I opened a .exe which after opening it dissapeared. After this, I my ESET Smart Security started detecting:
08/01/2010 09:22:28 p.m. Filtro HTTP archivo http://91.212.226.180/51.exe una variante de Win32/Kryptik.BPX Troyano conexión finalizada - puesto en Cuarentena NT AUTHORITY\SYSTEM Se ha detectado una amenaza accediendo a un sitio de Internet a través de esta aplicación: C:\Windows\System32\svchost.exe.
I'm sorry it's in spanish. It says that detects a download http://91.212.226.180/51.exe which is a variant of Win32/Kryptik.BPX Troyan, coming from C:\Windows\System32\svchost.exe and it's ESET is blocking it and putting the file on Quarantine.
I've tried everything.. Doing scans with ESET, Malwarebytes' Anti-Malware, SpyBot, Ad-Aware.. I even tried some online antivirus scanners, but nothing has changed... So here I am.
I have performed the steps of this thread: http://www.geekstogo...uide-t2852.html and here are the logs..
Malwarebytes' Anti-Malware LOG
Malwarebytes' Anti-Malware 1.44
Versión de la Base de Datos: 3522
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
08/01/2010 09:24:26 p.m.
mbam-log-2010-01-08 (21-24-26).txt
Tipo de examen : Examen Rápido
Objetos examinados: 95390
Tiempo transcurrido: 4 minute(s), 36 second(s)
Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 0
Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)
Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)
Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)
Valores del Registro Infectados:
(No se han detectado elementos maliciosos)
Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)
Carpetas Infectadas:
(No se han detectado elementos maliciosos)
Ficheros Infectados:
(No se han detectado elementos maliciosos)
GMER Rootkit Scanner LOG
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-08 21:01:45
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\Fede\AppData\Local\Temp\axrcapob.sys
---- System - GMER 1.0.15 ----
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E43AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E43104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E433F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E2B634
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E2B898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E431DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E43958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E436F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E43F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E441A8
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
Device \Driver\BTHUSB \Device\0000008e bthport.sys (Controlador de bus Bluetooth/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000051 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
Device \Driver\BTHUSB \Device\0000008c bthport.sys (Controlador de bus Bluetooth/Microsoft Corporation)
---- Threads - GMER 1.0.15 ----
Thread System [4:248] 85D22930
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00247e43c5fa
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00247e43c5fa (not active ControlSet)
---- EOF - GMER 1.0.15 ----
OTL LOG
OTL logfile created on: 08/01/2010 09:04:00 p.m. - Run 1
OTL by OldTimer - Version 3.1.21.2 Folder = C:\Users\Fede\Downloads
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00002c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,66 Gb Total Space | 154,39 Gb Free Space | 69,34% Space Free | Partition Type: NTFS
Drive D: | 10,22 Gb Total Space | 1,75 Gb Free Space | 17,15% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FEDENOTEBOOK
Current User Name: Fede
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/01/08 21:02:29 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Fede\Downloads\OTL.exe
PRC - [2010/01/07 16:07:10 | 00,236,368 | ---- | M] (Malwarebytes Corporation) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/12/01 13:37:48 | 00,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Archivos de programa\DigitalPersona\Bin\DpHostW.exe
PRC - [2009/12/01 13:37:46 | 00,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Archivos de programa\DigitalPersona\Bin\DpAgent.exe
PRC - [2009/11/24 11:07:18 | 00,323,640 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Archivos de programa\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
PRC - [2009/11/16 09:04:30 | 00,735,960 | ---- | M] (ESET) -- C:\Archivos de programa\ESET\ESET Smart Security\ekrn.exe
PRC - [2009/11/16 09:03:32 | 02,054,360 | ---- | M] (ESET) -- C:\Archivos de programa\ESET\ESET Smart Security\egui.exe
PRC - [2009/11/02 21:24:58 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe
PRC - [2009/10/15 10:11:32 | 00,120,832 | ---- | M] (Hewlett-Packard) -- C:\Archivos de programa\Hewlett-Packard\HP Health Check\HPHC_Service.exe
PRC - [2009/09/16 17:42:30 | 00,210,216 | ---- | M] (CyberLink) -- c:\Archivos de programa\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/09/09 16:38:34 | 00,128,296 | ---- | M] (CyberLink Corp.) -- c:\Archivos de programa\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/08/20 13:34:04 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Archivos de programa\Common Files\LightScribe\LSSrvc.exe
PRC - [2009/08/20 13:25:58 | 02,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Archivos de programa\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2009/08/04 20:45:12 | 00,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/04 20:44:44 | 00,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/08/03 02:35:50 | 02,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/23 11:04:42 | 00,498,744 | ---- | M] (Hewlett-Packard) -- C:\Archivos de programa\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2009/07/22 09:33:32 | 00,458,844 | ---- | M] (IDT, Inc.) -- C:\Archivos de programa\IDT\WDM\sttray.exe
PRC - [2009/07/22 09:33:32 | 00,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe
PRC - [2009/07/13 22:17:29 | 00,673,048 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Internet Explorer\iexplore.exe
PRC - [2009/07/13 22:14:47 | 01,121,280 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe
PRC - [2009/07/13 22:14:42 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 22:14:15 | 00,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/07/01 15:44:34 | 00,632,888 | ---- | M] () -- C:\Archivos de programa\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2009/06/03 02:12:50 | 00,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2009/05/15 11:25:30 | 00,282,624 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Archivos de programa\Apoint2K\Apoint.exe
PRC - [2009/05/05 09:11:50 | 00,228,408 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Archivos de programa\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
PRC - [2009/04/30 15:58:44 | 00,229,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Archivos de programa\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2009/04/22 17:38:50 | 00,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- c:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009/04/22 17:37:16 | 00,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2009/03/03 05:43:08 | 00,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\AEstSrv.exe
PRC - [2009/02/01 16:15:38 | 00,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Archivos de programa\Apoint2K\ApntEx.exe
PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/25 05:56:46 | 00,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Archivos de programa\Apoint2K\ApMsgFwd.exe
========== Modules (SafeList) ==========
MOD - [2010/01/08 21:02:29 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Fede\Downloads\OTL.exe
MOD - [2009/07/13 22:16:15 | 00,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 22:16:13 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 22:16:13 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 22:16:12 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 22:16:03 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 22:15:35 | 00,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 22:15:13 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 22:15:11 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 22:15:07 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 22:15:02 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 22:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/01/07 16:07:10 | 00,236,368 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/01/07 06:19:19 | 01,028,432 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/12/01 13:37:48 | 00,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Archivos de programa\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009/11/16 09:12:54 | 00,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/11/16 09:04:30 | 00,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/10/15 10:11:32 | 00,120,832 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2009/08/20 13:34:04 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/08/04 20:44:44 | 00,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/22 09:33:32 | 00,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe -- (STacSV)
SRV - [2009/07/13 22:16:21 | 00,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 22:16:17 | 00,151,552 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 22:16:17 | 00,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 22:16:16 | 00,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 22:16:15 | 00,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 22:16:15 | 00,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 22:16:13 | 00,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 22:16:13 | 00,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 22:16:12 | 01,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 22:16:12 | 00,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 22:16:12 | 00,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 22:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 22:16:12 | 00,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 22:15:41 | 00,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 22:15:36 | 00,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 22:15:21 | 00,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 22:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 22:15:10 | 00,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 22:14:59 | 00,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 22:14:58 | 00,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalador de ActiveX (AxInstSV)
SRV - [2009/07/13 22:14:53 | 00,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 22:14:29 | 03,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/06/03 02:12:50 | 00,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2009/05/05 09:11:50 | 00,228,408 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx)
SRV - [2009/04/30 15:58:44 | 00,229,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2009/03/03 05:43:08 | 00,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\AEstSrv.exe -- (AESTFilters)
SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Archivos de programa\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ar.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A 95 83 2D 45 87 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: [email protected]:1.19
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.1
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.7
FF - prefs.js..extensions.enabledItems: {76063e7f-3558-4b68-8287-54eb6512adc0}:2.4.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.464
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.35
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2009/12/28 00:14:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/06 01:26:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/08 20:36:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009/12/28 00:02:13 | 00,000,000 | ---D | M]
[2009/12/27 23:44:27 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\mozilla\Extensions
[2009/12/27 23:44:27 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\mozilla\Extensions\[email protected]
[2010/01/08 20:36:06 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\mozilla\Firefox\Profiles\8ykwrfiw.default\extensions
[2010/01/07 01:54:43 | 00,000,000 | ---D | M] (NoScript) -- C:\Users\Fede\AppData\Roaming\mozilla\Firefox\Profiles\8ykwrfiw.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/12/28 03:00:54 | 00,000,000 | ---D | M] (Gladiatus Tools) -- C:\Users\Fede\AppData\Roaming\mozilla\Firefox\Profiles\8ykwrfiw.default\extensions\{76063e7f-3558-4b68-8287-54eb6512adc0}
[2010/01/08 01:37:16 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Fede\AppData\Roaming\mozilla\Firefox\Profiles\8ykwrfiw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/03 19:48:13 | 00,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Fede\AppData\Roaming\mozilla\Firefox\Profiles\8ykwrfiw.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/12/27 22:28:53 | 00,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Fede\AppData\Roaming\mozilla\Firefox\Profiles\8ykwrfiw.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/01/06 13:35:27 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\mozilla\Firefox\Profiles\8ykwrfiw.default\extensions\[email protected]
[2010/01/06 13:35:27 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\mozilla\Firefox\Profiles\8ykwrfiw.default\extensions\[email protected]
[2009/12/28 01:03:38 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\mozilla\Firefox\Profiles\8ykwrfiw.default\extensions\[email protected]
[2009/12/28 10:43:31 | 00,000,000 | ---D | M] -- C:\Archivos de programa\Mozilla Firefox\extensions
[2009/12/02 05:41:52 | 00,004,080 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\drae.xml
[2009/12/02 05:41:52 | 00,002,480 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\mercadolibre-ar.xml
[2009/12/02 05:41:52 | 00,001,178 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\wikipedia-es.xml
[2009/12/02 05:41:52 | 00,000,838 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\yahoo-ar.xml
O1 HOSTS File: (371907 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 12817 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Archivos de programa\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Archivos de programa\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Apoint] C:\Archivos de programa\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [DpAgent] C:\Archivos de programa\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Archivos de programa\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [WirelessAssistant] C:\Archivos de programa\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...854/mcfscan.cab (McFreeScan Class)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 18:42:20 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/07/13 23:37:08 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2010/01/08 20:40:13 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/01/08 20:39:25 | 00,000,000 | ---D | C] -- C:\Archivos de programa\ERUNT
[2010/01/08 20:10:49 | 00,000,000 | ---D | C] -- C:\Archivos de programa\HijackThis
[2010/01/08 17:06:37 | 00,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/01/08 17:06:30 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Adobe
[2010/01/08 17:06:30 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Adobe
[2010/01/08 17:04:57 | 00,000,000 | ---D | C] -- C:\Users\Public\Desktop\Programa de instalación de Adobe Reader 9
[2010/01/08 17:03:22 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Adobe
[2010/01/08 01:36:19 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\LogMeIn
[2010/01/08 01:36:19 | 00,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2010/01/07 23:27:14 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\Malwarebytes
[2010/01/07 23:27:08 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/07 23:27:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/07 23:27:04 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/07 23:27:03 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
[2010/01/07 20:07:50 | 00,000,000 | ---D | C] -- C:\Windows\McAfee.com
[2010/01/07 16:49:49 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/01/07 06:02:58 | 00,000,000 | -H-D | C] -- C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}
[2010/01/07 06:02:50 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/01/07 06:02:50 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Lavasoft
[2010/01/07 04:47:16 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/01/07 04:47:16 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Spybot - Search & Destroy
[2010/01/07 02:42:35 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\Backups CCleaner
[2010/01/07 02:33:58 | 00,000,000 | ---D | C] -- C:\Archivos de programa\CCleaner
[2010/01/05 23:42:21 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Rockstar Games
[2010/01/05 23:40:08 | 00,000,000 | RH-D | C] -- C:\Users\Fede\AppData\Roaming\SecuROM
[2010/01/05 23:39:44 | 00,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/01/05 23:38:20 | 00,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010/01/05 23:38:20 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Games for Windows - LIVE
[2010/01/05 23:00:44 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Rockstar Games
[2010/01/04 00:12:12 | 00,000,000 | ---D | C] -- C:\Archivos de programa\WinRAR
[2010/01/03 04:14:08 | 00,000,000 | ---D | C] -- C:\Archivos de programa\uTorrent
[2010/01/03 04:12:38 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\uTorrent
[2010/01/02 23:02:24 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Deployment
[2010/01/02 23:02:24 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Apps
[2010/01/02 19:24:44 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Validity Sensors, Inc
[2010/01/02 17:33:21 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\acccore
[2010/01/02 17:33:20 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\AOL
[2010/01/02 17:33:20 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\AIM
[2010/01/02 17:33:06 | 00,000,000 | ---D | C] -- C:\ProgramData\AIM
[2010/01/02 17:32:57 | 00,000,000 | ---D | C] -- C:\Archivos de programa\AIM
[2010/01/02 17:32:56 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Software Update Utility
[2010/01/02 17:32:54 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\AOL
[2010/01/02 17:03:44 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\GlobalSCAPE
[2010/01/02 17:03:44 | 00,000,000 | ---D | C] -- C:\ProgramData\GlobalSCAPE
[2010/01/02 17:03:36 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\GlobalSCAPE
[2010/01/02 17:02:45 | 00,000,000 | ---D | C] -- C:\Archivos de programa\GlobalSCAPE
[2010/01/02 17:01:47 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\InstallShield
[2010/01/02 17:00:50 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\KeePass
[2010/01/02 16:56:23 | 00,000,000 | ---D | C] -- C:\Archivos de programa\KeePass Password Safe 2
[2010/01/02 16:05:15 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\ElevatedDiagnostics
[2010/01/01 01:23:47 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\CyberLink
[2009/12/31 05:10:37 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\WinRAR
[2009/12/28 10:43:41 | 00,000,000 | ---D | C] -- C:\Archivos de programa\JDownloader
[2009/12/28 10:43:05 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Java
[2009/12/28 10:28:09 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\Macromedia
[2009/12/28 10:28:09 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\Adobe
[2009/12/28 10:28:00 | 00,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2009/12/28 00:22:28 | 00,000,000 | ---D | C] -- C:\Users\Fede\Documents\Mis archivos recibidos
[2009/12/28 00:20:56 | 00,000,000 | ---D | C] -- C:\Users\Fede\Documents\Mis historiales de conversación
[2009/12/28 00:16:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus!
[2009/12/28 00:14:24 | 00,000,000 | ---D | C] -- C:\Windows\System32\tr
[2009/12/28 00:14:24 | 00,000,000 | ---D | C] -- C:\Windows\System32\sv
[2009/12/28 00:14:24 | 00,000,000 | ---D | C] -- C:\Windows\System32\ru
[2009/12/28 00:14:24 | 00,000,000 | ---D | C] -- C:\Windows\System32\no
[2009/12/28 00:14:24 | 00,000,000 | ---D | C] -- C:\Windows\System32\da
[2009/12/28 00:14:22 | 00,000,000 | ---D | C] -- C:\Windows\System32\ko
[2009/12/28 00:14:22 | 00,000,000 | ---D | C] -- C:\Windows\System32\ja
[2009/12/28 00:14:22 | 00,000,000 | ---D | C] -- C:\Windows\System32\it
[2009/12/28 00:14:22 | 00,000,000 | ---D | C] -- C:\Windows\System32\fr
[2009/12/28 00:14:22 | 00,000,000 | ---D | C] -- C:\Windows\System32\de
[2009/12/28 00:14:20 | 00,000,000 | ---D | C] -- C:\Windows\DPDrv
[2009/12/28 00:06:01 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Messenger Plus! Live
[2009/12/27 23:44:26 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\Postbox
[2009/12/27 23:44:26 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Postbox
[2009/12/27 23:44:15 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Postbox
[2009/12/27 23:31:26 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\CyberLink
[2009/12/27 23:31:25 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\PowerCinema
[2009/12/27 23:19:37 | 00,000,000 | ---D | C] -- C:\Users\Fede\Tracing
[2009/12/27 23:12:08 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Silverlight
[2009/12/27 23:10:39 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft SQL Server Compact Edition
[2009/12/27 23:10:02 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft
[2009/12/27 23:09:48 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2009/12/27 23:09:41 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Windows Live SkyDrive
[2009/12/27 23:09:17 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Windows Live
[2009/12/27 23:08:52 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2009/12/27 23:04:13 | 00,000,000 | ---D | C] -- C:\mIRC
[2009/12/27 23:01:49 | 00,000,000 | ---D | C] -- C:\Users\Fede\Documents\x10
[2009/12/27 23:00:14 | 00,000,000 | ---D | C] -- C:\AL BACKUP
[2009/12/27 22:58:09 | 00,000,000 | ---D | C] -- C:\mIRCBACKUP
[2009/12/27 22:54:14 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Validity Sensors
[2009/12/27 22:52:20 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Windows Live
[2009/12/27 22:47:59 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\ESET
[2009/12/27 22:46:49 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET
[2009/12/27 22:46:49 | 00,000,000 | ---D | C] -- C:\Archivos de programa\ESET
[2009/12/27 22:38:49 | 00,000,000 | ---D | C] -- C:\Archivos de programa\MSXML 4.0
[2009/12/27 22:33:50 | 00,000,000 | ---D | C] -- C:\ProgramData\{657095DF-DBDB-4B17-8245-B38845C97069}
[2009/12/27 22:27:48 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\LightScribe
[2009/12/27 22:24:58 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\Macrovision
[2009/12/27 22:23:54 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\DigitalPersona
[2009/12/27 22:23:54 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\DigitalPersona
[2009/12/27 22:21:32 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Programs
[2009/12/27 22:21:12 | 00,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2009/12/27 22:21:12 | 00,000,000 | ---D | C] -- C:\Archivos de programa\DigitalPersona
[2009/12/27 22:19:55 | 00,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2009/12/27 22:14:08 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Diagnostics
[2009/12/27 21:35:45 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\Hewlett-Packard
[2009/12/27 21:34:36 | 00,000,000 | ---D | C] -- C:\Windows\Driver Cache
[2009/12/27 21:34:33 | 00,000,000 | ---D | C] -- C:\Archivos de programa\AVerMedia
[2009/12/27 21:31:33 | 00,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2009/12/27 21:22:58 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Hewlett-Packard
[2009/12/27 21:22:56 | 00,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2009/12/27 21:18:48 | 00,000,000 | ---D | C] -- C:\ProgramData\Temp
[2009/12/27 21:18:14 | 00,000,000 | ---D | C] -- C:\HP
[2009/12/27 21:11:32 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\Mozilla
[2009/12/27 21:11:32 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Mozilla
[2009/12/27 21:11:24 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Mozilla Firefox
[2009/12/27 20:37:45 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Apoint2K
[2009/12/27 20:33:58 | 00,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\System32\hcwutl32.dll
[2009/12/27 20:33:48 | 00,000,000 | ---D | C] -- C:\Archivos de programa\HP USB TV Tuner
[2009/12/27 20:16:48 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\ATI
[2009/12/27 20:16:48 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\ATI
[2009/12/27 20:16:48 | 00,000,000 | ---D | C] -- C:\ProgramData\ATI
[2009/12/27 20:13:46 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Hewlett-Packard
[2009/12/27 20:13:45 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\hpqLog
[2009/12/27 20:11:55 | 00,167,936 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
[2009/12/27 20:11:55 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Realtek
[2009/12/27 20:11:06 | 00,000,000 | ---D | C] -- C:\Archivos de programa\DIFX
[2009/12/27 20:11:04 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2009/12/27 20:11:04 | 00,000,000 | ---D | C] -- C:\Archivos de programa\AMD
[2009/12/27 20:09:10 | 00,000,000 | ---D | C] -- C:\Archivos de programa\ATI Technologies
[2009/12/27 19:50:42 | 00,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2009/12/27 19:50:41 | 12,030,044 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2009/12/27 19:50:41 | 03,600,384 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2009/12/27 19:50:41 | 00,458,844 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray.exe
[2009/12/27 19:50:37 | 00,175,616 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\staco.dll
[2009/12/27 19:49:34 | 00,000,000 | -H-D | C] -- C:\Archivos de programa\InstallShield Installation Information
[2009/12/27 19:45:55 | 00,000,000 | ---D | C] -- C:\Windows\System32\SDA
[2009/12/27 19:45:55 | 00,000,000 | ---D | C] -- C:\Archivos de programa\JMicron
[2009/12/27 19:43:53 | 00,000,000 | ---D | C] -- C:\Archivos de programa\ATI
[2009/12/27 19:43:41 | 00,000,000 | ---D | C] -- C:\SYSTEM.SAV
[2009/12/27 19:43:39 | 00,000,000 | ---D | C] -- C:\swsetup
[2009/12/27 19:40:16 | 00,000,000 | ---D | C] -- C:\Archivos de programa\HP
[2009/12/27 19:40:11 | 00,000,000 | -HSD | C] -- C:\Windows\Installer
[2009/12/27 19:40:11 | 00,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2009/12/27 19:33:33 | 00,000,000 | ---D | C] -- C:\Archivos de programa\Synaptics
[2009/12/27 19:31:34 | 00,915,456 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll
[2009/12/27 19:31:34 | 00,490,496 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2009/12/27 19:31:34 | 00,409,088 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2009/12/27 19:31:34 | 00,405,504 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2009/12/27 19:31:34 | 00,000,000 | ---D | C] -- C:\Archivos de programa\IDT
[2009/12/27 19:31:28 | 00,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs
[2009/12/27 18:23:11 | 00,000,000 | R--D | C] -- C:\Users\Fede\Searches
[2009/12/27 18:23:01 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\Identities
[2009/12/27 18:22:59 | 00,000,000 | R--D | C] -- C:\Users\Fede\Contacts
[2009/12/27 18:22:53 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\VirtualStore
[2009/12/27 18:22:51 | 00,000,000 | --SD | C] -- C:\Users\Fede\AppData\Roaming\Microsoft
[2009/12/27 18:22:51 | 00,000,000 | R--D | C] -- C:\Users\Fede\Videos
[2009/12/27 18:22:51 | 00,000,000 | R--D | C] -- C:\Users\Fede\Saved Games
[2009/12/27 18:22:51 | 00,000,000 | R--D | C] -- C:\Users\Fede\Pictures
[2009/12/27 18:22:51 | 00,000,000 | R--D | C] -- C:\Users\Fede\Music
[2009/12/27 18:22:51 | 00,000,000 | R--D | C] -- C:\Users\Fede\Links
[2009/12/27 18:22:51 | 00,000,000 | R--D | C] -- C:\Users\Fede\Favorites
[2009/12/27 18:22:51 | 00,000,000 | R--D | C] -- C:\Users\Fede\Downloads
[2009/12/27 18:22:51 | 00,000,000 | R--D | C] -- C:\Users\Fede\Documents
[2009/12/27 18:22:51 | 00,000,000 | R--D | C] -- C:\Users\Fede\Desktop
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\SendTo
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Reciente
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Plantillas
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Documents\Mis vídeos
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Documents\Mis imágenes
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Mis documentos
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Documents\Mi música
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Menú Inicio
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Impresoras
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\AppData\Local\Historial
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Entorno de red
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Datos de programa
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\AppData\Local\Datos de programa
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Cookies
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\Configuración local
[2009/12/27 18:22:51 | 00,000,000 | -HSD | C] -- C:\Users\Fede\AppData\Local\Archivos temporales de Internet
[2009/12/27 18:22:51 | 00,000,000 | -H-D | C] -- C:\Users\Fede\AppData
[2009/12/27 18:22:51 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Temp
[2009/12/27 18:22:51 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Local\Microsoft
[2009/12/27 18:22:51 | 00,000,000 | ---D | C] -- C:\Users\Fede\AppData\Roaming\Media Center Programs
[2009/12/27 18:22:34 | 00,000,000 | -HSD | C] -- C:\Recovery
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\ProgramData\Plantillas
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mis vídeos
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mis imágenes
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mi música
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\ProgramData\Menú Inicio
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favoritos
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\ProgramData\Escritorio
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\ProgramData\Documentos
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\ProgramData\Datos de programa
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\Archivos de programa
[2009/12/27 18:22:33 | 00,000,000 | -HSD | C] -- C:\Archivos de programa\Archivos comunes
[2009/12/27 18:15:52 | 00,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2009/12/27 18:13:17 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch
[2009/12/27 18:12:58 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/12/27 15:12:14 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2009/12/27 15:12:04 | 00,000,000 | -HSD | C] -- C:\Boot
========== Files - Modified Within 14 Days ==========
[2010/01/08 21:06:10 | 05,242,880 | -HS- | M] () -- C:\Users\Fede\ntuser.dat
[2010/01/08 20:39:31 | 00,000,898 | ---- | M] () -- C:\Users\Fede\Desktop\NTREGOPT.lnk
[2010/01/08 20:39:31 | 00,000,879 | ---- | M] () -- C:\Users\Fede\Desktop\ERUNT.lnk
[2010/01/08 20:39:18 | 00,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/08 20:39:18 | 00,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/08 20:32:00 | 00,000,474 | ---- | M] () -- C:\Windows\tasks\Malwarebytes' Scheduled Update for Fede.job
[2010/01/08 20:32:00 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/08 20:31:51 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/08 20:31:47 | 14,075,74016 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/08 20:10:53 | 00,002,979 | ---- | M] () -- C:\Users\Fede\Desktop\HiJackThis.lnk
[2010/01/08 17:06:59 | 00,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/08 05:59:38 | 02,712,428 | -H-- | M] () -- C:\Users\Fede\AppData\Local\IconCache.db
[2010/01/07 23:27:12 | 00,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/07 21:55:24 | 00,000,376 | ---- | M] () -- C:\Users\Fede\Desktop\Desktop Client.appref-ms
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/07 15:05:17 | 00,000,036 | ---- | M] () -- C:\Users\Fede\AppData\Local\housecall.guid.cache
[2010/01/07 06:20:44 | 00,015,688 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010/01/07 06:02:57 | 00,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/01/07 04:59:22 | 00,371,907 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/01/07 04:47:33 | 00,001,220 | ---- | M] () -- C:\Users\Fede\Desktop\Spybot - Search & Destroy.lnk
[2010/01/06 16:12:23 | 00,000,600 | ---- | M] () -- C:\Users\Fede\AppData\Local\PUTTY.RND
[2010/01/05 23:40:31 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/01/04 15:47:09 | 00,159,236 | ---- | M] () -- C:\Users\Fede\Desktop\[bleep].jpg
[2010/01/02 19:24:56 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2010/01/02 17:33:20 | 00,000,346 | -H-- | M] () -- C:\IPH.PH
[2010/01/02 17:33:06 | 00,001,861 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/01/02 14:57:22 | 00,632,710 | ---- | M] () -- C:\Users\Fede\Desktop\ticket.png
[2010/01/02 00:14:14 | 00,043,341 | ---- | M] () -- C:\Users\Fede\Desktop\batallaaaaa.png
[2010/01/01 18:54:43 | 00,838,073 | ---- | M] () -- C:\Users\Fede\Desktop\batalladize.png
[2009/12/28 10:44:15 | 00,000,991 | ---- | M] () -- C:\Users\Fede\Desktop\JDownloader.lnk
[2009/12/27 23:44:23 | 00,001,815 | ---- | M] () -- C:\Users\Public\Desktop\Postbox.lnk
[2009/12/27 22:59:00 | 00,001,390 | ---- | M] () -- C:\Users\Fede\Desktop\IRcap 8.5.lnk
[2009/12/27 22:58:10 | 00,000,550 | ---- | M] () -- C:\Users\Fede\Desktop\mIRC.lnk
[2009/12/27 22:54:51 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_wbvfs201_01_09_00.Wdf
[2009/12/27 22:34:43 | 00,001,067 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2009/12/27 22:22:25 | 00,524,288 | -HS- | M] () -- C:\Users\Fede\ntuser.dat{e668f911-f34d-11de-87b7-00247e43c5fa}.TMContainer00000000000000000002.regtrans-ms
[2009/12/27 22:22:25 | 00,524,288 | -HS- | M] () -- C:\Users\Fede\ntuser.dat{e668f911-f34d-11de-87b7-00247e43c5fa}.TMContainer00000000000000000001.regtrans-ms
[2009/12/27 22:22:25 | 00,065,536 | -HS- | M] () -- C:\Users\Fede\ntuser.dat{e668f911-f34d-11de-87b7-00247e43c5fa}.TM.blf
[2009/12/27 21:11:28 | 00,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/12/27 20:57:44 | 01,530,242 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/27 20:57:44 | 00,694,386 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2009/12/27 20:57:44 | 00,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/27 20:57:44 | 00,134,448 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2009/12/27 20:57:44 | 00,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/27 20:39:51 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_enecir_01009.Wdf
[2009/12/27 20:37:51 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2009/12/27 20:18:53 | 00,057,560 | ---- | M] () -- C:\Users\Fede\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/12/27 19:35:02 | 00,265,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/12/27 19:33:50 | 00,524,288 | -HS- | M] () -- C:\Users\Fede\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2009/12/27 19:33:50 | 00,524,288 | -HS- | M] () -- C:\Users\Fede\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2009/12/27 19:33:50 | 00,065,536 | -HS- | M] () -- C:\Users\Fede\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2009/12/27 19:33:38 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2009/12/27 18:22:51 | 00,000,020 | -HS- | M] () -- C:\Users\Fede\ntuser.ini
[2009/12/27 18:16:50 | 00,052,717 | ---- | M] () -- C:\Windows\System32\license.rtf
[2009/12/27 18:15:27 | 00,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2009/12/27 15:12:06 | 00,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
========== Files Created - No Company Name ==========
[2010/01/08 20:39:31 | 00,000,898 | ---- | C] () -- C:\Users\Fede\Desktop\NTREGOPT.lnk
[2010/01/08 20:39:31 | 00,000,879 | ---- | C] () -- C:\Users\Fede\Desktop\ERUNT.lnk
[2010/01/08 20:10:53 | 00,002,979 | ---- | C] () -- C:\Users\Fede\Desktop\HiJackThis.lnk
[2010/01/08 19:59:04 | 00,000,474 | ---- | C] () -- C:\Windows\tasks\Malwarebytes' Scheduled Update for Fede.job
[2010/01/08 17:06:59 | 00,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/07 23:27:12 | 00,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/07 21:55:24 | 00,000,376 | ---- | C] () -- C:\Users\Fede\Desktop\Desktop Client.appref-ms
[2010/01/07 15:05:17 | 00,000,036 | ---- | C] () -- C:\Users\Fede\AppData\Local\housecall.guid.cache
[2010/01/07 14:57:52 | 00,015,688 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/01/07 06:02:57 | 00,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/01/07 04:47:33 | 00,001,220 | ---- | C] () -- C:\Users\Fede\Desktop\Spybot - Search & Destroy.lnk
[2010/01/04 15:47:04 | 00,159,236 | ---- | C] () -- C:\Users\Fede\Desktop\[bleep].jpg
[2010/01/02 19:24:56 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2010/01/02 17:33:06 | 00,001,861 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/01/02 17:30:22 | 00,000,346 | -H-- | C] () -- C:\IPH.PH
[2010/01/02 14:57:22 | 00,632,710 | ---- | C] () -- C:\Users\Fede\Desktop\ticket.png
[2010/01/02 00:14:14 | 00,043,341 | ---- | C] () -- C:\Users\Fede\Desktop\batallaaaaa.png
[2010/01/01 20:12:41 | 00,000,600 | ---- | C] () -- C:\Users\Fede\AppData\Local\PUTTY.RND
[2010/01/01 18:54:42 | 00,838,073 | ---- | C] () -- C:\Users\Fede\Desktop\batalladize.png
[2009/12/28 10:44:15 | 00,000,991 | ---- | C] () -- C:\Users\Fede\Desktop\JDownloader.lnk
[2009/12/27 23:44:23 | 00,001,815 | ---- | C] () -- C:\Users\Public\Desktop\Postbox.lnk
[2009/12/27 22:59:00 | 00,001,390 | ---- | C] () -- C:\Users\Fede\Desktop\IRcap 8.5.lnk
[2009/12/27 22:58:10 | 00,000,550 | ---- | C] () -- C:\Users\Fede\Desktop\mIRC.lnk
[2009/12/27 22:54:51 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_wbvfs201_01_09_00.Wdf
[2009/12/27 22:34:43 | 00,001,067 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2009/12/27 22:11:53 | 00,524,288 | -HS- | C] () -- C:\Users\Fede\ntuser.dat{e668f911-f34d-11de-87b7-00247e43c5fa}.TMContainer00000000000000000002.regtrans-ms
[2009/12/27 22:11:53 | 00,524,288 | -HS- | C] () -- C:\Users\Fede\ntuser.dat{e668f911-f34d-11de-87b7-00247e43c5fa}.TMContainer00000000000000000001.regtrans-ms
[2009/12/27 22:11:53 | 00,065,536 | -HS- | C] () -- C:\Users\Fede\ntuser.dat{e668f911-f34d-11de-87b7-00247e43c5fa}.TM.blf
[2009/12/27 21:11:28 | 00,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/12/27 20:39:51 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_enecir_01009.Wdf
[2009/12/27 20:37:51 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2009/12/27 20:29:52 | 00,000,000 | ---- | C] () -- C:\Users\Fede\AppData\Local\QSwitch.txt
[2009/12/27 20:29:52 | 00,000,000 | ---- | C] () -- C:\Users\Fede\AppData\Local\DSwitch.txt
[2009/12/27 20:29:52 | 00,000,000 | ---- | C] () -- C:\Users\Fede\AppData\Local\AtStart.txt
[2009/12/27 20:16:46 | 00,000,195 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2009/12/27 20:11:55 | 00,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/12/27 19:33:38 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2009/12/27 19:31:30 | 00,015,222 | ---- | C] () -- C:\Windows\System32\nbspkrs.ico
[2009/12/27 19:31:30 | 00,003,774 | ---- | C] () -- C:\Windows\System32\bltinmic.ico
[2009/12/27 19:31:30 | 00,003,774 | ---- | C] () -- C:\Windows\System32\2hps.ico
[2009/12/27 18:22:51 | 05,242,880 | -HS- | C] () -- C:\Users\Fede\ntuser.dat
[2009/12/27 18:22:51 | 00,524,288 | -HS- | C] () -- C:\Users\Fede\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2009/12/27 18:22:51 | 00,524,288 | -HS- | C] () -- C:\Users\Fede\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2009/12/27 18:22:51 | 00,065,536 | -HS- | C] () -- C:\Users\Fede\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2009/12/27 18:22:51 | 00,000,020 | -HS- | C] () -- C:\Users\Fede\ntuser.ini
[2009/12/27 18:15:27 | 00,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/12/27 18:12:58 | 14,075,74016 | -HS- | C] () -- C:\hiberfil.sys
[2009/12/27 15:12:06 | 00,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2009/12/27 15:12:05 | 00,383,562 | RHS- | C] () -- C:\bootmgr
[2009/07/13 20:51:43 | 00,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 20:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/05/13 08:39:12 | 00,020,480 | ---- | C] () -- C:\Windows\System32\wbvfsinst.dll
[2009/01/05 15:44:10 | 00,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008/10/22 05:29:06 | 00,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2007/11/14 16:17:34 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
========== LOP Check ==========
[2010/01/02 17:33:35 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\acccore
[2009/12/27 22:23:54 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\DigitalPersona
[2009/12/27 22:47:59 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\ESET
[2010/01/02 17:03:36 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\GlobalSCAPE
[2010/01/02 17:00:50 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\KeePass
[2009/12/27 23:44:26 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\Postbox
[2010/01/05 20:44:06 | 00,000,000 | ---D | M] -- C:\Users\Fede\AppData\Roaming\uTorrent
[2009/07/14 01:53:46 | 00,010,200 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009/07/13 22:26:15 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/13 22:26:15 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/13 22:26:15 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/13 22:26:15 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 22:26:15 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/13 22:26:15 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/13 22:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/13 22:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2009/07/13 22:20:36 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/13 22:20:36 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 22:20:36 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/07/13 22:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/13 22:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/13 22:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/13 22:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 22:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/13 22:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/13 22:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/08/04 20:45:38 | 00,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009/07/13 22:15:13 | 00,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/07/13 22:15:13 | 00,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< End of report >
OTL Extras LOG
OTL Extras logfile created on: 08/01/2010 09:04:00 p.m. - Run 1
OTL by OldTimer - Version 3.1.21.2 Folder = C:\Users\Fede\Downloads
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00002c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,66 Gb Total Space | 154,39 Gb Free Space | 69,34% Space Free | Partition Type: NTFS
Drive D: | 10,22 Gb Total Space | 1,75 Gb Free Space | 17,15% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FEDENOTEBOOK
Current User Name: Fede
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0A172790-D5B6-26A5-8547-90299D24217B}" = CCC Help Polish
"{0ADFE5AD-8554-EFF6-15D2-617DAD521BCA}" = CCC Help Thai
"{1924F478-7572-FEBD-2F81-58B844867A73}" = CCC Help Finnish
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Herramienta de carga de Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{25F6A201-C40C-4669-936D-473877CFEB4C}" = Galería fotográfica de Windows Live
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 15
"{288F40F3-62DB-869E-B94A-20363CD2E53F}" = CCC Help German
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{35F49926-9C54-F7C8-A3E0-36E3D439E216}" = ccc-utility
"{385F4954-2ECF-75CC-2503-30CD274C6B7C}" = Catalyst Control Center InstallProxy
"{38A0481D-544D-4C01-BB32-39332391D012}" = Windows Live Call
"{3A4E0984-2369-38F3-B2B4-DAF64350E86D}" = CCC Help Dutch
"{42E59E3C-546E-1478-9D69-FA3A5FA5BE03}" = CCC Help Swedish
"{47F3EDF5-C821-49E6-B9B3-D00BF0A9BAB8}" = DigitalPersona Personal 4.11
"{495A8A3C-8FD0-4C46-9979-95C26181A1AB}" = HP Support Assistant
"{4F1E93EA-04F2-8CA2-1DCC-BB2DDBCD04C1}" = CCC Help Chinese Traditional
"{537B409E-768F-B000-7DED-CF11105E83FC}" = ATI Catalyst Install Manager
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{570463EB-8903-21EB-836F-4626ACE3B182}" = CCC Help Norwegian
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{599D8442-C766-0EA8-5916-12620B390B1F}" = CCC Help Italian
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{61FFBE12-E3AD-442A-B261-A086041DB37A}" = Validity WinBio DDK
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69E8D61E-958D-0520-EECF-0E7FCFA2199B}" = CCC Help Chinese Standard
"{6C46C04E-0C61-643F-82E0-E523E6D1B0B1}" = CCC Help Turkish
"{7104E5FC-0C37-81AE-D16E-131DB784A034}" = CCC Help Danish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7593234B-2AEB-4FC9-B02D-C9B30D86084C}" = Windows Live Asistente para el inicio de sesión
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{775646F7-D78C-15FE-D8F5-BEF090ED46AD}" = CCC Help Spanish
"{8175C186-272C-5A77-9732-E6599E9D56AA}" = CCC Help Russian
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{87CF1DC8-D378-432D-D2C0-D97154D07A91}" = CCC Help Czech
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F94D5AC-C1C6-432D-8924-2F5EEBC28446}" = Windows Live Essentials
"{90AB5B56-1B17-FCCD-E7A9-23FB3394E218}" = ccc-core-static
"{90F8D8C3-41A1-A567-82A5-C07FB5687CEF}" = CCC Help Japanese
"{91F34319-08DE-457a-99C0-0BCDFAC145B9}" = CuteFTP 8 Professional
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{953D4586-9A16-495E-BA1F-EE5AA66604DB}" = Windows Live Sync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Touch Pad Driver
"{A92550A5-E547-CCEE-BF18-0650BBA6ED9C}" = CCC Help Korean
"{AC76BA86-7AD7-1034-7B44-A92000000001}" = Adobe Reader 9.2 - Español
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BBA2D424-04D8-DF59-9EC0-5D62D938A640}" = Catalyst Control Center Graphics Previews Vista
"{BBF5B57A-3A78-4A46-855C-766EB333F989}" = DigitalPersona Enrollment 1.0.0
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE8F5661-E593-B6BF-5A29-18AD890E476F}" = CCC Help Hungarian
"{DB5EE5C0-DB00-4F22-8C40-C35AD3B5B981}" = Windows Live Movie Maker
"{DB661E7C-9CA1-A0C9-5D49-9062C646B6C4}" = Catalyst Control Center Graphics Light
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E6BB8835-0E9F-A0F1-F397-79755C30B9D6}" = Catalyst Control Center Localization All
"{EC831877-9222-CC80-7658-0FACF3DB2FA5}" = Catalyst Control Center Graphics Full New
"{ECC69DCE-F419-FE45-78E1-B852DDFFB51D}" = CCC Help Greek
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED627D6A-BC6C-A984-AC79-8AD7C375D493}" = CCC Help English
"{EED28E7B-0C97-40F7-9BAF-43E02979910D}" = ESET Smart Security
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F264C55C-B48B-544C-5F01-E2DA9A24438C}" = Catalyst Control Center Graphics Previews Common
"{F2FFEEAA-0B48-4342-9B67-12ABB0B58F24}" = Windows Live Messenger
"{F65AD023-74BD-C648-A0E3-FA6B18249932}" = CCC Help Portuguese
"{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}" = Validity Sensors software
"{F830A576-A236-1EB6-3926-5905E9C839F0}" = Catalyst Control Center Graphics Full Existing
"{FD5E7DF2-BD3B-F1FF-743B-7C82D6F805A1}" = CCC Help French
"{FFDB79F5-F4FC-14D0-728C-8A9B539C9967}" = Catalyst Control Center Core Implementation
"5B73F775A90397BAF80173B8A6C0B327BE3872FB" = ENE CIR Receiver Driver
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_7" = AIM 7
"AVerMedia TV Tuner Card" = AVerMedia TV Tuner Card 1.0.0.4
"CCleaner" = CCleaner
"ERUNT_is1" = ERUNT 1.1j
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"JDownloader" = JDownloader
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.09
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"mIRC" = mIRC
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Postbox (1.1.0)" = Postbox (1.1.0)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"uTorrent" = µTorrent
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f3d94d7734a0b690" = Desktop Client
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 07/01/2010 01:18:19 p.m. | Computer Name = FedeNotebook | Source = VSS | ID = 8193
Description =
Error - 07/01/2010 01:18:20 p.m. | Computer Name = FedeNotebook | Source = VSS | ID = 8193
Description =
Error - 07/01/2010 03:54:02 p.m. | Computer Name = FedeNotebook | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: iexplore.exe, versión: 8.0.7600.16385,
marca de tiempo: 0x4a5bc69e Nombre del módulo con errores: oscan82.ocx, versión:
2.0.0.1, marca de tiempo: 0x4a02e886 Código de excepción: 0xc0000005 Desplazamiento
de errores: 0x0000ea20 Id. del proceso con errores: 0xf00 Hora de inicio de la aplicación
con errores: 0x01ca8fd2dcca2db5 Ruta de acceso de la aplicación con errores: C:\Program
Files\Internet Explorer\iexplore.exe Ruta de acceso del módulo con errores: C:\Windows\DOWNLO~1\oscan82.ocx
Id.
del informe: 66ce7fff-fbc6-11de-872b-00247e43c5fa
Error - 07/01/2010 09:32:31 p.m. | Computer Name = FedeNotebook | Source = VSS | ID = 8193
Description =
Error - 08/01/2010 12:37:06 a.m. | Computer Name = FedeNotebook | Source = LogMeIn Guardian | ID = 131172
Description =
Error - 08/01/2010 02:15:15 a.m. | Computer Name = FedeNotebook | Source = LogMeIn Guardian | ID = 131172
Description =
Error - 08/01/2010 04:02:30 p.m. | Computer Name = FedeNotebook | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: iexplore.exe, versión: 8.0.7600.16385,
marca de tiempo: 0x4a5bc69e Nombre del módulo con errores: ntdll.dll, versión: 6.1.7600.16385,
marca de tiempo: 0x4a5bdadb Código de excepción: 0xc0000374 Desplazamiento de errores:
0x000c283b Id. del proceso con errores: 0x12fc Hora de inicio de la aplicación con
errores: 0x01ca909d6c2e69ea Ruta de acceso de la aplicación con errores: C:\Program
Files\Internet Explorer\iexplore.exe Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id.
del informe: bfc0315c-fc90-11de-9483-00247e43c5fa
Error - 08/01/2010 04:05:21 p.m. | Computer Name = FedeNotebook | Source = VSS | ID = 8193
Description =
Error - 08/01/2010 06:58:07 p.m. | Computer Name = FedeNotebook | Source = LogMeIn Guardian | ID = 131172
Description =
Error - 08/01/2010 07:10:16 p.m. | Computer Name = FedeNotebook | Source = VSS | ID = 8193
Description =
[ System Events ]
Error - 07/01/2010 02:30:06 a.m. | Computer Name = FedeNotebook | Source = NetBT | ID = 4321
Description = No se pudo registrar el nombre "WORKGROUP :1d" en la interfaz
con dirección IP 192.168.0.199. El equipo la con dirección IP 192.168.0.103 no admite
el nombre reclamado por este equipo.
Error - 07/01/2010 02:35:18 a.m. | Computer Name = FedeNotebook | Source = NetBT | ID = 4321
Description = No se pudo registrar el nombre "WORKGROUP :1d" en la interfaz
con dirección IP 192.168.0.199. El equipo la con dirección IP 192.168.0.103 no admite
el nombre reclamado por este equipo.
Error - 07/01/2010 02:35:19 a.m. | Computer Name = FedeNotebook | Source = BROWSER | ID = 8009
Description =
Error - 07/01/2010 05:03:11 a.m. | Computer Name = FedeNotebook | Source = Service Control Manager | ID = 7030
Description = El servicio Lavasoft Ad-Aware Service ha sido marcado como servicio
interactivo. Sin embargo, el sistema está configurado para no permitir servicios
interactivos. Este servicio puede tener un funcionamiento incorrecto.
Error - 07/01/2010 01:03:45 p.m. | Computer Name = FedeNotebook | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 08/01/2010 01:45:06 p.m. | Computer Name = FedeNotebook | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 08/01/2010 01:45:21 p.m. | Computer Name = FedeNotebook | Source = Service Control Manager | ID = 7023
Description = El servicio Publicación de recurso de detección de función se cerró
con el siguiente error: %%-2147014847
Error - 08/01/2010 07:27:16 p.m. | Computer Name = FedeNotebook | Source = Service Control Manager | ID = 7034
Description = El servicio AMD External Events Utility se terminó de manera inesperada.
Esto ha sucedido 1 veces.
Error - 08/01/2010 07:31:51 p.m. | Computer Name = FedeNotebook | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 08/01/2010 07:32:03 p.m. | Computer Name = FedeNotebook | Source = Service Control Manager | ID = 7023
Description = El servicio Publicación de recurso de detección de función se cerró
con el siguiente error: %%-2147014847
< End of report >
I really need help with this. Help would be really appreciated.
Regards,
Federico.-
PD: I've attached the logs in case the thread is too long and someone would like to check it from there.