Heavily infected? - Geeks to Go Forums

Jump to content

Log in Register Register Malware removal guide How it works

Heavily infected? PC freezes, Automatic update problems, Malware does not respond etc.

#1 mrcisplatin

  • Group: Member
  • Posts: 9
  • Joined: 07-November 10

Posted 07 November 2010 - 05:15 AM

My problem started when the microphone on my headset ceased to work and despite my best efforts and the people at Skype this could not be resolved. Then Automatic updates notifies me to update the last lot of updates that has been installed as soon as they have finished installing. I found a help page on the net and followed all the instructions but this is still ocurring. I then run my Antivirus (Commodo free edition) but this ceases to respond after a period. My PC freezes frequently and I have to reboot it to get it going again. It will then run for a while but freezes again.
I am not completely PC illiterate but would appreciate simple instructions using layman's terms where possible.
I look forward to hearing from you.
Thanks
Phil

OTL logfile created on: 07/11/2010 11:50:41 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\usuario\Escritorio
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

511,00 Mb Total Physical Memory | 127,00 Mb Available Physical Memory | 25,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 54,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 232,88 Gb Total Space | 76,90 Gb Free Space | 33,02% Space Free | Partition Type: NTFS
Drive F: | 977,23 Mb Total Space | 877,30 Mb Free Space | 89,77% Space Free | Partition Type: FAT

Computer Name: USUARIO-8477FFE | User Name: usuario | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/07 11:50:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\usuario\Escritorio\OTL.exe
PRC - [2010/11/01 15:48:28 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Archivos de programa\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/01 15:48:19 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Archivos de programa\Mozilla Firefox\firefox.exe
PRC - [2010/10/03 22:43:16 | 001,266,920 | ---- | M] (Trusteer Ltd.) -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportService.exe
PRC - [2010/10/03 22:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2010/09/29 08:28:11 | 002,500,552 | ---- | M] (COMODO) -- C:\Archivos de programa\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010/09/29 08:28:06 | 001,901,056 | ---- | M] (COMODO) -- C:\Archivos de programa\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe
PRC - [2010/04/08 13:19:40 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
PRC - [2010/03/30 18:37:50 | 000,020,480 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
PRC - [2010/02/05 00:13:50 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Archivos de programa\OpenOffice.org 3\program\soffice.exe
PRC - [2010/02/05 00:13:50 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Archivos de programa\OpenOffice.org 3\program\soffice.bin
PRC - [2010/01/08 01:36:58 | 000,974,848 | ---- | M] (Spigot, Inc.) -- C:\Archivos de programa\Search Settings\SearchSettings.exe
PRC - [2010/01/08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Archivos de programa\Application Updater\ApplicationUpdater.exe
PRC - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/04/30 10:23:26 | 000,090,112 | ---- | M] () -- C:\Archivos de programa\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2008/04/14 03:18:57 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/22 10:13:32 | 001,201,448 | ---- | M] (Nero AG) -- C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2008/01/22 10:13:26 | 000,275,752 | ---- | M] (Nero AG) -- C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe
PRC - [2008/01/22 10:13:20 | 000,152,872 | ---- | M] (Nero AG) -- C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe
PRC - [2007/11/28 10:27:24 | 001,647,912 | ---- | M] (Nero AG) -- C:\Archivos de programa\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
PRC - [2006/08/02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/07/19 16:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005/06/08 14:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 13:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Logitech\Video\FxSvr2.exe
PRC - [2003/09/11 00:32:48 | 000,290,816 | ---- | M] (Hewlett-Packard Company) -- C:\Archivos de programa\Hewlett-Packard\hp deskjet 9600 series\Toolbox\HPWITBX.exe
PRC - [2002/12/02 15:17:37 | 000,073,728 | ---- | M] (Elaborate Bytes AG) -- C:\Archivos de programa\Elaborate Bytes\CloneCD\CloneCDTray.exe


========== Modules (SafeList) ==========

MOD - [2010/11/07 11:50:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\usuario\Escritorio\OTL.exe
MOD - [2010/10/03 22:43:42 | 000,431,336 | ---- | M] (Trusteer Ltd.) -- C:\Archivos de programa\Trusteer\Rapport\bin\rooksbas.dll
MOD - [2010/09/29 08:28:53 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2010/08/23 17:12:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/03/30 18:37:50 | 000,024,576 | ---- | M] (BackWeb) -- C:\Documents and Settings\usuario\Configuración local\Temp\IadHide4.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Archivos de programa\Archivos comunes\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - File not found [On_Demand | Stopped] -- C:\Archivos de programa\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/10/03 22:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/09/29 08:28:06 | 001,901,056 | ---- | M] (COMODO) [Auto | Running] -- C:\Archivos de programa\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/03/26 15:34:08 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Archivos de programa\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/04/30 10:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008/01/22 10:13:26 | 000,275,752 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\usuario\CONFIG~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2010/10/03 22:54:04 | 000,034,792 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Datos de programa\Trusteer\Rapport\store\exts\RapportCerberus\19917\RapportCerberus_19917.sys -- (RapportCerberus_19917)
DRV - [2010/10/03 22:43:44 | 000,169,320 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/10/03 22:43:44 | 000,059,240 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2010/09/29 08:28:52 | 000,091,560 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010/09/29 08:28:51 | 000,239,240 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/09/29 08:28:51 | 000,025,240 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010/09/29 08:28:51 | 000,015,592 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2010/04/13 13:02:03 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/03/26 20:07:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2008/07/08 13:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\97290953.sys -- (is-B9AF5drv)
DRV - [2008/05/16 10:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 10:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 10:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 10:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 10:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 10:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 10:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006/11/22 08:01:00 | 000,250,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006/10/22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/08/18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/01/31 11:20:04 | 000,211,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005/01/31 11:12:48 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2002/11/29 12:38:16 | 000,016,320 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2002/11/28 15:18:04 | 000,015,360 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2002/11/28 11:43:49 | 000,022,016 | ---- | M] (Elaborate Bytes AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys -- (ElbyVCD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home
IE - HKCU\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Archivos de programa\myBabylon_English\tbmyB1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Archivos de programa\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=616163"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..keyword.URL: "http://es.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=616163&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2010/11/03 20:02:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2010/11/01 15:48:45 | 000,000,000 | ---D | M]

[2010/03/24 09:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\Mozilla\Extensions
[2010/11/06 17:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\stdt3u3k.default\extensions
[2010/05/22 09:16:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\stdt3u3k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/10 20:37:22 | 000,002,687 | ---- | M] () -- C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\stdt3u3k.default\searchplugins\opensubtitles.xml
[2010/11/06 17:21:57 | 000,000,000 | ---D | M] -- C:\Archivos de programa\Mozilla Firefox\extensions
[2010/11/02 12:21:54 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/10/31 18:56:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Archivos de programa\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}(2)
[2010/04/25 15:51:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/14 11:12:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/17 10:48:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/04/21 15:04:17 | 000,002,191 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\babylon.xml
[2010/11/01 15:48:32 | 000,003,996 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\drae.xml
[2010/11/01 15:48:32 | 000,000,751 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\eBay-es.xml
[2010/11/01 15:48:32 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\wikipedia-es.xml
[2010/11/01 15:48:32 | 000,001,102 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\yahoo-es.xml

O1 HOSTS File: ([2010/04/13 17:10:29 | 000,000,859 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Archivos de programa\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Aplicación auxiliar de vínculos de Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Archivos de programa\myBabylon_English\tbmyB1.dll (Conduit Ltd.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Archivos de programa\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Archivos de programa\myBabylon_English\tbmyB1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Archivos de programa\myBabylon_English\tbmyB1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CloneCDElbyCDFL] C:\Archivos de programa\Elaborate Bytes\CloneCD\ElbyCheck.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [CloneCDTray] C:\Archivos de programa\Elaborate Bytes\CloneCD\CloneCDTray.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Archivos de programa\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [HPWITOOLBOX] C:\Archivos de programa\Hewlett-Packard\hp deskjet 9600 series\Toolbox\HPWITBX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Archivos de programa\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Archivos de programa\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Archivos de programa\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Archivos de programa\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (Logitech)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Archivos de programa\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Archivos de programa\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\usuario\Menú Inicio\Programas\Inicio\OpenOffice.org 3.2.lnk = C:\Archivos de programa\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - C:\Archivos de programa\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Archivos de programa\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Archivos de programa\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Archivos de programa\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKCU\..Trusted Domains: download.microsoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: update.microsoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: update.microsoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.microsoft.com ([]http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.60.205.175 213.60.205.173 212.51.32.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\usuario\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\usuario\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7a662c65-67e4-11df-acf9-000fea3f247a}\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = explorer index.html
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Documents and Settings\usuario\Escritorio\[Torrentreactor.to] - Bodyline.torrent
[2010/11/07 11:49:35 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\usuario\Escritorio\OTL.exe
[2010/11/07 11:05:10 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010/11/07 10:16:53 | 000,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\97290953.sys
[2010/11/07 10:16:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Escritorio\Kaspersky Lab Tool
[2010/11/06 17:53:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/06 17:53:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/06 17:53:26 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
[2010/11/04 08:21:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Escritorio\Nueva carpeta
[2010/11/03 17:21:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Datos de programa\TeamViewer
[2010/11/03 17:21:10 | 000,000,000 | ---D | C] -- C:\Archivos de programa\TeamViewer
[2010/11/03 12:45:10 | 000,000,000 | ---D | C] -- C:\436f45d5523b54443a9db89c
[2010/11/03 11:53:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/11/03 08:33:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sdold
[2010/11/02 17:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Datos de programa\Malwarebytes
[2010/11/02 17:20:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
[2010/11/02 17:19:05 | 000,000,000 | ---D | C] -- C:\Archivos de programa\RogueRemover FREE
[2010/11/02 12:23:50 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Skype
[2010/11/02 12:23:48 | 000,000,000 | R--D | C] -- C:\Archivos de programa\Skype
[2010/11/02 08:36:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Mis documentos\Simply Super Software
[2010/11/02 08:35:54 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll
[2010/11/02 08:35:51 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Trojan Remover
[2010/11/02 08:35:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Datos de programa\Simply Super Software
[2010/11/01 13:22:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Simply Super Software
[2010/10/31 23:14:47 | 000,000,000 | ---D | C] -- C:\ef64b5320572ba499078ee90365b79a6
[2010/10/31 22:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Mis documentos\DriverGenius
[2010/10/31 22:38:22 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Driver-Soft
[2010/10/31 22:14:40 | 000,000,000 | ---D | C] -- C:\Archivos de programa\PC Drivers HeadQuarters
[2010/10/31 22:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\PC Drivers HeadQuarters
[2010/10/31 21:53:37 | 001,039,128 | ---- | C] (PC Drivers HeadQuarters ) -- C:\Documents and Settings\usuario\Escritorio\DriverInstaller_DT.exe
[2010/10/31 20:12:14 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Realtek AC97
[2010/10/31 20:09:25 | 018,734,784 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\usuario\Escritorio\WDM_A406.exe
[2010/10/29 10:50:32 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Skype(2)
[2010/10/29 10:50:30 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/10/27 14:13:02 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Adobe Media Player
[2010/10/27 14:08:23 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Adobe AIR
[2010/10/19 11:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Datos de programa\Trusteer
[2010/10/19 11:07:39 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Trusteer
[2010/10/19 11:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Trusteer
[2010/10/17 10:48:18 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/10/17 10:48:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/10/17 10:48:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/10/14 21:13:31 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/14 21:13:31 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/10/14 21:13:05 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/10/11 15:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Escritorio\Maica
[2010/10/10 10:30:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Google
[2010/10/09 22:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Google
[2010/10/09 22:25:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Configuración local\Datos de programa\Temp
[2010/10/09 22:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Google
[2010/10/09 22:24:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Configuración local\Datos de programa\Google
[2010/10/09 22:23:53 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Google
[2010/07/16 19:05:13 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\usuario\Datos de programa\pcouffin.sys
[2010/05/25 17:23:09 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Datos de programa\hpe183.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[310 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\usuario\Escritorio\[Torrentreactor.to] - Bodyline.torrent
[2010/11/07 11:55:00 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010/11/07 11:50:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\usuario\Escritorio\OTL.exe
[2010/11/07 11:25:36 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/07 11:25:19 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-73586283-527237240-725345543-1003.job
[2010/11/07 11:25:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/07 11:25:03 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/07 11:24:12 | 001,292,320 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/11/07 10:17:40 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/11/07 10:16:26 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/11/07 10:16:25 | 000,094,720 | ---- | M] () -- C:\Documents and Settings\usuario\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/06 23:19:11 | 000,560,318 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
[2010/11/06 23:19:11 | 000,493,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/06 23:19:11 | 000,106,396 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
[2010/11/06 23:19:11 | 000,083,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/06 17:53:31 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes' Anti-Malware.lnk
[2010/11/06 10:41:29 | 000,898,297 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Difference between 1yr and 40yrs of Marriage.wmv
[2010/11/06 10:31:53 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/05 16:57:28 | 000,002,307 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Skype.lnk
[2010/11/05 12:22:00 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/05 10:36:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-73586283-527237240-725345543-1003.job
[2010/11/04 20:00:12 | 000,002,464 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Nero StartSmart.lnk
[2010/11/04 20:00:12 | 000,002,368 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Nero Home.lnk
[2010/11/03 16:51:48 | 001,697,026 | ---- | M] () -- C:\WINDOWS\System32\sound.wav
[2010/11/03 11:47:13 | 003,150,336 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\MarinePhotos.pps
[2010/11/02 17:37:33 | 002,668,334 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Rapide.wmv
[2010/11/02 08:35:58 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Trojan Remover .lnk
[2010/10/31 21:53:57 | 001,039,128 | ---- | M] (PC Drivers HeadQuarters ) -- C:\Documents and Settings\usuario\Escritorio\DriverInstaller_DT.exe
[2010/10/31 21:35:19 | 000,000,169 | ---- | M] () -- C:\WINDOWS\RtlRack.ini
[2010/10/31 20:09:36 | 018,734,784 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\usuario\Escritorio\WDM_A406.exe
[2010/10/29 22:14:29 | 000,001,173 | ---- | M] () -- C:\Documents and Settings\usuario\Datos de programa\vso_ts_preview.xml
[2010/10/29 16:19:56 | 005,324,288 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Philosophy_For_Old_Age.pps
[2010/10/29 11:01:21 | 001,408,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/26 19:01:57 | 000,024,797 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\33713_1656069248303_1434263551_31664467_6390861_n.jpg
[2010/10/25 09:13:41 | 000,117,859 | ---- | M] () -- C:\Documents and Settings\usuario\Mis documentos\Beautifier.zip
[2010/10/25 09:12:46 | 000,044,504 | ---- | M] () -- C:\Documents and Settings\usuario\Mis documentos\ShadowPlayActions_60709.zip
[2010/10/25 09:12:45 | 000,004,441 | ---- | M] () -- C:\Documents and Settings\usuario\Mis documentos\Lucky7Actions_35414.zip
[2010/10/25 09:12:42 | 000,005,000 | ---- | M] () -- C:\Documents and Settings\usuario\Mis documentos\FantasyArtActions_40528.zip
[2010/10/22 16:04:24 | 000,000,075 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010/10/16 16:11:58 | 002,017,579 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 4.jpg
[2010/10/16 16:09:35 | 002,021,213 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 3.jpg
[2010/10/16 16:07:33 | 001,428,672 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 2.jpg
[2010/10/16 16:05:03 | 001,746,017 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 1.jpg
[2010/10/14 22:30:14 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/11 15:53:02 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2010/10/09 22:50:32 | 000,001,665 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Internet.lnk
[2010/10/08 15:42:35 | 000,589,878 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Dan.bmp
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[310 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/07 10:17:39 | 001,292,320 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/11/07 10:17:39 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/11/06 17:53:31 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes' Anti-Malware.lnk
[2010/11/06 10:41:25 | 000,898,297 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Difference between 1yr and 40yrs of Marriage.wmv
[2010/11/04 20:00:12 | 000,002,464 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Nero StartSmart.lnk
[2010/11/04 20:00:11 | 000,002,368 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Nero Home.lnk
[2010/11/03 16:51:47 | 001,697,026 | ---- | C] () -- C:\WINDOWS\System32\sound.wav
[2010/11/03 11:46:48 | 003,150,336 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\MarinePhotos.pps
[2010/11/02 17:37:23 | 002,668,334 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Rapide.wmv
[2010/11/02 12:23:51 | 000,002,307 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Skype.lnk
[2010/11/02 08:35:58 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Trojan Remover .lnk
[2010/11/02 08:35:54 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/11/02 08:35:54 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/11/02 08:35:54 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/11/02 08:35:54 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/11/01 21:15:47 | 000,726,925 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\P6221345.JPG
[2010/11/01 12:09:29 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/29 16:19:35 | 005,324,288 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Philosophy_For_Old_Age.pps
[2010/10/26 19:01:52 | 000,024,797 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\33713_1656069248303_1434263551_31664467_6390861_n.jpg
[2010/10/25 09:15:49 | 000,117,859 | ---- | C] () -- C:\Documents and Settings\usuario\Mis documentos\Beautifier.zip
[2010/10/25 09:15:49 | 000,044,504 | ---- | C] () -- C:\Documents and Settings\usuario\Mis documentos\ShadowPlayActions_60709.zip
[2010/10/25 09:15:49 | 000,005,000 | ---- | C] () -- C:\Documents and Settings\usuario\Mis documentos\FantasyArtActions_40528.zip
[2010/10/25 09:15:49 | 000,004,441 | ---- | C] () -- C:\Documents and Settings\usuario\Mis documentos\Lucky7Actions_35414.zip
[2010/10/16 16:11:55 | 002,017,579 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 4.jpg
[2010/10/16 16:09:34 | 002,021,213 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 3.jpg
[2010/10/16 16:07:33 | 001,428,672 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 2.jpg
[2010/10/16 16:05:02 | 001,746,017 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 1.jpg
[2010/10/11 15:35:22 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/10/09 22:50:32 | 000,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Internet.lnk
[2010/08/31 17:24:21 | 000,001,173 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\vso_ts_preview.xml
[2010/08/31 17:21:44 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\inst.exe
[2010/07/16 19:07:53 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2010/07/16 19:06:53 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\pcouffin.log
[2010/07/16 19:05:13 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\ezpinst.exe
[2010/07/16 19:05:13 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\pcouffin.cat
[2010/07/16 19:05:13 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\pcouffin.inf
[2010/06/09 19:05:19 | 000,000,075 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/05/06 16:28:52 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2010/05/06 16:28:52 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2010/05/03 19:57:54 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/05/03 17:14:27 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010/05/01 19:24:11 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/04/13 12:46:20 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/04/13 10:05:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DVDConverter.INI
[2010/04/09 15:05:02 | 000,000,319 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2010/03/27 17:30:47 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/26 22:24:01 | 000,094,720 | ---- | C] () -- C:\Documents and Settings\usuario\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/26 16:51:46 | 000,000,126 | R--- | C] () -- C:\WINDOWS\hpw9600k.ini
[2010/03/26 16:49:02 | 000,014,449 | ---- | C] () -- C:\WINDOWS\hpdj9600.ini
[2010/03/17 12:14:52 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/03/17 10:20:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/03 01:00:00 | 004,555,278 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010/03/03 01:00:00 | 001,449,935 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/03/03 01:00:00 | 000,877,385 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2010/03/03 01:00:00 | 000,556,491 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010/03/03 01:00:00 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/03/03 01:00:00 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/03/03 01:00:00 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/03/03 01:00:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/03/03 01:00:00 | 000,169,984 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/03/03 01:00:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/03/03 01:00:00 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/03/03 01:00:00 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/03/03 01:00:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/03/03 01:00:00 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2010/03/03 01:00:00 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/03/03 01:00:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/11/15 07:27:29 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\avutil.dll
[2009/11/15 07:27:28 | 001,945,088 | ---- | C] () -- C:\WINDOWS\System32\avcodec.dll
[2009/11/15 07:27:28 | 000,219,136 | ---- | C] () -- C:\WINDOWS\System32\avformat.dll
[2009/11/14 19:37:08 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2009/11/14 19:33:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2009/11/14 19:11:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2009/11/14 19:11:42 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2009/11/14 19:11:42 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2009/11/14 19:11:40 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2009/11/14 19:11:40 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2009/11/14 19:11:38 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2009/11/14 19:11:32 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009/11/14 19:11:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009/01/10 23:15:44 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/10/13 10:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2006/10/22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 12:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2003/09/11 01:09:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\hpzrer09.dll
[2003/09/11 01:09:33 | 000,148,112 | ---- | C] () -- C:\WINDOWS\System32\hpz9xd09.drv
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:1EE00E38
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:CB0AACC9

< End of report >

Attached File(s)

  • Attached File  OTL.Txt (92.36K)
    Number of downloads: 53
  • Attached File  Extras.Txt (41.93K)
    Number of downloads: 100

#2 Essexboy

  • Group: GeekU Moderator
  • Posts: 56,122
  • Joined: 31-May 06

Posted 07 November 2010 - 05:27 AM

Hi there, your main problem is not malware but a lack of resources

Quote

511,00 Mb Total Physical Memory | 127,00 Mb Available Physical Memory | 25,00% Memory free
Also you have 27 programmes running at start - I have 2

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Quote

    :OTL
    O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Archivos de programa\Search Settings\SearchSettings.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O4 - HKLM..\Run: [SearchSettings] C:\Archivos de programa\Search Settings\SearchSettings.exe (Spigot, Inc.)

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS]
    [Reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


THEN

To try and ease the startup try this

Download Startup Control Panel here - select the exe standalone version
Install and you will find a startup icon in the control panel - run this
  • In the HKLM tab, you may disable (be careful --> "disable") all the entries except your security software
  • In the HKCU tab, you may disable all entries.
  • In the StartUp tab, you may disable all entries.

Note : if you notice that some programs no longer run, you can enable them again by running Startup Control Panel, selecting the entry and choosing Run Now.
If you are in doubt with something, don't hesitate to ask :D

FINALLY

Download and run Puran Disc Defragmenter
For the initial run use the boot defrag and disc check option


Once you have completed all this let me know if it is still freezing

#3 mrcisplatin

  • Group: Member
  • Posts: 9
  • Joined: 07-November 10

Posted 07 November 2010 - 09:55 AM

Seems to be alright at the moment and certainly booted up a lot quicker. I enclose the 2nd log and I'll keep you posted. Many thanks

Phil

OTL logfile created on: 07/11/2010 13:37:16 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\usuario\Escritorio
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

511,00 Mb Total Physical Memory | 128,00 Mb Available Physical Memory | 25,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 50,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 232,88 Gb Total Space | 87,75 Gb Free Space | 37,68% Space Free | Partition Type: NTFS
Drive F: | 977,23 Mb Total Space | 877,30 Mb Free Space | 89,77% Space Free | Partition Type: FAT

Computer Name: USUARIO-8477FFE | User Name: usuario | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\usuario\Escritorio\OTL.exe (OldTimer Tools)
PRC - C:\Archivos de programa\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Archivos de programa\Trusteer\Rapport\bin\RapportService.exe (Trusteer Ltd.)
PRC - C:\Archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Archivos de programa\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Archivos de programa\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (Logitech)
PRC - C:\Archivos de programa\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Archivos de programa\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Archivos de programa\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Archivos de programa\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Archivos de programa\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Archivos de programa\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
PRC - C:\Archivos de programa\Logitech\Video\LogiTray.exe (Logitech Inc.)
PRC - C:\Archivos de programa\Logitech\Video\FxSvr2.exe (Logitech Inc.)
PRC - C:\Archivos de programa\Hewlett-Packard\hp deskjet 9600 series\Toolbox\HPWITBX.exe (Hewlett-Packard Company)
PRC - C:\Archivos de programa\Elaborate Bytes\CloneCD\CloneCDTray.exe (Elaborate Bytes AG)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\usuario\Escritorio\OTL.exe (OldTimer Tools)
MOD - C:\Archivos de programa\Trusteer\Rapport\bin\rooksbas.dll (Trusteer Ltd.)
MOD - C:\WINDOWS\system32\guard32.dll (COMODO)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Documents and Settings\usuario\Configuración local\Temp\IadHide4.dll (BackWeb)


========== Win32 Services (SafeList) ==========

SRV - (Nero BackItUp Scheduler 4.0) -- C:\Archivos de programa\Archivos comunes\Nero\Nero BackItUp 4\NBService.exe File not found
SRV - (HssTrayService) -- C:\Archivos de programa\Hotspot Shield\bin\HssTrayService.EXE File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (RapportMgmtService) -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (cmdAgent) -- C:\Archivos de programa\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (FLEXnet Licensing Service) -- C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Application Updater) -- C:\Archivos de programa\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (StarWindServiceAE) -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (OMSI download service) -- C:\Archivos de programa\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (NMIndexingService) -- C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe (Nero AG)


========== Driver Services (SafeList) ==========

DRV - (cpuz132) -- C:\DOCUME~1\usuario\CONFIG~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (RapportCerberus_19917) -- C:\Documents and Settings\All Users\Datos de programa\Trusteer\Rapport\store\exts\RapportCerberus\19917\RapportCerberus_19917.sys (Trusteer Ltd.)
DRV - (RapportPG) -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\WINDOWS\System32\Drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\system32\drivers\cmdGuard.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO)
DRV - (cmderd) -- C:\WINDOWS\system32\drivers\cmderd.sys (COMODO)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (taphss) -- C:\WINDOWS\system32\drivers\taphss.sys (AnchorFree Inc)
DRV - (is-B9AF5drv) -- C:\WINDOWS\system32\drivers\97290953.sys (Kaspersky Lab)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (PID_0928) Logitech QuickCam Express(PID_0928) -- C:\WINDOWS\system32\drivers\LV561AV.SYS (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyCDFL) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys (Elaborate Bytes AG)
DRV - (ElbyVCD) -- C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys (Elaborate Bytes AG)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home
IE - HKCU\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Archivos de programa\myBabylon_English\tbmyB1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Archivos de programa\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=616163"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..keyword.URL: "http://es.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=616163&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2010/11/03 20:02:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2010/11/01 15:48:45 | 000,000,000 | ---D | M]

[2010/03/24 09:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\Mozilla\Extensions
[2010/11/06 17:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\stdt3u3k.default\extensions
[2010/05/22 09:16:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\stdt3u3k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/10 20:37:22 | 000,002,687 | ---- | M] () -- C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\stdt3u3k.default\searchplugins\opensubtitles.xml
[2010/11/06 17:21:57 | 000,000,000 | ---D | M] -- C:\Archivos de programa\Mozilla Firefox\extensions
[2010/11/02 12:21:54 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/10/31 18:56:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Archivos de programa\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}(2)
[2010/04/25 15:51:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/14 11:12:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/17 10:48:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/04/21 15:04:17 | 000,002,191 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\babylon.xml
[2010/11/01 15:48:32 | 000,003,996 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\drae.xml
[2010/11/01 15:48:32 | 000,000,751 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\eBay-es.xml
[2010/11/01 15:48:32 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\wikipedia-es.xml
[2010/11/01 15:48:32 | 000,001,102 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\yahoo-es.xml

O1 HOSTS File: ([2010/11/07 13:08:08 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Archivos de programa\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Aplicación auxiliar de vínculos de Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Archivos de programa\myBabylon_English\tbmyB1.dll (Conduit Ltd.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Archivos de programa\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Archivos de programa\myBabylon_English\tbmyB1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Archivos de programa\myBabylon_English\tbmyB1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CloneCDElbyCDFL] C:\Archivos de programa\Elaborate Bytes\CloneCD\ElbyCheck.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [CloneCDTray] C:\Archivos de programa\Elaborate Bytes\CloneCD\CloneCDTray.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Archivos de programa\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [HPWITOOLBOX] C:\Archivos de programa\Hewlett-Packard\hp deskjet 9600 series\Toolbox\HPWITBX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Archivos de programa\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Archivos de programa\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Archivos de programa\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Archivos de programa\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (Logitech)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Archivos de programa\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Archivos de programa\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\usuario\Menú Inicio\Programas\Inicio\OpenOffice.org 3.2.lnk = C:\Archivos de programa\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - C:\Archivos de programa\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Archivos de programa\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Archivos de programa\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Archivos de programa\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKCU\..Trusted Domains: download.microsoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: update.microsoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: update.microsoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.microsoft.com ([]http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.60.205.175 213.60.205.173 212.51.32.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\usuario\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\usuario\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7a662c65-67e4-11df-acf9-000fea3f247a}\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = explorer index.html
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Documents and Settings\usuario\Escritorio\[Torrentreactor.to] - Bodyline.torrent
[2010/11/07 13:45:30 | 000,212,992 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefrag.dll
[2010/11/07 13:45:29 | 000,229,376 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefragS.exe
[2010/11/07 13:45:29 | 000,221,184 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDC.exe
[2010/11/07 13:45:29 | 000,107,008 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefragBT.exe
[2010/11/07 13:45:28 | 001,110,016 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranFD.exe
[2010/11/07 13:45:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Puran Defrag
[2010/11/07 13:44:09 | 002,512,043 | ---- | C] (Puran Software ) -- C:\Documents and Settings\usuario\Escritorio\PuranDefragFreeSetup.exe
[2010/11/07 13:07:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/07 11:49:35 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\usuario\Escritorio\OTL.exe
[2010/11/07 11:05:10 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010/11/07 10:16:53 | 000,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\97290953.sys
[2010/11/07 10:16:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Escritorio\Kaspersky Lab Tool
[2010/11/06 17:53:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/06 17:53:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/06 17:53:26 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
[2010/11/04 08:21:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Escritorio\Nueva carpeta
[2010/11/03 17:21:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Datos de programa\TeamViewer
[2010/11/03 17:21:10 | 000,000,000 | ---D | C] -- C:\Archivos de programa\TeamViewer
[2010/11/03 12:45:10 | 000,000,000 | ---D | C] -- C:\436f45d5523b54443a9db89c
[2010/11/03 11:53:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/11/03 08:33:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sdold
[2010/11/02 17:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Datos de programa\Malwarebytes
[2010/11/02 17:20:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
[2010/11/02 17:19:05 | 000,000,000 | ---D | C] -- C:\Archivos de programa\RogueRemover FREE
[2010/11/02 12:23:50 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Skype
[2010/11/02 12:23:48 | 000,000,000 | R--D | C] -- C:\Archivos de programa\Skype
[2010/11/02 08:36:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Mis documentos\Simply Super Software
[2010/11/02 08:35:51 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Trojan Remover
[2010/11/02 08:35:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Datos de programa\Simply Super Software
[2010/11/01 13:22:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Simply Super Software
[2010/10/31 23:14:47 | 000,000,000 | ---D | C] -- C:\ef64b5320572ba499078ee90365b79a6
[2010/10/31 22:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Mis documentos\DriverGenius
[2010/10/31 22:38:22 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Driver-Soft
[2010/10/31 22:14:40 | 000,000,000 | ---D | C] -- C:\Archivos de programa\PC Drivers HeadQuarters
[2010/10/31 22:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\PC Drivers HeadQuarters
[2010/10/31 21:53:37 | 001,039,128 | ---- | C] (PC Drivers HeadQuarters ) -- C:\Documents and Settings\usuario\Escritorio\DriverInstaller_DT.exe
[2010/10/31 20:12:14 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Realtek AC97
[2010/10/29 10:50:32 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Skype(2)
[2010/10/29 10:50:30 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/10/27 14:13:02 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Adobe Media Player
[2010/10/27 14:08:23 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Adobe AIR
[2010/10/19 11:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Datos de programa\Trusteer
[2010/10/19 11:07:39 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Trusteer
[2010/10/19 11:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Trusteer
[2010/10/11 15:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Escritorio\Maica
[2010/10/10 10:30:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Google
[2010/10/09 22:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Google
[2010/10/09 22:25:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Configuración local\Datos de programa\Temp
[2010/10/09 22:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Google
[2010/10/09 22:24:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario\Configuración local\Datos de programa\Google
[2010/10/09 22:23:53 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Google
[2010/07/16 19:05:13 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\usuario\Datos de programa\pcouffin.sys
[2010/05/25 17:23:09 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Datos de programa\hpe183.dll
[6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\usuario\Escritorio\[Torrentreactor.to] - Bodyline.torrent
[2010/11/07 13:51:06 | 002,762,784 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/11/07 13:48:01 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010/11/07 13:45:33 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Puran Defrag.lnk
[2010/11/07 13:44:10 | 002,512,043 | ---- | M] (Puran Software ) -- C:\Documents and Settings\usuario\Escritorio\PuranDefragFreeSetup.exe
[2010/11/07 13:38:32 | 000,034,237 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\StartupCPL_EXE.zip
[2010/11/07 13:29:32 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/07 13:28:18 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-73586283-527237240-725345543-1003.job
[2010/11/07 13:28:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/07 13:28:01 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/07 13:27:22 | 000,026,084 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/11/07 13:08:08 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/11/07 11:50:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\usuario\Escritorio\OTL.exe
[2010/11/07 10:16:26 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/11/07 10:16:25 | 000,094,720 | ---- | M] () -- C:\Documents and Settings\usuario\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/06 23:19:11 | 000,560,318 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
[2010/11/06 23:19:11 | 000,493,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/06 23:19:11 | 000,106,396 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
[2010/11/06 23:19:11 | 000,083,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/06 17:53:31 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes' Anti-Malware.lnk
[2010/11/06 10:41:29 | 000,898,297 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Difference between 1yr and 40yrs of Marriage.wmv
[2010/11/06 10:31:53 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/05 16:57:28 | 000,002,307 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Skype.lnk
[2010/11/05 12:22:00 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/05 10:36:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-73586283-527237240-725345543-1003.job
[2010/11/04 20:00:12 | 000,002,464 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Nero StartSmart.lnk
[2010/11/04 20:00:12 | 000,002,368 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Nero Home.lnk
[2010/11/03 16:51:48 | 001,697,026 | ---- | M] () -- C:\WINDOWS\System32\sound.wav
[2010/11/03 11:47:13 | 003,150,336 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\MarinePhotos.pps
[2010/11/02 17:37:33 | 002,668,334 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Rapide.wmv
[2010/11/02 08:35:58 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Trojan Remover .lnk
[2010/10/31 21:53:57 | 001,039,128 | ---- | M] (PC Drivers HeadQuarters ) -- C:\Documents and Settings\usuario\Escritorio\DriverInstaller_DT.exe
[2010/10/31 21:35:19 | 000,000,169 | ---- | M] () -- C:\WINDOWS\RtlRack.ini
[2010/10/29 22:14:29 | 000,001,173 | ---- | M] () -- C:\Documents and Settings\usuario\Datos de programa\vso_ts_preview.xml
[2010/10/29 16:19:56 | 005,324,288 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Philosophy_For_Old_Age.pps
[2010/10/29 11:01:21 | 001,408,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/26 19:01:57 | 000,024,797 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\33713_1656069248303_1434263551_31664467_6390861_n.jpg
[2010/10/25 09:13:41 | 000,117,859 | ---- | M] () -- C:\Documents and Settings\usuario\Mis documentos\Beautifier.zip
[2010/10/25 09:12:46 | 000,044,504 | ---- | M] () -- C:\Documents and Settings\usuario\Mis documentos\ShadowPlayActions_60709.zip
[2010/10/25 09:12:45 | 000,004,441 | ---- | M] () -- C:\Documents and Settings\usuario\Mis documentos\Lucky7Actions_35414.zip
[2010/10/25 09:12:42 | 000,005,000 | ---- | M] () -- C:\Documents and Settings\usuario\Mis documentos\FantasyArtActions_40528.zip
[2010/10/22 16:04:24 | 000,000,075 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010/10/16 16:11:58 | 002,017,579 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 4.jpg
[2010/10/16 16:09:35 | 002,021,213 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 3.jpg
[2010/10/16 16:07:33 | 001,428,672 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 2.jpg
[2010/10/16 16:05:03 | 001,746,017 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 1.jpg
[2010/10/14 22:30:14 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/11 15:53:02 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2010/10/09 22:50:32 | 000,001,665 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Internet.lnk
[2010/10/08 15:42:35 | 000,589,878 | ---- | M] () -- C:\Documents and Settings\usuario\Escritorio\Dan.bmp

========== Files Created - No Company Name ==========

[2010/11/07 13:45:33 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Puran Defrag.lnk
[2010/11/07 13:40:32 | 000,077,824 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Startup.exe
[2010/11/07 13:38:17 | 000,034,237 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\StartupCPL_EXE.zip
[2010/11/07 10:17:39 | 002,658,336 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/11/07 10:17:39 | 000,026,084 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/11/06 17:53:31 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes' Anti-Malware.lnk
[2010/11/06 10:41:25 | 000,898,297 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Difference between 1yr and 40yrs of Marriage.wmv
[2010/11/04 20:00:12 | 000,002,464 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Nero StartSmart.lnk
[2010/11/04 20:00:11 | 000,002,368 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Nero Home.lnk
[2010/11/03 16:51:47 | 001,697,026 | ---- | C] () -- C:\WINDOWS\System32\sound.wav
[2010/11/03 11:46:48 | 003,150,336 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\MarinePhotos.pps
[2010/11/02 17:37:23 | 002,668,334 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Rapide.wmv
[2010/11/02 12:23:51 | 000,002,307 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Skype.lnk
[2010/11/02 08:35:58 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Trojan Remover .lnk
[2010/11/02 08:35:54 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/11/02 08:35:54 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/11/02 08:35:54 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/11/02 08:35:54 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/11/01 21:15:47 | 000,726,925 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\P6221345.JPG
[2010/11/01 12:09:29 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/29 16:19:35 | 005,324,288 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Philosophy_For_Old_Age.pps
[2010/10/26 19:01:52 | 000,024,797 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\33713_1656069248303_1434263551_31664467_6390861_n.jpg
[2010/10/25 09:15:49 | 000,117,859 | ---- | C] () -- C:\Documents and Settings\usuario\Mis documentos\Beautifier.zip
[2010/10/25 09:15:49 | 000,044,504 | ---- | C] () -- C:\Documents and Settings\usuario\Mis documentos\ShadowPlayActions_60709.zip
[2010/10/25 09:15:49 | 000,005,000 | ---- | C] () -- C:\Documents and Settings\usuario\Mis documentos\FantasyArtActions_40528.zip
[2010/10/25 09:15:49 | 000,004,441 | ---- | C] () -- C:\Documents and Settings\usuario\Mis documentos\Lucky7Actions_35414.zip
[2010/10/16 16:11:55 | 002,017,579 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 4.jpg
[2010/10/16 16:09:34 | 002,021,213 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 3.jpg
[2010/10/16 16:07:33 | 001,428,672 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 2.jpg
[2010/10/16 16:05:02 | 001,746,017 | ---- | C] () -- C:\Documents and Settings\usuario\Escritorio\Photo Dan 1.jpg
[2010/10/11 15:35:22 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/10/09 22:50:32 | 000,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Internet.lnk
[2010/08/31 17:24:21 | 000,001,173 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\vso_ts_preview.xml
[2010/08/31 17:21:44 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\inst.exe
[2010/07/16 19:07:53 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2010/07/16 19:06:53 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\pcouffin.log
[2010/07/16 19:05:13 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\ezpinst.exe
[2010/07/16 19:05:13 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\pcouffin.cat
[2010/07/16 19:05:13 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\usuario\Datos de programa\pcouffin.inf
[2010/06/09 19:05:19 | 000,000,075 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/05/06 16:28:52 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2010/05/06 16:28:52 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2010/05/03 19:57:54 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/05/03 17:14:27 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010/05/01 19:24:11 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/04/13 12:46:20 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/04/13 10:05:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DVDConverter.INI
[2010/04/09 15:05:02 | 000,000,319 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2010/03/27 17:30:47 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/26 22:24:01 | 000,094,720 | ---- | C] () -- C:\Documents and Settings\usuario\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/26 16:51:46 | 000,000,126 | R--- | C] () -- C:\WINDOWS\hpw9600k.ini
[2010/03/26 16:49:02 | 000,014,449 | ---- | C] () -- C:\WINDOWS\hpdj9600.ini
[2010/03/17 12:14:52 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/03/17 10:20:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/03 01:00:00 | 004,555,278 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010/03/03 01:00:00 | 001,449,935 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/03/03 01:00:00 | 000,877,385 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2010/03/03 01:00:00 | 000,556,491 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010/03/03 01:00:00 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/03/03 01:00:00 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/03/03 01:00:00 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/03/03 01:00:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/03/03 01:00:00 | 000,169,984 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/03/03 01:00:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/03/03 01:00:00 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/03/03 01:00:00 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/03/03 01:00:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/03/03 01:00:00 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2010/03/03 01:00:00 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/03/03 01:00:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/11/15 07:27:29 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\avutil.dll
[2009/11/15 07:27:28 | 001,945,088 | ---- | C] () -- C:\WINDOWS\System32\avcodec.dll
[2009/11/15 07:27:28 | 000,219,136 | ---- | C] () -- C:\WINDOWS\System32\avformat.dll
[2009/11/14 19:37:08 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2009/11/14 19:33:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2009/11/14 19:11:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2009/11/14 19:11:42 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2009/11/14 19:11:42 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2009/11/14 19:11:40 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2009/11/14 19:11:40 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2009/11/14 19:11:38 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2009/11/14 19:11:32 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009/11/14 19:11:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009/01/10 23:15:44 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/10/13 10:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2006/10/22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 12:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2003/09/11 01:09:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\hpzrer09.dll
[2003/09/11 01:09:33 | 000,148,112 | ---- | C] () -- C:\WINDOWS\System32\hpz9xd09.drv
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2010/04/26 21:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ACD Systems
[2010/05/25 17:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\BVRP Software
[2010/10/01 16:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\DVDXStudio
[2010/10/31 22:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PC Drivers HeadQuarters
[2010/11/01 13:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Simply Super Software
[2010/11/07 11:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
[2010/10/19 11:06:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Trusteer
[2010/08/31 18:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\vsosdk
[2010/03/26 16:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\.BitTornado
[2010/04/26 21:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\ACD Systems
[2010/03/26 16:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\BitTorrent
[2010/05/01 14:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\FotoWire
[2010/09/18 16:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\GetRightToGo
[2010/07/13 15:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\GrabPro
[2010/06/09 18:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\NCH Swift Sound
[2010/03/24 16:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\OpenOffice.org
[2010/11/05 13:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\Orbit
[2010/03/26 22:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\Search Settings
[2010/11/02 08:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\Simply Super Software
[2010/05/01 14:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\Soft-R Research
[2010/06/15 15:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\StreamTorrent
[2010/11/03 17:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\TeamViewer
[2010/10/19 11:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\Trusteer
[2010/10/29 22:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario\Datos de programa\Vso
[2010/07/26 18:23:05 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\debutShakeIcon.job
[2010/07/26 18:23:14 | 000,000,302 | ---- | M] () -- C:\WINDOWS\Tasks\flashlynxShakeIcon.job
[2010/07/28 20:09:04 | 000,000,306 | ---- | M] () -- C:\WINDOWS\Tasks\photostageShakeIcon.job
[2010/07/26 18:23:15 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:1EE00E38
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:CB0AACC9

< End of report >

Attached File(s)


#4 Essexboy

  • Group: GeekU Moderator
  • Posts: 56,122
  • Joined: 31-May 06

Posted 07 November 2010 - 10:52 AM

It may also be worth disabling these from starting as they are all non-essential

Quote

O4 - HKLM..\Run: [Adobe ARM] C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CloneCDElbyCDFL] C:\Archivos de programa\Elaborate Bytes\CloneCD\ElbyCheck.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [CloneCDTray] C:\Archivos de programa\Elaborate Bytes\CloneCD\CloneCDTray.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [HPWITOOLBOX] C:\Archivos de programa\Hewlett-Packard\hp deskjet 9600 series\Toolbox\HPWITBX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Archivos de programa\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Archivos de programa\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Archivos de programa\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (Logitech)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Archivos de programa\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Archivos de programa\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\usuario\Menú Inicio\Programas\Inicio\OpenOffice.org 3.2.lnk = C:\Archivos de programa\OpenOffice.org 3\program\quickstart.exe ()

#5 mrcisplatin

  • Group: Member
  • Posts: 9
  • Joined: 07-November 10

Posted 07 November 2010 - 12:16 PM

Thanks for all your help.

Phil

#6 Essexboy

  • Group: GeekU Moderator
  • Posts: 56,122
  • Joined: 31-May 06

Posted 07 November 2010 - 03:06 PM

How is it running now - is the improvement good enough ?

An additional option would be to purchase some more RAM

To find out how much your system can take, the type and cost run the system scanner from Crucial this will give you the details you need. On the site is also a step by step guide on how to fit it

#7 mrcisplatin

  • Group: Member
  • Posts: 9
  • Joined: 07-November 10

Posted 08 November 2010 - 05:49 AM

It's running fine at the moment and your advice seems to have sorted the problem thanks.
I still, however, cannot use the mic on my PC and I am still receiving an alert to upload the same Automatic updates time after time. I have tried the remedy posted elsewhere on the web to no avail and I wonder did you have any tips or suggestions.
Thanks for your help again.


Phil

#8 Essexboy

  • Group: GeekU Moderator
  • Posts: 56,122
  • Joined: 31-May 06

Posted 08 November 2010 - 08:59 AM

Microphone first : Have you uninstalled and then re-installed the software and drivers for this ?

What are the updates that are failing to install - there should be a KB number

#9 mrcisplatin

  • Group: Member
  • Posts: 9
  • Joined: 07-November 10

Posted 08 November 2010 - 12:01 PM

My Spanish mate has just been round and he works for a computer repair company. He reckons that it is a virus and he has taken my machine to give it a proper scan. I'll let you know the result when he gets back. Thanks again.

Phil

#10 Essexboy

  • Group: GeekU Moderator
  • Posts: 56,122
  • Joined: 31-May 06

Posted 08 November 2010 - 12:34 PM

I can see no indications of a virus remaining, but who knows :D

It might be worth re-installing the microphone and if the update is for dot net updates, unless you use dot net, then they can be set to hidden

#11 mrcisplatin

  • Group: Member
  • Posts: 9
  • Joined: 07-November 10

Posted 12 November 2010 - 01:30 PM

Just got PC back from Spanish mate quote "Working perfectly" but not. Exactly the same.
Where would I find the microphone drivers?

Thanks again

Phil

#12 Essexboy

  • Group: GeekU Moderator
  • Posts: 56,122
  • Joined: 31-May 06

Posted 12 November 2010 - 02:33 PM

Could you give me the details on your microphone i.e. Make/model

#13 mrcisplatin

  • Group: Member
  • Posts: 9
  • Joined: 07-November 10

Posted 13 November 2010 - 06:29 AM

I use a Logitech mic on my headset but the PC mic is in the monitor which is a Vision Magic L-171.
Sound manager is Realtek AC97Attached Image: PB130978.JPG
The more I think about it I think that the problem is in the monitor.
When I am running a scan for example when I come back to the PC after half an hour or so the monitor will not respond and I have to reboot the PC again. Hence the scan never finishes. I enclose a pic of the specifics of the monitor. Hope that this helps.

Thanks again

Phil

#14 Essexboy

  • Group: GeekU Moderator
  • Posts: 56,122
  • Joined: 31-May 06

Posted 13 November 2010 - 06:38 AM

OK I found someoen who had the same problem and they managed to resolve it .. Could you try the following please
...how I resloved this issue was doing the following:

Quote

I went to the control panel > sounds and audio > audio and voice tabs > and set all devices to logitech and hit apply. I also ensured that my device was set to headphones and not desktop speakers. Additionally, I ensured that the microphone was not muted on my Logitech Headset and via Windows. After verifying and completeing these steps, I did the following in Ventrilo:

output device: Default wave mapper (direct sound unchecked)
input device: Logitech USB Headset (direct sound checked)
mixer set to none
Line Volume: Max (far right)
Outbound: 0
Inbound: 10
Codex: Speex 16hz, 16 bit, 5qlty

#15 mrcisplatin

  • Group: Member
  • Posts: 9
  • Joined: 07-November 10

Posted 13 November 2010 - 06:43 AM

Can't do that don't have the option to change to Logitech the predetermined device is Realtek?

Thaanks

Phil

Share this topic:


  • 2 Pages +
  • 1
  • 2