date = 29/04/2008 23:15:32 | Attr = ] {AC90994C-8970-4D38-B465-3DF6B6A1843C} -> %AllUsersProfile%\Datos de programa\{AC90994C-8970-4D38-B465-3DF6B6A1843C} -> [Folder | Modified Date = 31/03/2008 15:09:15 | Attr = ] Autodesk -> %AppData%\Autodesk -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] DivX -> %AppData%\DivX -> [Folder | Modified Date = 13/03/2008 15:20:16 | Attr = ] Hewlett-Packard -> %AppData%\Hewlett-Packard -> [Folder | Modified Date = 05/03/2008 18:19:57 | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Modified Date = 21/04/2008 22:28:30 | Attr = S] Mozilla -> %AppData%\Mozilla -> [Folder | Modified Date = 21/04/2008 22:18:07 | Attr = ] Roxio -> %AppData%\Roxio -> [Folder | Modified Date = 06/03/2008 23:27:03 | Attr = ] Styler -> %AppData%\Styler -> [Folder | Modified Date = 10/04/2008 19:25:35 | Attr = ] Ulead Systems -> %AppData%\Ulead Systems -> [Folder | Modified Date = 29/04/2008 23:08:09 | Attr = ] uTorrent -> %AppData%\uTorrent -> [Folder | Modified Date = 15/04/2008 19:30:32 | Attr = ] ViStart -> %AppData%\ViStart -> [Folder | Modified Date = 10/04/2008 16:39:39 | Attr = ] vlc -> %AppData%\vlc -> [Folder | Modified Date = 09/03/2008 12:46:25 | Attr = ] Ares -> %UserProfile%\Configuración local\Datos de programa\Ares -> [Folder | Modified Date = 09/03/2008 12:29:06 | Attr = ] Autodesk -> %UserProfile%\Configuración local\Datos de programa\Autodesk -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 12288 bytes | Modified Date = 29/04/2008 18:54:29 | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Configuración local\Datos de programa\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 94872 bytes | Modified Date = 29/04/2008 23:17:32 | Attr = ] Google -> %UserProfile%\Configuración local\Datos de programa\Google -> [Folder | Modified Date = 29/04/2008 18:54:18 | Attr = ] IconCache.db -> %UserProfile%\Configuración local\Datos de programa\IconCache.db -> [Ver = | Size = 4316840 bytes | Modified Date = 29/04/2008 23:14:52 | Attr = H ] Identities -> %UserProfile%\Configuración local\Datos de programa\Identities -> [Folder | Modified Date = 21/04/2008 22:28:30 | Attr = ] Microsoft -> %UserProfile%\Configuración local\Datos de programa\Microsoft -> [Folder | Modified Date = 21/04/2008 22:19:15 | Attr = ] Mozilla -> %UserProfile%\Configuración local\Datos de programa\Mozilla -> [Folder | Modified Date = 21/04/2008 22:18:07 | Attr = ] Seven Zip -> %UserProfile%\Configuración local\Datos de programa\Seven Zip -> [Folder | Modified Date = 31/03/2008 15:08:05 | Attr = ] Stardock -> %UserProfile%\Configuración local\Datos de programa\Stardock -> [Folder | Modified Date = 10/04/2008 16:38:55 | Attr = ] Stardock -> %AllUsersProfile%\Documentos\Stardock -> [Folder | Modified Date = 10/04/2008 19:28:44 | Attr = ] 1A.doc -> %UserProfile%\Mis documentos\1A.doc -> [Ver = | Size = 225792 bytes | Modified Date = 24/03/2008 8:25:37 | Attr = ] Contactos para rjorge99 (hotmail).ctt -> %UserProfile%\Mis documentos\Contactos para rjorge99 (hotmail).ctt -> [Ver = | Size = 21691 bytes | Modified Date = 05/04/2008 18:52:29 | Attr = ] eTIQUETAS.doc -> %UserProfile%\Mis documentos\eTIQUETAS.doc -> [Ver = | Size = 32256 bytes | Modified Date = 07/03/2008 16:32:18 | Attr = ] LinkWare Files -> %UserProfile%\Mis documentos\LinkWare Files -> [Folder | Modified Date = 31/03/2008 15:10:58 | Attr = ] Mi música -> %UserProfile%\Mis documentos\Mi música -> [Folder | Modified Date = 10/04/2008 16:39:45 | Attr = R ] Mis archivos recibidos -> %UserProfile%\Mis documentos\Mis archivos recibidos -> [Folder | Modified Date = 29/04/2008 19:26:44 | Attr = ] Mis carpetas para compartir.lnk -> %UserProfile%\Mis documentos\Mis carpetas para compartir.lnk -> [Ver = | Size = 589 bytes | Modified Date = 29/04/2008 18:48:41 | Attr = ] Mis historiales de conversación -> %UserProfile%\Mis documentos\Mis historiales de conversación -> [Folder | Modified Date = 01/04/2008 9:17:32 | Attr = ] Mis vídeos -> %UserProfile%\Mis documentos\Mis vídeos -> [Folder | Modified Date = 13/03/2008 13:52:29 | Attr = R ] pelon.doc -> %UserProfile%\Mis documentos\pelon.doc -> [Ver = | Size = 43008 bytes | Modified Date = 15/04/2008 19:20:38 | Attr = ] PRACTICAS -> %UserProfile%\Mis documentos\PRACTICAS -> [Folder | Modified Date = 21/04/2008 8:21:05 | Attr = ] PRECIOS.xls -> %UserProfile%\Mis documentos\PRECIOS.xls -> [Ver = | Size = 24064 bytes | Modified Date = 22/04/2008 15:12:08 | Attr = ] Picasa2.lnk -> %AllUsersProfile%\Escritorio\Picasa2.lnk -> [Ver = | Size = 715 bytes | Modified Date = 29/04/2008 18:54:06 | Attr = ] Ulead Photo Express 6.0.lnk -> %AllUsersProfile%\Escritorio\Ulead Photo Express 6.0.lnk -> [Ver = | Size = 1739 bytes | Modified Date = 29/04/2008 23:09:25 | Attr = ] blackbird.jpg -> %UserProfile%\Escritorio\blackbird.jpg -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] DSCN6541.MOV -> %UserProfile%\Escritorio\DSCN6541.MOV -> [Ver = | Size = 12210286 bytes | Modified Date = 24/04/2008 19:09:38 | Attr = ] DSCN6544.MOV -> %UserProfile%\Escritorio\DSCN6544.MOV -> [Ver = | Size = 19294982 bytes | Modified Date = 24/04/2008 19:09:38 | Attr = ] DSCN6545.MOV -> %UserProfile%\Escritorio\DSCN6545.MOV -> [Ver = | Size = 35856678 bytes | Modified Date = 24/04/2008 19:09:38 | Attr = ] EditorFKWP1.5.exe -> %UserProfile%\Escritorio\EditorFKWP1.5.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] EditorFKWP2.0.exe -> %UserProfile%\Escritorio\EditorFKWP2.0.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] filemanagerclient.exe -> %UserProfile%\Escritorio\filemanagerclient.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] fkwp1.5.exe -> %UserProfile%\Escritorio\fkwp1.5.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] fkwp2.0.exe -> %UserProfile%\Escritorio\fkwp2.0.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] FOTOS -> %UserProfile%\Escritorio\FOTOS -> [Folder | Modified Date = 29/04/2008 19:14:48 | Attr = ] fwebd.exe -> %UserProfile%\Escritorio\fwebd.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] FWebdEditor.exe -> %UserProfile%\Escritorio\FWebdEditor.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] Guitar Pro 5.lnk -> %UserProfile%\Escritorio\Guitar Pro 5.lnk -> [Ver = | Size = 654 bytes | Modified Date = 28/04/2008 16:47:42 | Attr = ] OTScanIt -> %UserProfile%\Escritorio\OTScanIt -> [Folder | Modified Date = 29/04/2008 23:27:04 | Attr = ] OTScanIt.exe -> %UserProfile%\Escritorio\OTScanIt.exe -> [Ver = | Size = 542565 bytes | Modified Date = 29/04/2008 23:23:32 | Attr = ] PRODUCTOS MAGIA -> %UserProfile%\Escritorio\PRODUCTOS MAGIA -> [Folder | Modified Date = 23/04/2008 16:20:53 | Attr = ] Spybot - Search & Destroy.lnk -> %UserProfile%\Escritorio\Spybot - Search & Destroy.lnk -> [Ver = | Size = 982 bytes | Modified Date = 29/04/2008 23:21:00 | Attr = ] Thumbs.db -> %UserProfile%\Escritorio\Thumbs.db -> [Ver = | Size = 4096 bytes | Modified Date = 23/04/2008 16:20:53 | Attr = HS] @Alternate Data Stream - 0 bytes -> %UserProfile%\Escritorio\Thumbs.db:encryptable Trojan.Win32.BlackBird.exe -> %UserProfile%\Escritorio\Trojan.Win32.BlackBird.exe -> [Ver = | Size = 4096 bytes | Modified Date = 29/04/2008 23:13:50 | Attr = ] Ulead6_www.x-caleta.com_Jesusbo.part1.rar -> %UserProfile%\Escritorio\Ulead6_www.x-caleta.com_Jesusbo.part1.rar -> [Ver = | Size = 94371840 bytes | Modified Date = 29/04/2008 19:50:48 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Escritorio\Ulead6_www.x-caleta.com_Jesusbo.part1.rar:Zone.Identifier Ulead_Photo_Express_6.0 -> %UserProfile%\Escritorio\Ulead_Photo_Express_6.0 -> [Folder | Modified Date = 29/04/2008 23:15:32 | Attr = ] Ulead_Photo_Express_6.0.zip.exe -> %UserProfile%\Escritorio\Ulead_Photo_Express_6.0.zip.exe -> [Ver = | Size = 742001 bytes | Modified Date = 29/04/2008 23:12:54 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Escritorio\Ulead_Photo_Express_6.0.zip.exe:Zone.Identifier virii -> %UserProfile%\Escritorio\virii -> [Folder | Modified Date = 29/04/2008 23:15:32 | Attr = ] Adobe Acrobat Speed Launcher.lnk -> %AllUsersProfile%\Menú Inicio\Programas\Inicio\Adobe Acrobat Speed Launcher.lnk -> [Ver = | Size = 2363 bytes | Modified Date = 29/04/2008 23:17:34 | Attr = ] OpenSTA NameServer.lnk -> %AllUsersProfile%\Menú Inicio\Programas\Inicio\OpenSTA NameServer.lnk -> [Ver = | Size = 2267 bytes | Modified Date = 29/04/2008 23:17:40 | Attr = ] Autodesk Shared -> %CommonProgramFiles%\Autodesk Shared -> [Folder | Modified Date = 07/03/2008 14:08:27 | Attr = ] Hewlett-Packard -> %CommonProgramFiles%\Hewlett-Packard -> [Folder | Modified Date = 05/03/2008 18:14:11 | Attr = ] LogiShrd -> %CommonProgramFiles%\LogiShrd -> [Folder | Modified Date = 09/04/2008 16:11:21 | Attr = ] Logitech -> %CommonProgramFiles%\Logitech -> [Folder | Modified Date = 05/03/2008 17:52:49 | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 28/03/2008 2:03:18 | Attr = ] Ulead Systems -> %CommonProgramFiles%\Ulead Systems -> [Folder | Modified Date = 29/04/2008 23:09:26 | Attr = ] WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller -> [Folder | Modified Date = 19/03/2008 11:10:08 | Attr = HS] [File - Lop Check: Additional Folder Scans - Non-Microsoft Only] Datos de programa -> C:\Documents and Settings\Administrador\Datos de programa -> [Folder | Modified Date = 10/04/2008 19:17:39 | Attr = RH ] Microsoft -> C:\Documents and Settings\Administrador\Datos de programa\Microsoft -> [Folder | Modified Date = 10/04/2008 19:29:26 | Attr = S] Credentials -> C:\Documents and Settings\Administrador\Datos de programa\Microsoft\Credentials -> [Folder | Modified Date = 10/04/2008 19:29:26 | Attr = S] S-1-5-21-1220945662-329068152-839522115-500 -> C:\Documents and Settings\Administrador\Datos de programa\Microsoft\Credentials\S-1-5-21-1220945662-329068152-839522115-500 -> [Folder | Modified Date = 10/04/2008 19:29:26 | Attr = S] Internet Explorer -> C:\Documents and Settings\Administrador\Datos de programa\Microsoft\Internet Explorer -> [Folder | Modified Date = 24/12/2007 18:10:49 | Attr = ] Media Player -> C:\Documents and Settings\Administrador\Datos de programa\Microsoft\Media Player -> [Folder | Modified Date = 10/04/2008 19:29:26 | Attr = ] SystemCertificates -> C:\Documents and Settings\Administrador\Datos de programa\Microsoft\SystemCertificates -> [Folder | Modified Date = 10/04/2008 19:29:26 | Attr = S] My -> C:\Documents and Settings\Administrador\Datos de programa\Microsoft\SystemCertificates\My -> [Folder | Modified Date = 10/04/2008 19:29:26 | Attr = S] Certificates -> C:\Documents and Settings\Administrador\Datos de programa\Microsoft\SystemCertificates\My\Certificates -> [Folder | Modified Date = 10/04/2008 19:29:26 | Attr = S] CRLs -> C:\Documents and Settings\Administrador\Datos de programa\Microsoft\SystemCertificates\My\CRLs -> [Folder | Modified Date = 10/04/2008 19:29:26 | Attr = S] CTLs -> C:\Documents and Settings\Administrador\Datos de programa\Microsoft\SystemCertificates\My\CTLs -> [Folder | Modified Date = 10/04/2008 19:29:26 | Attr = S] Datos de programa -> C:\Documents and Settings\All Users\Datos de programa -> [Folder | Modified Date = 29/04/2008 23:20:56 | Attr = RH ] {AC90994C-8970-4D38-B465-3DF6B6A1843C} -> C:\Documents and Settings\All Users\Datos de programa\{AC90994C-8970-4D38-B465-3DF6B6A1843C} -> [Folder | Modified Date = 31/03/2008 15:09:15 | Attr = ] Adobe Systems -> C:\Documents and Settings\All Users\Datos de programa\Adobe Systems -> [Folder | Modified Date = 25/12/2007 20:48:28 | Attr = ] Product licenses -> C:\Documents and Settings\All Users\Datos de programa\Adobe Systems\Product licenses -> [Folder | Modified Date = 25/12/2007 20:50:14 | Attr = ] Adobe -> C:\Documents and Settings\All Users\Datos de programa\Adobe -> [Folder | Modified Date = 25/12/2007 20:47:00 | Attr = ] Acrobat -> C:\Documents and Settings\All Users\Datos de programa\Adobe\Acrobat -> [Folder | Modified Date = 25/12/2007 20:47:00 | Attr = ] 7.0 -> C:\Documents and Settings\All Users\Datos de programa\Adobe\Acrobat\7.0 -> [Folder | Modified Date = 25/12/2007 20:47:00 | Attr = ] Replicate -> C:\Documents and Settings\All Users\Datos de programa\Adobe\Acrobat\7.0\Replicate -> [Folder | Modified Date = 25/12/2007 20:47:00 | Attr = ] Security -> C:\Documents and Settings\All Users\Datos de programa\Adobe\Acrobat\7.0\Replicate\Security -> [Folder | Modified Date = 25/12/2007 20:47:00 | Attr = ] Apple Computer -> C:\Documents and Settings\All Users\Datos de programa\Apple Computer -> [Folder | Modified Date = 26/12/2007 10:56:00 | Attr = ] Installer Cache -> C:\Documents and Settings\All Users\Datos de programa\Apple Computer\Installer Cache -> [Folder | Modified Date = 26/12/2007 10:53:05 | Attr = ] QuickTime 7.3.1.70 -> C:\Documents and Settings\All Users\Datos de programa\Apple Computer\Installer Cache\QuickTime 7.3.1.70 -> [Folder | Modified Date = 26/12/2007 10:53:05 | Attr = ] QuickTime -> C:\Documents and Settings\All Users\Datos de programa\Apple Computer\QuickTime -> [Folder | Modified Date = 26/12/2007 10:56:00 | Attr = ] Apple -> C:\Documents and Settings\All Users\Datos de programa\Apple -> [Folder | Modified Date = 26/12/2007 10:52:51 | Attr = ] Installer Cache -> C:\Documents and Settings\All Users\Datos de programa\Apple\Installer Cache -> [Folder | Modified Date = 26/12/2007 10:52:51 | Attr = ] Apple Software Update 2.0.2.92 -> C:\Documents and Settings\All Users\Datos de programa\Apple\Installer Cache\Apple Software Update 2.0.2.92 -> [Folder | Modified Date = 26/12/2007 10:52:51 | Attr = ] ATI -> C:\Documents and Settings\All Users\Datos de programa\ATI -> [Folder | Modified Date = 25/12/2007 2:52:08 | Attr = ] ACE -> C:\Documents and Settings\All Users\Datos de programa\ATI\ACE -> [Folder | Modified Date = 25/12/2007 2:52:29 | Attr = ] Autodesk -> C:\Documents and Settings\All Users\Datos de programa\Autodesk -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] ACD -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\ACD -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] 2008 -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\ACD\2008 -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] {5783F2D7-6001-0409-0002-0060B0CE6BBA} -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\ACD\2008\{5783F2D7-6001-0409-0002-0060B0CE6BBA} -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] 17.1.51.0 -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\ACD\2008\{5783F2D7-6001-0409-0002-0060B0CE6BBA}\17.1.51.0 -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] MC3 -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\ACD\2008\{5783F2D7-6001-0409-0002-0060B0CE6BBA}\17.1.51.0\MC3 -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] AutoCAD 2008 -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\AutoCAD 2008 -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] R17.1 -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\AutoCAD 2008\R17.1 -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] ADLM -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\AutoCAD 2008\R17.1\ADLM -> [Folder | Modified Date = 07/03/2008 14:10:39 | Attr = ] enu -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] Textures -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Textures -> [Folder | Modified Date = 07/03/2008 14:06:23 | Attr = ] Bump -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Textures\Bump -> [Folder | Modified Date = 07/03/2008 14:06:22 | Attr = ] Cutout -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Textures\Cutout -> [Folder | Modified Date = 07/03/2008 14:06:21 | Attr = ] WebFiles -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\WebFiles -> [Folder | Modified Date = 07/03/2008 14:07:52 | Attr = ] MC3 -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\MC3 -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] PLU26 -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\PLU26 -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] Software Licenses -> C:\Documents and Settings\All Users\Datos de programa\Autodesk\Software Licenses -> [Folder | Modified Date = 07/03/2008 14:08:56 | Attr = ] Logitech -> C:\Documents and Settings\All Users\Datos de programa\Logitech -> [Folder | Modified Date = 05/03/2008 17:50:17 | Attr = ] QuickCam -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam -> [Folder | Modified Date = 05/03/2008 17:50:17 | Attr = ] ModelData -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData -> [Folder | Modified Date = 05/03/2008 17:50:17 | Attr = ] Alien_{C614E398-5BF5-4703-B19C-9D302288098A} -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData\Alien_{C614E398-5BF5-4703-B19C-9D302288098A} -> [Folder | Modified Date = 05/03/2008 17:51:11 | Attr = ] Arrow_through_head_{A00FE4B0-05E2-494F-B845-2D1ED9C42158} -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData\Arrow_through_head_{A00FE4B0-05E2-494F-B845-2D1ED9C42158} -> [Folder | Modified Date = 05/03/2008 17:51:11 | Attr = ] Cat_{9C7A29A3-BA63-4579-976D-4D3EE0CE7DFA} -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData\Cat_{9C7A29A3-BA63-4579-976D-4D3EE0CE7DFA} -> [Folder | Modified Date = 05/03/2008 17:51:11 | Attr = ] Crown_{4D5F0C5E-FCE4-4472-A434-D5FD3969FD64} -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData\Crown_{4D5F0C5E-FCE4-4472-A434-D5FD3969FD64} -> [Folder | Modified Date = 05/03/2008 17:51:11 | Attr = ] Dinosaur_{17F8B0B2-2ED7-4E38-809C-C42BC55111ED} -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData\Dinosaur_{17F8B0B2-2ED7-4E38-809C-C42BC55111ED} -> [Folder | Modified Date = 05/03/2008 17:51:12 | Attr = ] Goatee_{09161F3F-1EBD-4781-9EAE-6AB83A674E44} -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData\Goatee_{09161F3F-1EBD-4781-9EAE-6AB83A674E44} -> [Folder | Modified Date = 05/03/2008 17:51:12 | Attr = ] Pig_nose_{52373697-C0A7-40C9-A9D0-F448C0E7A621} -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData\Pig_nose_{52373697-C0A7-40C9-A9D0-F448C0E7A621} -> [Folder | Modified Date = 05/03/2008 17:51:12 | Attr = ] Robot_Face_{446DBFE6-4E06-4320-818C-AFCE072048D2} -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData\Robot_Face_{446DBFE6-4E06-4320-818C-AFCE072048D2} -> [Folder | Modified Date = 05/03/2008 17:51:12 | Attr = ] Shark_{0B0FB8EA-CC0B-4FB8-BFD1-F1AB182761DC} -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData\Shark_{0B0FB8EA-CC0B-4FB8-BFD1-F1AB182761DC} -> [Folder | Modified Date = 05/03/2008 17:51:12 | Attr = ] Stick_Figure_{A1A13D7E-C668-4046-B7BC-400922F632D4} -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\ModelData\Stick_Figure_{A1A13D7E-C668-4046-B7BC-400922F632D4} -> [Folder | Modified Date = 05/03/2008 17:51:12 | Attr = ] PrivacyShades -> C:\Documents and Settings\All Users\Datos de programa\Logitech\QuickCam\PrivacyShades -> [Folder | Modified Date = 05/03/2008 17:50:24 | Attr = ] Messenger Plus! -> C:\Documents and Settings\All Users\Datos de programa\Messenger Plus! -> [Folder | Modified Date = 25/12/2007 3:21:36 | Attr = ] Microsoft -> C:\Documents and Settings\All Users\Datos de programa\Microsoft -> [Folder | Modified Date = 19/03/2008 11:10:17 | Attr = S] Crypto -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Crypto -> [Folder | Modified Date = 24/12/2007 17:51:58 | Attr = S] DSS -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Crypto\DSS -> [Folder | Modified Date = 24/12/2007 17:51:58 | Attr = S] MachineKeys -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Crypto\DSS\MachineKeys -> [Folder | Modified Date = 24/12/2007 17:51:58 | Attr = S] RSA -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Crypto\RSA -> [Folder | Modified Date = 24/12/2007 17:51:58 | Attr = S] MachineKeys -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Crypto\RSA\MachineKeys -> [Folder | Modified Date = 24/12/2007 17:51:58 | Attr = S] S-1-5-18 -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Crypto\RSA\S-1-5-18 -> [Folder | Modified Date = 24/12/2007 18:14:53 | Attr = S] Dr Watson -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Dr Watson -> [Folder | Modified Date = 25/12/2007 3:06:20 | Attr = ] HTML Help -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\HTML Help -> [Folder | Modified Date = 24/12/2007 18:11:21 | Attr = ] IdentityCRL -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\IdentityCRL -> [Folder | Modified Date = 19/03/2008 11:10:17 | Attr = ] production -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\IdentityCRL\production -> [Folder | Modified Date = 19/03/2008 11:10:17 | Attr = ] Media Index -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Media Index -> [Folder | Modified Date = 24/12/2007 18:11:00 | Attr = ] Media Player -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Media Player -> [Folder | Modified Date = 24/12/2007 18:11:00 | Attr = ] MSDAIPP -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\MSDAIPP -> [Folder | Modified Date = 26/12/2007 10:43:54 | Attr = ] OFFLINE -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\MSDAIPP\OFFLINE -> [Folder | Modified Date = 26/12/2007 10:43:54 | Attr = ] Network -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network -> [Folder | Modified Date = 24/12/2007 17:59:22 | Attr = ] Connections -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Connections -> [Folder | Modified Date = 24/12/2007 17:59:22 | Attr = ] Cm -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Connections\Cm -> [Folder | Modified Date = 24/12/2007 17:59:53 | Attr = ] Pbk -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Connections\Pbk -> [Folder | Modified Date = 24/12/2007 17:59:25 | Attr = ] Downloader -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader -> [Folder | Modified Date = 24/12/2007 19:08:42 | Attr = ] OFFICE -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\OFFICE -> [Folder | Modified Date = 26/12/2007 10:43:54 | Attr = ] DATA -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 26/12/2007 10:44:51 | Attr = ] User Account Pictures -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\User Account Pictures -> [Folder | Modified Date = 10/04/2008 19:12:34 | Attr = ] Default Pictures -> C:\Documents and Settings\All Users\Datos de programa\Microsoft\User Account Pictures\Default Pictures -> [Folder | Modified Date = 10/04/2008 17:03:19 | Attr = ] QuickTime -> C:\Documents and Settings\All Users\Datos de programa\QuickTime -> [Folder | Modified Date = 26/12/2007 10:46:01 | Attr = ] Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy -> [Folder | Modified Date = 29/04/2008 23:22:25 | Attr = ] Backups -> C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy\Backups -> [Folder | Modified Date = 29/04/2008 23:21:08 | Attr = ] Excludes -> C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy\Excludes -> [Folder | Modified Date = 29/04/2008 23:22:09 | Attr = ] Logs -> C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy\Logs -> [Folder | Modified Date = 29/04/2008 23:24:29 | Attr = ] Recovery -> C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy\Recovery -> [Folder | Modified Date = 29/04/2008 23:21:08 | Attr = ] Symantec -> C:\Documents and Settings\All Users\Datos de programa\Symantec -> [Folder | Modified Date = 25/12/2007 20:32:11 | Attr = ] Backup Exec System Recovery -> C:\Documents and Settings\All Users\Datos de programa\Symantec\Backup Exec System Recovery -> [Folder | Modified Date = 25/12/2007 20:29:59 | Attr = ] Logs -> C:\Documents and Settings\All Users\Datos de programa\Symantec\Backup Exec System Recovery\Logs -> [Folder | Modified Date = 25/12/2007 20:29:59 | Attr = ] FileBackup -> C:\Documents and Settings\All Users\Datos de programa\Symantec\FileBackup -> [Folder | Modified Date = 25/12/2007 20:29:37 | Attr = ] hpc -> C:\Documents and Settings\All Users\Datos de programa\Symantec\hpc -> [Folder | Modified Date = 25/12/2007 20:32:11 | Attr = H ] @Alternate Data Stream - 110 bytes -> %AllUsersProfile%\Datos de programa\Symantec\hpc:3898751835 LiveUpdate -> C:\Documents and Settings\All Users\Datos de programa\Symantec\LiveUpdate -> [Folder | Modified Date = 29/04/2008 23:21:41 | Attr = ] Downloads -> C:\Documents and Settings\All Users\Datos de programa\Symantec\LiveUpdate\Downloads -> [Folder | Modified Date = 29/04/2008 23:21:41 | Attr = ] Norton Ghost -> C:\Documents and Settings\All Users\Datos de programa\Symantec\Norton Ghost -> [Folder | Modified Date = 25/12/2007 20:41:50 | Attr = ] CommandFiles -> C:\Documents and Settings\All Users\Datos de programa\Symantec\Norton Ghost\CommandFiles -> [Folder | Modified Date = 25/12/2007 20:29:56 | Attr = ] History -> C:\Documents and Settings\All Users\Datos de programa\Symantec\Norton Ghost\History -> [Folder | Modified Date = 06/03/2008 8:42:57 | Attr = ] Logs -> C:\Documents and Settings\All Users\Datos de programa\Symantec\Norton Ghost\Logs -> [Folder | Modified Date = 10/04/2008 19:09:47 | Attr = ] Schedule -> C:\Documents and Settings\All Users\Datos de programa\Symantec\Norton Ghost\Schedule -> [Folder | Modified Date = 06/03/2008 8:43:44 | Attr = ] VProConsole -> C:\Documents and Settings\All Users\Datos de programa\Symantec\VProConsole -> [Folder | Modified Date = 06/03/2008 8:42:47 | Attr = ] TEMP -> C:\Documents and Settings\All Users\Datos de programa\TEMP -> [Folder | Modified Date = 29/04/2008 23:17:39 | Attr = ] @Alternate Data Stream - 98 bytes -> %AllUsersProfile%\Datos de programa\TEMP:A73B0434 Ulead Systems -> C:\Documents and Settings\All Users\Datos de programa\Ulead Systems -> [Folder | Modified Date = 29/04/2008 23:09:33 | Attr = ] Ulead Photo Express -> C:\Documents and Settings\All Users\Datos de programa\Ulead Systems\Ulead Photo Express -> [Folder | Modified Date = 29/04/2008 23:08:09 | Attr = ] 6.0 -> C:\Documents and Settings\All Users\Datos de programa\Ulead Systems\Ulead Photo Express\6.0 -> [Folder | Modified Date = 29/04/2008 23:28:28 | Attr = ] Windows Genuine Advantage -> C:\Documents and Settings\All Users\Datos de programa\Windows Genuine Advantage -> [Folder | Modified Date = 24/12/2007 19:18:19 | Attr = ] data -> C:\Documents and Settings\All Users\Datos de programa\Windows Genuine Advantage\data -> [Folder | Modified Date = 24/12/2007 19:18:19 | Attr = ] WLInstaller -> C:\Documents and Settings\All Users\Datos de programa\WLInstaller -> [Folder | Modified Date = 19/03/2008 11:09:45 | Attr = ] zqpulkfs -> C:\Documents and Settings\All Users\Datos de programa\zqpulkfs -> [Folder | Modified Date = 29/04/2008 23:15:32 | Attr = ] Datos de programa -> C:\Documents and Settings\Default User\Datos de programa -> [Folder | Modified Date = 24/12/2007 17:52:20 | Attr = RH ] Microsoft -> C:\Documents and Settings\Default User\Datos de programa\Microsoft -> [Folder | Modified Date = 24/12/2007 18:11:00 | Attr = S] Internet Explorer -> C:\Documents and Settings\Default User\Datos de programa\Microsoft\Internet Explorer -> [Folder | Modified Date = 24/12/2007 18:10:49 | Attr = ] Media Player -> C:\Documents and Settings\Default User\Datos de programa\Microsoft\Media Player -> [Folder | Modified Date = 24/12/2007 18:11:00 | Attr = ] SystemCertificates -> C:\Documents and Settings\Default User\Datos de programa\Microsoft\SystemCertificates -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] My -> C:\Documents and Settings\Default User\Datos de programa\Microsoft\SystemCertificates\My -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] Certificates -> C:\Documents and Settings\Default User\Datos de programa\Microsoft\SystemCertificates\My\Certificates -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] CRLs -> C:\Documents and Settings\Default User\Datos de programa\Microsoft\SystemCertificates\My\CRLs -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] CTLs -> C:\Documents and Settings\Default User\Datos de programa\Microsoft\SystemCertificates\My\CTLs -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] Datos de programa -> C:\Documents and Settings\Kings\Datos de programa -> [Folder | Modified Date = 29/04/2008 23:08:09 | Attr = RH ] Adobe -> C:\Documents and Settings\Kings\Datos de programa\Adobe -> [Folder | Modified Date = 25/12/2007 20:48:19 | Attr = ] Acrobat -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Acrobat -> [Folder | Modified Date = 25/12/2007 20:48:46 | Attr = ] 7.0 -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Acrobat\7.0 -> [Folder | Modified Date = 25/12/2007 20:51:00 | Attr = ] Collab -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Acrobat\7.0\Collab -> [Folder | Modified Date = 25/12/2007 20:51:06 | Attr = ] JavaScripts -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Acrobat\7.0\JavaScripts -> [Folder | Modified Date = 25/12/2007 20:49:20 | Attr = ] organizer70 -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Acrobat\7.0\organizer70 -> [Folder | Modified Date = 25/12/2007 20:51:06 | Attr = ] Preferences -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Acrobat\7.0\Preferences -> [Folder | Modified Date = 28/04/2008 23:13:28 | Attr = ] Updater -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Acrobat\7.0\Updater -> [Folder | Modified Date = 25/12/2007 20:50:56 | Attr = ] Distiller 7 -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Acrobat\Distiller 7 -> [Folder | Modified Date = 25/12/2007 20:48:21 | Attr = ] Cache -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Acrobat\Distiller 7\Cache -> [Folder | Modified Date = 25/12/2007 20:48:21 | Attr = ] Flash Player -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Flash Player -> [Folder | Modified Date = 25/12/2007 3:06:38 | Attr = ] AssetCache -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Flash Player\AssetCache -> [Folder | Modified Date = 25/12/2007 3:06:38 | Attr = ] CJAM48LT -> C:\Documents and Settings\Kings\Datos de programa\Adobe\Flash Player\AssetCache\CJAM48LT -> [Folder | Modified Date = 25/12/2007 3:06:38 | Attr = ] AdobeUM -> C:\Documents and Settings\Kings\Datos de programa\AdobeUM -> [Folder | Modified Date = 25/12/2007 20:50:46 | Attr = ] Apple Computer -> C:\Documents and Settings\Kings\Datos de programa\Apple Computer -> [Folder | Modified Date = 26/12/2007 10:56:11 | Attr = ] QuickTime -> C:\Documents and Settings\Kings\Datos de programa\Apple Computer\QuickTime -> [Folder | Modified Date = 26/12/2007 10:56:11 | Attr = ] ATI -> C:\Documents and Settings\Kings\Datos de programa\ATI -> [Folder | Modified Date = 25/12/2007 2:52:08 | Attr = ] ACE -> C:\Documents and Settings\Kings\Datos de programa\ATI\ACE -> [Folder | Modified Date = 25/12/2007 2:52:08 | Attr = ] Autodesk -> C:\Documents and Settings\Kings\Datos de programa\Autodesk -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] ACD -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\ACD -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] 2008 -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\ACD\2008 -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] {5783F2D7-6001-0409-0002-0060B0CE6BBA} -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\ACD\2008\{5783F2D7-6001-0409-0002-0060B0CE6BBA} -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] 17.1.51.0 -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\ACD\2008\{5783F2D7-6001-0409-0002-0060B0CE6BBA}\17.1.51.0 -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] MC3 -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\ACD\2008\{5783F2D7-6001-0409-0002-0060B0CE6BBA}\17.1.51.0\MC3 -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] Log -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\ACD\2008\{5783F2D7-6001-0409-0002-0060B0CE6BBA}\17.1.51.0\MC3\Log -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] AutoCAD 2008 -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008 -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] R17.1 -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1 -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] enu -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu -> [Folder | Modified Date = 07/03/2008 14:12:50 | Attr = ] Data Links -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Data Links -> [Folder | Modified Date = 07/03/2008 14:08:02 | Attr = ] Migration -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Migration -> [Folder | Modified Date = 07/03/2008 14:08:48 | Attr = ] Plot Styles -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Plot Styles -> [Folder | Modified Date = 07/03/2008 14:08:02 | Attr = ] Plotters -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Plotters -> [Folder | Modified Date = 07/03/2008 14:08:02 | Attr = ] PMP Files -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Plotters\PMP Files -> [Folder | Modified Date = 07/03/2008 14:08:02 | Attr = ] Recent -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Recent -> [Folder | Modified Date = 07/03/2008 14:12:50 | Attr = ] Save Drawing As -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Recent\Save Drawing As -> [Folder | Modified Date = 01/04/2008 16:47:13 | Attr = ] Support -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Support -> [Folder | Modified Date = 09/03/2008 11:26:36 | Attr = ] AuthorPalette -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Support\AuthorPalette -> [Folder | Modified Date = 07/03/2008 14:08:03 | Attr = ] Color -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Support\Color -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] Icons -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Support\Icons -> [Folder | Modified Date = 07/03/2008 14:05:38 | Attr = ] Profiles -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Support\Profiles -> [Folder | Modified Date = 07/03/2008 14:08:02 | Attr = ] Profile -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Support\Profiles\Profile -> [Folder | Modified Date = 01/04/2008 15:46:26 | Attr = ] RegisteredTools -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Support\RegisteredTools -> [Folder | Modified Date = 07/03/2008 14:08:02 | Attr = ] ToolPalette -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\AutoCAD 2008\R17.1\enu\Support\ToolPalette -> [Folder | Modified Date = 07/03/2008 14:08:03 | Attr = ] MC3 -> C:\Documents and Settings\Kings\Datos de programa\Autodesk\MC3 -> [Folder | Modified Date = 11/03/2008 13:28:30 | Attr = ] DivX -> C:\Documents and Settings\Kings\Datos de programa\DivX -> [Folder | Modified Date = 13/03/2008 15:20:16 | Attr = ] DivX Codec -> C:\Documents and Settings\Kings\Datos de programa\DivX\DivX Codec -> [Folder | Modified Date = 13/03/2008 15:20:16 | Attr = ] Hewlett-Packard -> C:\Documents and Settings\Kings\Datos de programa\Hewlett-Packard -> [Folder | Modified Date = 05/03/2008 18:19:57 | Attr = ] Digital Imaging -> C:\Documents and Settings\Kings\Datos de programa\Hewlett-Packard\Digital Imaging -> [Folder | Modified Date = 05/03/2008 18:19:58 | Attr = ] Identities -> C:\Documents and Settings\Kings\Datos de programa\Identities -> [Folder | Modified Date = 24/12/2007 18:15:50 | Attr = ] {42E873F2-F1CD-4246-B421-41FC79732A34} -> C:\Documents and Settings\Kings\Datos de programa\Identities\{42E873F2-F1CD-4246-B421-41FC79732A34} -> [Folder | Modified Date = 24/12/2007 18:15:50 | Attr = ] Macromedia -> C:\Documents and Settings\Kings\Datos de programa\Macromedia -> [Folder | Modified Date = 25/12/2007 3:06:38 | Attr = ] Flash Player -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player -> [Folder | Modified Date = 25/12/2007 3:06:38 | Attr = ] #SharedObjects -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects -> [Folder | Modified Date = 25/12/2007 3:06:38 | Attr = ] N3HYTH5V -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V -> [Folder | Modified Date = 09/03/2008 12:56:26 | Attr = ] br.youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\br.youtube.com -> [Folder | Modified Date = 06/03/2008 15:29:45 | Attr = ] es.youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\es.youtube.com -> [Folder | Modified Date = 07/03/2008 18:53:32 | Attr = ] fr.youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\fr.youtube.com -> [Folder | Modified Date = 30/03/2008 13:23:52 | Attr = ] gamersmafia.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\gamersmafia.com -> [Folder | Modified Date = 09/04/2008 19:04:57 | Attr = ] flash -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\gamersmafia.com\flash -> [Folder | Modified Date = 09/04/2008 19:04:57 | Attr = ] gmtv.swf -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\gamersmafia.com\flash\gmtv.swf -> [Folder | Modified Date = 09/04/2008 19:04:57 | Attr = ] mx.youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\mx.youtube.com -> [Folder | Modified Date = 18/03/2008 22:04:56 | Attr = ] pagead2.googlesyndication.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\pagead2.googlesyndication.com -> [Folder | Modified Date = 07/03/2008 18:49:47 | Attr = ] pagead -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\pagead2.googlesyndication.com\pagead -> [Folder | Modified Date = 07/03/2008 18:49:47 | Attr = ] googleadplayer.swf -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\pagead2.googlesyndication.com\pagead\googleadplayer.swf -> [Folder | Modified Date = 07/03/2008 18:49:47 | Attr = ] s.mcstatic.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\s.mcstatic.com -> [Folder | Modified Date = 22/04/2008 15:11:09 | Attr = ] serkis.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\serkis.com -> [Folder | Modified Date = 11/03/2008 15:32:48 | Attr = ] intro.swf -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\serkis.com\intro.swf -> [Folder | Modified Date = 11/03/2008 15:32:48 | Attr = ] slide.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\slide.com -> [Folder | Modified Date = 25/04/2008 16:51:24 | Attr = ] widgets -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\slide.com\widgets -> [Folder | Modified Date = 25/04/2008 16:42:47 | Attr = ] packages -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\slide.com\widgets\packages -> [Folder | Modified Date = 25/04/2008 16:42:47 | Attr = ] com.slide.prod.ratings.swf -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\slide.com\widgets\packages\com.slide.prod.ratings.swf -> [Folder | Modified Date = 25/04/2008 16:42:47 | Attr = ] twitter.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\twitter.com -> [Folder | Modified Date = 06/03/2008 16:58:43 | Attr = ] flash -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\twitter.com\flash -> [Folder | Modified Date = 06/03/2008 16:58:43 | Attr = ] twitter_badge.swf -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\twitter.com\flash\twitter_badge.swf -> [Folder | Modified Date = 06/03/2008 16:58:43 | Attr = ] video.google.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\video.google.com -> [Folder | Modified Date = 25/04/2008 15:38:06 | Attr = ] googleplayer.swf -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\video.google.com\googleplayer.swf -> [Folder | Modified Date = 25/04/2008 15:37:50 | Attr = ] www.callofduty4.es -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.callofduty4.es -> [Folder | Modified Date = 10/04/2008 23:02:52 | Attr = ] main.swf -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.callofduty4.es\main.swf -> [Folder | Modified Date = 10/04/2008 23:02:52 | Attr = ] www.cinepolis.com.mx -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.cinepolis.com.mx -> [Folder | Modified Date = 13/04/2008 12:46:17 | Attr = ] www.dailymotion.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.dailymotion.com -> [Folder | Modified Date = 07/03/2008 21:02:17 | Attr = ] flash -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.dailymotion.com\flash -> [Folder | Modified Date = 07/03/2008 21:02:17 | Attr = ] dmplayer -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.dailymotion.com\flash\dmplayer -> [Folder | Modified Date = 07/03/2008 21:02:17 | Attr = ] dmplayer.swf -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.dailymotion.com\flash\dmplayer\dmplayer.swf -> [Folder | Modified Date = 07/03/2008 21:02:17 | Attr = ] www.vidilife.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.vidilife.com -> [Folder | Modified Date = 22/04/2008 14:23:55 | Attr = ] flash -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.vidilife.com\flash -> [Folder | Modified Date = 22/04/2008 14:23:55 | Attr = ] FLVPlayer.swf -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.vidilife.com\flash\FLVPlayer.swf -> [Folder | Modified Date = 22/04/2008 14:23:55 | Attr = ] www.youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.youtube.com -> [Folder | Modified Date = 28/04/2008 21:07:12 | Attr = ] www.zaburuev.ru -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.zaburuev.ru -> [Folder | Modified Date = 25/04/2008 17:03:31 | Attr = ] player.swf -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\www.zaburuev.ru\player.swf -> [Folder | Modified Date = 25/04/2008 17:03:31 | Attr = ] youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\#SharedObjects\N3HYTH5V\youtube.com -> [Folder | Modified Date = 19/04/2008 17:25:21 | Attr = ] macromedia.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com -> [Folder | Modified Date = 25/12/2007 3:06:38 | Attr = ] support -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support -> [Folder | Modified Date = 25/12/2007 3:06:38 | Attr = ] flashplayer -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer -> [Folder | Modified Date = 25/12/2007 3:06:38 | Attr = ] sys -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys -> [Folder | Modified Date = 25/04/2008 17:03:31 | Attr = ] #772d815de87a988b.hqinc.s1.spunk-content.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#772d815de87a988b.hqinc.s1.spunk-content.com -> [Folder | Modified Date = 21/04/2008 22:26:53 | Attr = ] #br.youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#br.youtube.com -> [Folder | Modified Date = 06/03/2008 15:28:11 | Attr = ] #es.youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#es.youtube.com -> [Folder | Modified Date = 07/03/2008 18:52:34 | Attr = ] #fr.youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#fr.youtube.com -> [Folder | Modified Date = 30/03/2008 13:23:51 | Attr = ] #gamersmafia.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#gamersmafia.com -> [Folder | Modified Date = 09/04/2008 19:04:57 | Attr = ] #mx.youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#mx.youtube.com -> [Folder | Modified Date = 18/03/2008 22:04:54 | Attr = ] #pagead2.googlesyndication.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#pagead2.googlesyndication.com -> [Folder | Modified Date = 07/03/2008 18:49:47 | Attr = ] #s.mcstatic.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s.mcstatic.com -> [Folder | Modified Date = 22/04/2008 15:11:09 | Attr = ] #serkis.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#serkis.com -> [Folder | Modified Date = 11/03/2008 15:32:48 | Attr = ] #slide.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#slide.com -> [Folder | Modified Date = 25/04/2008 16:42:47 | Attr = ] #twitter.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#twitter.com -> [Folder | Modified Date = 06/03/2008 16:58:43 | Attr = ] #video.google.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#video.google.com -> [Folder | Modified Date = 25/04/2008 15:37:50 | Attr = ] #www.callofduty4.es -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.callofduty4.es -> [Folder | Modified Date = 10/04/2008 23:02:52 | Attr = ] #www.cinepolis.com.mx -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.cinepolis.com.mx -> [Folder | Modified Date = 08/03/2008 15:43:35 | Attr = ] #www.dailymotion.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.dailymotion.com -> [Folder | Modified Date = 07/03/2008 21:02:17 | Attr = ] #www.vidilife.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.vidilife.com -> [Folder | Modified Date = 22/04/2008 14:23:55 | Attr = ] #www.youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.youtube.com -> [Folder | Modified Date = 25/12/2007 15:08:30 | Attr = ] #www.zaburuev.ru -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.zaburuev.ru -> [Folder | Modified Date = 25/04/2008 17:03:31 | Attr = ] #youtube.com -> C:\Documents and Settings\Kings\Datos de programa\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#youtube.com -> [Folder | Modified Date = 09/03/2008 12:56:26 | Attr = ] Microsoft -> C:\Documents and Settings\Kings\Datos de programa\Microsoft -> [Folder | Modified Date = 21/04/2008 22:28:30 | Attr = S] AddIns -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\AddIns -> [Folder | Modified Date = 07/03/2008 14:16:39 | Attr = ] Address Book -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Address Book -> [Folder | Modified Date = 21/04/2008 22:28:37 | Attr = ] Clip Organizer -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Clip Organizer -> [Folder | Modified Date = 15/04/2008 18:13:29 | Attr = ] CLR Security Config -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\CLR Security Config -> [Folder | Modified Date = 25/12/2007 20:41:50 | Attr = ] v2.0.50727.42 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\CLR Security Config\v2.0.50727.42 -> [Folder | Modified Date = 25/12/2007 20:42:05 | Attr = ] v2.0.50727.832 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\CLR Security Config\v2.0.50727.832 -> [Folder | Modified Date = 06/03/2008 1:24:08 | Attr = ] Credentials -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Credentials -> [Folder | Modified Date = 24/12/2007 18:15:44 | Attr = S] S-1-5-21-1220945662-329068152-839522115-1003 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Credentials\S-1-5-21-1220945662-329068152-839522115-1003 -> [Folder | Modified Date = 24/12/2007 18:15:44 | Attr = S] CryptnetUrlCache -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\CryptnetUrlCache -> [Folder | Modified Date = 24/12/2007 18:17:19 | Attr = S] Content -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\CryptnetUrlCache\Content -> [Folder | Modified Date = 31/03/2008 15:09:16 | Attr = S] MetaData -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\CryptnetUrlCache\MetaData -> [Folder | Modified Date = 31/03/2008 15:09:16 | Attr = S] Crypto -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Crypto -> [Folder | Modified Date = 25/12/2007 2:49:36 | Attr = S] RSA -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Crypto\RSA -> [Folder | Modified Date = 25/12/2007 2:49:36 | Attr = S] S-1-5-21-1220945662-329068152-839522115-1003 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Crypto\RSA\S-1-5-21-1220945662-329068152-839522115-1003 -> [Folder | Modified Date = 29/04/2008 23:09:33 | Attr = S] Excel -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Excel -> [Folder | Modified Date = 24/04/2008 23:06:19 | Attr = ] XLSTART -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Excel\XLSTART -> [Folder | Modified Date = 24/03/2008 8:15:28 | Attr = ] HTML Help -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\HTML Help -> [Folder | Modified Date = 09/03/2008 11:12:07 | Attr = ] IdentityCRL -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\IdentityCRL -> [Folder | Modified Date = 25/12/2007 3:14:46 | Attr = ] Production -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\IdentityCRL\Production -> [Folder | Modified Date = 25/12/2007 3:14:46 | Attr = ] Installer -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Installer -> [Folder | Modified Date = 05/03/2008 17:53:40 | Attr = ] {35725FBC-A136-4A46-9F29-091759D9BB93} -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93} -> [Folder | Modified Date = 05/03/2008 17:53:52 | Attr = ] {BEF726DD-4037-4214-8C6A-E625C02D2870} -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870} -> [Folder | Modified Date = 05/03/2008 17:54:13 | Attr = ] {EA516024-D84D-41F1-814F-83175A6188F2} -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2} -> [Folder | Modified Date = 05/03/2008 17:53:40 | Attr = ] Internet Explorer -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Internet Explorer -> [Folder | Modified Date = 24/12/2007 18:15:50 | Attr = ] Quick Launch -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Internet Explorer\Quick Launch -> [Folder | Modified Date = 29/04/2008 23:21:00 | Attr = R ] Media Player -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Media Player -> [Folder | Modified Date = 25/12/2007 3:23:24 | Attr = ] MMC -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MMC -> [Folder | Modified Date = 25/12/2007 2:37:31 | Attr = ] MS Project -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MS Project -> [Folder | Modified Date = 28/03/2008 2:39:13 | Attr = ] 11 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MS Project\11 -> [Folder | Modified Date = 28/03/2008 2:39:13 | Attr = ] 3082 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MS Project\11\3082 -> [Folder | Modified Date = 28/03/2008 2:39:13 | Attr = ] MSN Messenger -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger -> [Folder | Modified Date = 25/12/2007 16:04:17 | Attr = ] 1128555347 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\1128555347 -> [Folder | Modified Date = 07/03/2008 20:38:55 | Attr = ] 1129002343 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\1129002343 -> [Folder | Modified Date = 06/03/2008 18:01:34 | Attr = ] 1218596585 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\1218596585 -> [Folder | Modified Date = 18/03/2008 10:24:16 | Attr = ] 1763005747 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\1763005747 -> [Folder | Modified Date = 05/04/2008 15:59:46 | Attr = ] 2470015020 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\2470015020 -> [Folder | Modified Date = 29/04/2008 13:48:30 | Attr = ] 253486711 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\253486711 -> [Folder | Modified Date = 07/03/2008 11:45:30 | Attr = ] 3348359060 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\3348359060 -> [Folder | Modified Date = 18/03/2008 10:20:08 | Attr = ] 3618567709 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\3618567709 -> [Folder | Modified Date = 27/03/2008 9:36:07 | Attr = ] 3853952697 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\3853952697 -> [Folder | Modified Date = 15/04/2008 18:02:15 | Attr = ] 4208129868 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\4208129868 -> [Folder | Modified Date = 25/12/2007 16:04:17 | Attr = ] 747753722 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\747753722 -> [Folder | Modified Date = 21/04/2008 13:27:48 | Attr = ] 877147192 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\877147192 -> [Folder | Modified Date = 05/04/2008 18:49:56 | Attr = ] 944813528 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\MSN Messenger\944813528 -> [Folder | Modified Date = 25/03/2008 8:05:37 | Attr = ] Office -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Office -> [Folder | Modified Date = 15/04/2008 19:20:38 | Attr = ] Reciente -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Office\Reciente -> [Folder | Modified Date = 29/04/2008 23:15:22 | Attr = S] OIS -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\OIS -> [Folder | Modified Date = 31/03/2008 19:29:16 | Attr = ] Plantillas -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Plantillas -> [Folder | Modified Date = 07/03/2008 14:16:38 | Attr = ] PowerPoint -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\PowerPoint -> [Folder | Modified Date = 10/03/2008 20:43:20 | Attr = ] Proof -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Proof -> [Folder | Modified Date = 29/04/2008 19:26:45 | Attr = ] Protect -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Protect -> [Folder | Modified Date = 24/12/2007 20:43:33 | Attr = S] S-1-5-21-1220945662-329068152-839522115-1003 -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Protect\S-1-5-21-1220945662-329068152-839522115-1003 -> [Folder | Modified Date = 24/03/2008 8:07:44 | Attr = S] Speech -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Speech -> [Folder | Modified Date = 31/03/2008 14:51:13 | Attr = ] Files -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Speech\Files -> [Folder | Modified Date = 31/03/2008 14:51:13 | Attr = ] UserLexicons -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Speech\Files\UserLexicons -> [Folder | Modified Date = 31/03/2008 14:51:13 | Attr = ] SystemCertificates -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\SystemCertificates -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] My -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\SystemCertificates\My -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] Certificates -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\SystemCertificates\My\Certificates -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] CRLs -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\SystemCertificates\My\CRLs -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] CTLs -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\SystemCertificates\My\CTLs -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] Windows -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Windows -> [Folder | Modified Date = 25/12/2007 2:52:38 | Attr = ] Themes -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Windows\Themes -> [Folder | Modified Date = 29/04/2008 14:09:23 | Attr = ] Word -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Word -> [Folder | Modified Date = 29/04/2008 13:14:57 | Attr = ] STARTUP -> C:\Documents and Settings\Kings\Datos de programa\Microsoft\Word\STARTUP -> [Folder | Modified Date = 07/03/2008 14:16:39 | Attr = ] Mozilla -> C:\Documents and Settings\Kings\Datos de programa\Mozilla -> [Folder | Modified Date = 21/04/2008 22:18:07 | Attr = ] Firefox -> C:\Documents and Settings\Kings\Datos de programa\Mozilla\Firefox -> [Folder | Modified Date = 21/04/2008 22:18:16 | Attr = ] Profiles -> C:\Documents and Settings\Kings\Datos de programa\Mozilla\Firefox\Profiles -> [Folder | Modified Date = 21/04/2008 22:18:09 | Attr = ] f62dr8f9.default -> C:\Documents and Settings\Kings\Datos de programa\Mozilla\Firefox\Profiles\f62dr8f9.default -> [Folder | Modified Date = 29/04/2008 23:37:08 | Attr = ] bookmarkbackups -> C:\Documents and Settings\Kings\Datos de programa\Mozilla\Firefox\Profiles\f62dr8f9.default\bookmarkbackups -> [Folder | Modified Date = 29/04/2008 14:06:29 | Attr = ] chrome -> C:\Documents and Settings\Kings\Datos de programa\Mozilla\Firefox\Profiles\f62dr8f9.default\chrome -> [Folder | Modified Date = 21/04/2008 22:18:09 | Attr = ] extensions -> C:\Documents and Settings\Kings\Datos de programa\Mozilla\Firefox\Profiles\f62dr8f9.default\extensions -> [Folder | Modified Date = 21/04/2008 22:18:09 | Attr = ] Roxio -> C:\Documents and Settings\Kings\Datos de programa\Roxio -> [Folder | Modified Date = 06/03/2008 23:27:03 | Attr = ] Data -> C:\Documents and Settings\Kings\Datos de programa\Roxio\Data -> [Folder | Modified Date = 25/12/2007 3:22:08 | Attr = ] PlayList -> C:\Documents and Settings\Kings\Datos de programa\Roxio\PlayList -> [Folder | Modified Date = 25/12/2007 3:22:11 | Attr = ] Styler -> C:\Documents and Settings\Kings\Datos de programa\Styler -> [Folder | Modified Date = 10/04/2008 19:25:35 | Attr = ] Styler -> C:\Documents and Settings\Kings\Datos de programa\Styler\Styler -> [Folder | Modified Date = 10/04/2008 19:25:35 | Attr = ] Data -> C:\Documents and Settings\Kings\Datos de programa\Styler\Styler\Data -> [Folder | Modified Date = 10/04/2008 19:25:35 | Attr = ] Symantec -> C:\Documents and Settings\Kings\Datos de programa\Symantec -> [Folder | Modified Date = 25/12/2007 20:41:50 | Attr = ] Norton Ghost -> C:\Documents and Settings\Kings\Datos de programa\Symantec\Norton Ghost -> [Folder | Modified Date = 25/12/2007 20:41:50 | Attr = ] Ulead Systems -> C:\Documents and Settings\Kings\Datos de programa\Ulead Systems -> [Folder | Modified Date = 29/04/2008 23:08:09 | Attr = ] Ulead Photo Express -> C:\Documents and Settings\Kings\Datos de programa\Ulead Systems\Ulead Photo Express -> [Folder | Modified Date = 29/04/2008 23:08:09 | Attr = ] 6.0 -> C:\Documents and Settings\Kings\Datos de programa\Ulead Systems\Ulead Photo Express\6.0 -> [Folder | Modified Date = 29/04/2008 23:28:18 | Attr = ] PAPER -> C:\Documents and Settings\Kings\Datos de programa\Ulead Systems\Ulead Photo Express\6.0\PAPER -> [Folder | Modified Date = 29/04/2008 23:28:18 | Attr = ] ULEAD.DAT -> C:\Documents and Settings\Kings\Datos de programa\Ulead Systems\Ulead Photo Express\6.0\ULEAD.DAT -> [Folder | Modified Date = 29/04/2008 23:28:30 | Attr = ] BKImg -> C:\Documents and Settings\Kings\Datos de programa\Ulead Systems\Ulead Photo Express\6.0\ULEAD.DAT\BKImg -> [Folder | Modified Date = 29/04/2008 23:28:31 | Attr = ] Cache -> C:\Documents and Settings\Kings\Datos de programa\Ulead Systems\Ulead Photo Express\6.0\ULEAD.DAT\BKImg\Cache -> [Folder | Modified Date = 29/04/2008 23:28:31 | Attr = ] BwsCache -> C:\Documents and Settings\Kings\Datos de programa\Ulead Systems\Ulead Photo Express\6.0\ULEAD.DAT\BwsCache -> [Folder | Modified Date = 29/04/2008 23:28:31 | Attr = ] uTorrent -> C:\Documents and Settings\Kings\Datos de programa\uTorrent -> [Folder | Modified Date = 15/04/2008 19:30:32 | Attr = ] ViStart -> C:\Documents and Settings\Kings\Datos de programa\ViStart -> [Folder | Modified Date = 10/04/2008 16:39:39 | Attr = ] vlc -> C:\Documents and Settings\Kings\Datos de programa\vlc -> [Folder | Modified Date = 09/03/2008 12:46:25 | Attr = ] cache -> C:\Documents and Settings\Kings\Datos de programa\vlc\cache -> [Folder | Modified Date = 09/03/2008 12:46:25 | Attr = ] WinRAR -> C:\Documents and Settings\Kings\Datos de programa\WinRAR -> [Folder | Modified Date = 25/12/2007 14:42:14 | Attr = ] Datos de programa -> C:\Documents and Settings\LocalService\Datos de programa -> [Folder | Modified Date = 24/12/2007 18:14:53 | Attr = ] Microsoft -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft -> [Folder | Modified Date = 25/12/2007 3:33:10 | Attr = S] Credentials -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\Credentials -> [Folder | Modified Date = 24/12/2007 18:14:53 | Attr = S] S-1-5-19 -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\Credentials\S-1-5-19 -> [Folder | Modified Date = 24/12/2007 18:14:53 | Attr = S] Internet Explorer -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\Internet Explorer -> [Folder | Modified Date = 24/12/2007 18:10:49 | Attr = ] Media Player -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\Media Player -> [Folder | Modified Date = 24/12/2007 18:11:00 | Attr = ] SystemCertificates -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\SystemCertificates -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] My -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\SystemCertificates\My -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] Certificates -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\SystemCertificates\My\Certificates -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] CRLs -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\SystemCertificates\My\CRLs -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] CTLs -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\SystemCertificates\My\CTLs -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] UPnP Device Host -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\UPnP Device Host -> [Folder | Modified Date = 25/12/2007 3:33:10 | Attr = ] upnphost -> C:\Documents and Settings\LocalService\Datos de programa\Microsoft\UPnP Device Host\upnphost -> [Folder | Modified Date = 25/12/2007 3:33:10 | Attr = ] Datos de programa -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa -> [Folder | Modified Date = 24/12/2007 17:52:20 | Attr = RH ] Microsoft -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa\Microsoft -> [Folder | Modified Date = 24/12/2007 18:11:00 | Attr = S] Credentials -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa\Microsoft\Credentials -> [Folder | Modified Date = 06/03/2008 11:43:53 | Attr = S] S-1-5-21-1220945662-329068152-839522115-1004 -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa\Microsoft\Credentials\S-1-5-21-1220945662-329068152-839522115-1004 -> [Folder | Modified Date = 06/03/2008 11:43:53 | Attr = S] Internet Explorer -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa\Microsoft\Internet Explorer -> [Folder | Modified Date = 24/12/2007 18:10:49 | Attr = ] Media Player -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa\Microsoft\Media Player -> [Folder | Modified Date = 24/12/2007 18:11:00 | Attr = ] SystemCertificates -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa\Microsoft\SystemCertificates -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] My -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa\Microsoft\SystemCertificates\My -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] Certificates -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa\Microsoft\SystemCertificates\My\Certificates -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] CRLs -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa\Microsoft\SystemCertificates\My\CRLs -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] CTLs -> C:\Documents and Settings\LogMeInRemoteUser\Datos de programa\Microsoft\SystemCertificates\My\CTLs -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] Datos de programa -> C:\Documents and Settings\NetworkService\Datos de programa -> [Folder | Modified Date = 24/12/2007 18:14:41 | Attr = ] Microsoft -> C:\Documents and Settings\NetworkService\Datos de programa\Microsoft -> [Folder | Modified Date = 24/12/2007 18:11:00 | Attr = S] Credentials -> C:\Documents and Settings\NetworkService\Datos de programa\Microsoft\Credentials -> [Folder | Modified Date = 24/12/2007 18:14:42 | Attr = S] S-1-5-20 -> C:\Documents and Settings\NetworkService\Datos de programa\Microsoft\Credentials\S-1-5-20 -> [Folder | Modified Date = 24/12/2007 18:14:42 | Attr = S] Internet Explorer -> C:\Documents and Settings\NetworkService\Datos de programa\Microsoft\Internet Explorer -> [Folder | Modified Date = 24/12/2007 18:10:49 | Attr = ] Media Player -> C:\Documents and Settings\NetworkService\Datos de programa\Microsoft\Media Player -> [Folder | Modified Date = 24/12/2007 18:11:00 | Attr = ] SystemCertificates -> C:\Documents and Settings\NetworkService\Datos de programa\Microsoft\SystemCertificates -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] My -> C:\Documents and Settings\NetworkService\Datos de programa\Microsoft\SystemCertificates\My -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] Certificates -> C:\Documents and Settings\NetworkService\Datos de programa\Microsoft\SystemCertificates\My\Certificates -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] CRLs -> C:\Documents and Settings\NetworkService\Datos de programa\Microsoft\SystemCertificates\My\CRLs -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] CTLs -> C:\Documents and Settings\NetworkService\Datos de programa\Microsoft\SystemCertificates\My\CTLs -> [Folder | Modified Date = 24/12/2007 17:51:59 | Attr = S] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [Folder | Modified Date = 07/04/2008 18:20:02 | Attr = S] AppleSoftwareUpdate.job -> C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 298 bytes | Modified Date = 26/04/2008 13:29:00 | Attr = ] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 20/08/2004 13:00:00 | Attr = RH ] FRU Task #Hewlett-Packard#hp psc 1200 series#1204737541.job -> C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1204737541.job -> [Ver = | Size = 404 bytes | Modified Date = 07/04/2008 18:20:03 | Attr = ] SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 29/04/2008 23:16:29 | Attr = H ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]