Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problems with firefox(opening new windows by itself)


  • This topic is locked This topic is locked

#1
Diaz Cesar

Diaz Cesar

    New Member

  • Member
  • Pip
  • 0 posts
HI

I'm from Argentina,and i have a problem when i open firefox.

It open a new windows by itself and has a lot of adress

hxxp://www.xn--&-8ga.com/
hxxp://www.xn--pda.com/
file:///C:/Program%20Files/Mozilla%20Firefox/
file:///C:/Program%20Files/Mozilla%20Firefox/T%E2%80%98%C3%91%C3%A5%C2%AD%C2%


I know a lot of will this happening but I do not want to risk making a ready-made solution,that's why I send my log OTL to analyze it and help me


OTL logfile created on: 06/08/2011 12:46:23 p.m. - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Descargas
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 50,85% Memory free
3,85 Gb Paging File | 2,76 Gb Available in Paging File | 71,64% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS.0 | %ProgramFiles% = C:\Archivos de programa
Drive C: | 312,51 Gb Total Space | 73,53 Gb Free Space | 23,53% Space Free | Partition Type: NTFS
Drive D: | 153,25 Gb Total Space | 58,61 Gb Free Space | 38,25% Space Free | Partition Type: NTFS
Drive G: | 7,30 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: COLOSSUS | User Name: Cesar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/06 10:38:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Descargas\OTL.exe
PRC - [2011/07/27 11:45:04 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Archivos de programa\Mozilla Firefox\firefox.exe
PRC - [2011/03/15 09:55:06 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG9\avgtray.exe
PRC - [2011/02/26 18:30:55 | 003,220,912 | ---- | M] (Tonec Inc.) -- C:\Archivos de programa\Internet Download Manager\IDMan.exe
PRC - [2011/02/21 19:18:52 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS.0\system32\bgsvcgen.exe
PRC - [2011/02/10 15:51:06 | 000,292,472 | ---- | M] (Speedbit Ltd.) -- C:\Archivos de programa\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2011/02/10 15:51:06 | 000,157,304 | ---- | M] (Speedbit Ltd.) -- C:\Archivos de programa\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
PRC - [2011/01/25 16:35:22 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG9\avgnsx.exe
PRC - [2011/01/25 16:35:15 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG9\avgcsrvx.exe
PRC - [2011/01/22 14:35:15 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG9\avgrsx.exe
PRC - [2011/01/22 14:35:06 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG9\avgwdsvc.exe
PRC - [2011/01/22 14:34:55 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/01/22 14:34:55 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/22 14:34:48 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG9\avgemc.exe
PRC - [2011/01/22 14:34:43 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG9\avgchsvx.exe
PRC - [2011/01/22 14:34:37 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG9\avgam.exe
PRC - [2010/05/08 08:48:36 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS.0\Datos de programa\DataCardService\DCService.exe
PRC - [2009/10/15 04:51:52 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Archivos de programa\Internet Download Manager\IEMonitor.exe
PRC - [2009/05/27 13:06:26 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
PRC - [2008/01/15 16:03:46 | 000,978,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\explorer.exe
PRC - [2005/03/09 20:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\WINDOWS.0\system32\libusbd-nt.exe


========== Modules (SafeList) ==========

MOD - [2011/08/06 10:38:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Descargas\OTL.exe
MOD - [2009/03/26 10:35:40 | 000,034,224 | ---- | M] (Tonec Inc.) -- C:\Archivos de programa\Internet Download Manager\idmmkb.dll
MOD - [2006/08/25 07:46:28 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS.0\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/02/21 19:18:52 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINDOWS.0\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2011/02/10 15:51:06 | 000,292,472 | ---- | M] (Speedbit Ltd.) [Auto | Running] -- C:\Archivos de programa\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2011/01/22 14:35:06 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Archivos de programa\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2011/01/22 14:34:55 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Archivos de programa\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/01/22 14:34:48 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Archivos de programa\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/12/08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/05/08 08:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users.WINDOWS.0\Datos de programa\DataCardService\DCService.exe -- (DCService.exe)
SRV - [2009/10/16 10:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Disabled | Stopped] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2005/03/09 20:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Running] -- C:\WINDOWS.0\system32\libusbd-nt.exe -- (libusbd)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2011/08/05 17:45:02 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS.0\system32\drivers\parldr2k.sys -- (PARLDR2K)
DRV - [2011/05/06 13:07:07 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2011/02/21 18:47:22 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS.0\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2011/02/21 17:49:09 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS.0\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/02/10 15:51:06 | 000,035,584 | ---- | M] (SpeedBit Ltd.) [Kernel | Auto | Running] -- C:\Archivos de programa\SpeedBit Video Accelerator\sbbotdi.sys -- (sbbotdi)
DRV - [2011/01/22 14:35:15 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS.0\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/01/22 14:34:59 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Archivos de programa\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx)
DRV - [2011/01/22 14:34:59 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Archivos de programa\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx)
DRV - [2011/01/22 14:34:59 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS.0\System32\Drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2011/01/22 14:34:58 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Archivos de programa\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx)
DRV - [2011/01/22 14:34:47 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2011/01/21 07:17:57 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS.0\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/07/06 23:27:52 | 005,069,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/05/15 08:11:40 | 002,136,224 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010/04/09 15:24:18 | 000,069,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2010/04/09 15:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010/03/20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2009/07/28 05:55:00 | 000,143,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/02/09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/02/09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/02/09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/02/09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/11/03 11:21:02 | 000,068,096 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Archivos de programa\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2007/08/24 19:45:22 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2005/07/07 05:14:30 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\P17.sys -- (P17)
DRV - [2005/03/09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\libusb0.sys -- (libusb0)
DRV - [2005/01/10 07:15:30 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 07:15:24 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/08/12 23:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/05/05 22:46:16 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS.0\System32\drivers\PQNTDRV.sys -- (PQNTDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylo...s=1&affID=18025

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2186473
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Value error. File not found
IE - HKCU\..\URLSearchHook: {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Archivos de programa\Movier-media\tbMovi.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.facebook....ome.php?ref=hp"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.8.7
FF - prefs.js..extensions.enabledItems: [email protected]:6.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..keyword.URL: "http://search.babylo...affID=18025&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS.0\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Archivos de programa\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Archivos de programa\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Archivos de programa\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Archivos de programa\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Archivos de programa\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Cesar.COLOSSUS\Configuración local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Archivos de programa\AVG\AVG9\Firefox [2011/01/25 17:21:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Archivos de programa\Real\RealPlayer\browserrecord [2011/01/24 13:21:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2011/07/27 11:45:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2011/03/22 14:12:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\IDM\idmmzcc3 [2011/02/01 12:16:06 | 000,000,000 | ---D | M]

[2011/01/20 21:17:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Mozilla\Extensions
[2011/08/06 11:41:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Mozilla\Firefox\Profiles\ahhwqu00.default\extensions
[2011/08/06 11:41:56 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Mozilla\Firefox\Profiles\ahhwqu00.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/01/28 17:33:36 | 000,002,396 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Mozilla\Firefox\Profiles\ahhwqu00.default\searchplugins\askcom.xml
[2011/01/22 12:03:02 | 000,002,065 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Mozilla\Firefox\Profiles\ahhwqu00.default\searchplugins\bsqueda-de-vdeos-en-youtube.xml
[2011/02/02 22:01:46 | 000,001,087 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Mozilla\Firefox\Profiles\ahhwqu00.default\searchplugins\bumerancom.xml
[2011/01/28 13:21:26 | 000,005,345 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Mozilla\Firefox\Profiles\ahhwqu00.default\searchplugins\busqueda-de-musica-en-goearcom.xml
[2011/07/08 19:21:35 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Mozilla\Firefox\Profiles\ahhwqu00.default\searchplugins\facebook.xml
[2011/01/31 23:23:18 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Mozilla\Firefox\Profiles\ahhwqu00.default\searchplugins\firefox-add-ons.xml
[2011/01/31 08:44:11 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Mozilla\Firefox\Profiles\ahhwqu00.default\searchplugins\taringa.xml
[2011/07/08 21:24:38 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2011/02/16 11:00:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011/02/16 11:00:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\ARCHIVOS DE PROGRAMA\JAVA\JRE6\LIB\DEPLOY\JQS\FF
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CESAR.COLOSSUS\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\AHHWQU00.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CESAR.COLOSSUS\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\AHHWQU00.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CESAR.COLOSSUS\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\AHHWQU00.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CESAR.COLOSSUS\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\AHHWQU00.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CESAR.COLOSSUS\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\AHHWQU00.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2011/07/27 11:45:05 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Archivos de programa\mozilla firefox\components\browsercomps.dll
[2011/02/16 11:00:17 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\mozilla firefox\plugins\npdeployJava1.dll
[2009/03/24 11:10:44 | 000,114,688 | ---- | M] (Zylom) -- C:\Archivos de programa\mozilla firefox\plugins\npzylomgamesplayer.dll
[2011/03/16 21:27:47 | 000,002,428 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\babylon.xml
[2011/07/27 11:45:02 | 000,004,080 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\drae.xml
[2011/07/27 11:45:02 | 000,002,470 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\mercadolibre-ar.xml
[2011/07/27 11:45:02 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\wikipedia-es.xml
[2011/07/27 11:45:02 | 000,000,838 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\yahoo-ar.xml

O1 HOSTS File: ([2011/05/17 13:09:31 | 000,001,354 | ---- | M]) - C:\WINDOWS.0\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Archivos de programa\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Archivos de programa\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Aplicación auxiliar de vínculos de Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Archivos de programa\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Archivos de programa\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Archivos de programa\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Archivos de programa\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Megaupload Toolbar) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\Archivos de programa\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Archivos de programa\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Movier-media Toolbar) - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Archivos de programa\Movier-media\tbMovi.dll (Conduit Ltd.)
O2 - BHO: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Archivos de programa\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\Archivos de programa\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Archivos de programa\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (Movier-media Toolbar) - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Archivos de programa\Movier-media\tbMovi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [AVG9_TRAY] C:\Archivos de programa\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [TkBellExe] C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Archivos de programa\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Descargar con IDM - C:\Archivos de programa\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Descargar con IDM el contenido de video FLV - C:\Archivos de programa\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Archivos de programa\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Archivos de programa\Megaupload\Mega Manager\mm_file.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Archivos de programa\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Archivos de programa\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Archivos de programa\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS.0\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS.0\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS.0\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Cesar.COLOSSUS\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cesar.COLOSSUS\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/28 09:29:22 | 000,000,109 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/20 12:42:25 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007/11/06 12:41:52 | 000,000,047 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{54d91b7f-515d-11e0-94ee-485b39953b7f}\Shell - "" = AutoRun
O33 - MountPoints2\{54d91b7f-515d-11e0-94ee-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{54d91b81-515d-11e0-94ee-485b39953b7f}\Shell - "" = AutoRun
O33 - MountPoints2\{54d91b81-515d-11e0-94ee-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{54d91b82-515d-11e0-94ee-485b39953b7f}\Shell - "" = AutoRun
O33 - MountPoints2\{54d91b82-515d-11e0-94ee-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{54d91b83-515d-11e0-94ee-485b39953b7f}\Shell - "" = AutoRun
O33 - MountPoints2\{54d91b83-515d-11e0-94ee-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{54d91b84-515d-11e0-94ee-485b39953b7f}\Shell - "" = AutoRun
O33 - MountPoints2\{54d91b84-515d-11e0-94ee-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{5e1b2097-7b48-11e0-981b-485b39953b7f}\Shell - "" = AutoRun
O33 - MountPoints2\{5e1b2097-7b48-11e0-981b-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{66befa32-2547-11e0-975e-485b39953b7f}\Shell - "" = AutoRun
O33 - MountPoints2\{66befa32-2547-11e0-975e-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/06 11:42:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\QuickScan
[2011/08/06 11:17:18 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Trend Micro
[2011/08/06 11:17:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Menú Inicio\Programas\HiJackThis
[2011/08/05 17:45:02 | 000,010,454 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS.0\System32\drivers\parldr2k.sys
[2011/08/05 17:44:49 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Nokia
[2011/08/05 17:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Menú Inicio\Programas\Phoenix
[2011/08/05 17:27:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\RM-495 v7.97 RED Editada by ShitNazi
[2011/08/04 11:11:49 | 000,007,808 | ---- | C] (Nokia) -- C:\WINDOWS.0\System32\drivers\usbser_lowerfltj.sys
[2011/08/04 11:11:49 | 000,007,808 | ---- | C] (Nokia) -- C:\WINDOWS.0\System32\drivers\usbser_lowerflt.sys
[2011/08/04 11:11:48 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS.0\System32\wdfcoinstaller01007.dll
[2011/08/04 11:11:48 | 000,022,016 | ---- | C] (Nokia) -- C:\WINDOWS.0\System32\drivers\ccdcmbo.sys
[2011/08/04 11:11:48 | 000,017,664 | ---- | C] (Nokia) -- C:\WINDOWS.0\System32\drivers\ccdcmb.sys
[2011/07/27 11:51:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Menú Inicio\Programas\UltraISO
[2011/07/27 11:51:25 | 000,000,000 | ---D | C] -- C:\Archivos de programa\UltraISO
[2011/07/27 11:51:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\My ISO Files
[2011/07/27 11:51:25 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\EZB Systems
[2011/07/27 11:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Alcohol 120%
[2011/07/24 18:30:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Menú Inicio\Programas\LibUSB-Win32
[2011/07/24 18:30:46 | 000,046,592 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\WINDOWS.0\System32\libusb0.dll
[2011/07/24 18:30:46 | 000,019,456 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\WINDOWS.0\System32\libusbd-9x.exe
[2011/07/24 18:30:46 | 000,018,944 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\WINDOWS.0\System32\libusbd-nt.exe
[2011/07/19 22:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Menú Inicio\Programas\Macromedia
[2011/07/19 22:48:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Datos de programa\Macromedia
[2011/07/19 13:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Menú Inicio\Programas\Drive Rescue
[2011/07/19 13:06:16 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Drive Rescue
[2011/07/19 13:05:44 | 000,000,000 | ---D | C] -- C:\DriveRescue19d
[2011/07/19 12:50:37 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\NtmsData
[2011/07/19 12:21:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Menú Inicio\Programas\Mobile Partner
[2011/07/19 12:21:01 | 000,101,120 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS.0\System32\drivers\ewusbmdm.sys
[2011/07/19 12:21:01 | 000,024,448 | R--- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS.0\System32\drivers\ewdcsc.sys
[2011/07/18 23:56:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Fireworks
[2011/07/17 12:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Menú Inicio\Programas\ReadManiac
[2011/07/17 12:14:33 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ReadManiac
[2011/07/17 12:11:10 | 004,169,701 | ---- | C] (Roman Lut ) -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\ReadManiacSetup.exe
[2011/07/16 14:30:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Web Page Maker V2
[2011/07/16 14:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Menú Inicio\Programas\Web Page Maker
[2011/07/16 14:27:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\Web Page Maker
[2011/07/16 14:27:25 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Web Page Maker
[2011/07/16 14:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Web page maker
[2011/07/14 12:21:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Bios PS2
[2011/07/14 12:13:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\PCSX2
[2011/07/14 12:12:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Configuración local\Datos de programa\PCSX2
[2011/07/14 12:12:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\PCSX2 0.9.7
[2011/01/20 18:29:56 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS.0\System32\Audio3D.dll
[2011/01/20 18:29:56 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS.0\System32\A3d.dll
[4 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]
[4 C:\WINDOWS.0\*.tmp files -> C:\WINDOWS.0\*.tmp -> ]
[1 C:\Documents and Settings\Cesar.COLOSSUS\*.tmp files -> C:\Documents and Settings\Cesar.COLOSSUS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/06 12:01:00 | 000,000,248 | ---- | M] () -- C:\WINDOWS.0\tasks\Scheduled Update for Ask Toolbar.job
[2011/08/06 11:21:23 | 000,002,509 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\HiJackThis.lnk
[2011/08/06 11:16:46 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\HiJackThis.msi
[2011/08/06 10:19:42 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Mis carpetas para compartir.lnk
[2011/08/06 10:08:20 | 083,275,745 | ---- | M] () -- C:\WINDOWS.0\System32\drivers\Avg\incavi.avm
[2011/08/06 10:06:27 | 000,505,148 | ---- | M] () -- C:\WINDOWS.0\System32\perfh00A.dat
[2011/08/06 10:06:27 | 000,441,624 | ---- | M] () -- C:\WINDOWS.0\System32\perfh009.dat
[2011/08/06 10:06:27 | 000,090,672 | ---- | M] () -- C:\WINDOWS.0\System32\perfc00A.dat
[2011/08/06 10:06:27 | 000,071,308 | ---- | M] () -- C:\WINDOWS.0\System32\perfc009.dat
[2011/08/06 10:03:13 | 000,000,406 | ---- | M] () -- C:\WINDOWS.0\tasks\AWC AutoSweep.job
[2011/08/06 10:02:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS.0\bootstat.dat
[2011/08/05 21:04:52 | 000,111,514 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\4169119201_2b6209a993.jpg
[2011/08/05 17:46:05 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS.0\Escritorio\Phoenix.lnk
[2011/08/05 17:45:02 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS.0\System32\drivers\parldr2k.sys
[2011/08/05 17:32:36 | 000,000,000 | -H-- | M] () -- C:\WINDOWS.0\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2011/08/05 17:23:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS.0\System32\wpa.dbl
[2011/08/03 21:10:22 | 000,010,182 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\fondo nuevo fc.html
[2011/08/03 21:10:22 | 000,001,110 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\fondo nuevo fc.swf
[2011/08/03 19:23:44 | 000,037,135 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\Items.xml
[2011/08/01 17:31:05 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\fondo nuevo fc.fla
[2011/08/01 17:10:36 | 000,264,094 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\arsenal nike 2011 suplente.jpg
[2011/08/01 17:07:15 | 000,003,894 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\arsenalfcalternativa.jpg
[2011/08/01 16:46:51 | 015,385,833 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Inzestskandale_Verbotenes_Familienficken_1_Hardcore_sex_video_4e2aa588ba1a4.flv
[2011/07/30 19:49:25 | 000,104,284 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Imagen0332.jpg
[2011/07/30 12:41:27 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2011/07/30 12:41:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2011/07/29 20:26:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2011/07/29 20:26:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2011/07/29 17:27:12 | 000,054,156 | -H-- | M] () -- C:\WINDOWS.0\QTFont.qfn
[2011/07/29 17:25:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2011/07/29 17:25:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2011/07/29 15:10:34 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\webpc.fla
[2011/07/29 09:54:57 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\Post taringa
[2011/07/29 09:28:29 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2011/07/29 09:28:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2011/07/28 22:50:47 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2011/07/28 22:50:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2011/07/28 17:05:49 | 000,000,000 | -H-- | M] () -- C:\WINDOWS.0\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/07/28 16:48:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2011/07/28 16:48:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2011/07/28 08:35:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2011/07/28 08:35:05 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2011/07/27 23:21:18 | 000,098,907 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\uno pagina.wss
[2011/07/27 12:05:41 | 392,036,351 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Gran turismo 4.iso
[2011/07/27 11:51:27 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\UltraISO.lnk
[2011/07/26 22:40:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2011/07/26 22:40:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2011/07/25 13:24:01 | 000,000,298 | ---- | M] () -- C:\WINDOWS.0\tasks\AppleSoftwareUpdate.job
[2011/07/25 11:26:34 | 000,225,933 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Imagen0344.jpg
[2011/07/25 11:23:14 | 000,239,023 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Imagen0322.jpg
[2011/07/25 10:34:29 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2011/07/25 10:34:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2011/07/24 18:37:35 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2011/07/24 18:37:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2011/07/24 17:05:03 | 057,088,898 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\My_wife_really_wants_it_Hardcore_sex_video_4e207058465b8.flv
[2011/07/24 15:25:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2011/07/24 15:25:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2011/07/23 14:18:46 | 000,022,976 | -H-- | M] () -- C:\WINDOWS.0\System32\mlfcache.dat
[2011/07/22 15:38:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2011/07/22 15:38:41 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2011/07/21 00:34:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2011/07/21 00:34:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2011/07/20 13:54:11 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\Macromedia Dreamweaver 8.lnk
[2011/07/20 10:54:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2011/07/20 10:54:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2011/07/20 10:48:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2011/07/20 10:48:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2011/07/20 10:46:51 | 000,144,424 | ---- | M] () -- C:\WINDOWS.0\System32\FNTCACHE.DAT
[2011/07/19 19:58:27 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2011/07/19 19:58:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2011/07/19 12:21:06 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS.0\Escritorio\Mobile Partner.lnk
[2011/07/18 23:57:06 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\Fireworks.exe.lnk
[2011/07/18 13:49:55 | 000,691,162 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\wide-wallpaper-1920x1080-038.jpg
[2011/07/18 13:49:16 | 001,121,743 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Optimus-Prime-and-Bumblebee-Wallpaper-Full-HD-1080p.jpg
[2011/07/17 22:24:01 | 000,000,254 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\index.html
[2011/07/17 19:42:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2011/07/17 19:42:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2011/07/17 12:16:46 | 000,064,922 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\ReadManiac.jar
[2011/07/17 12:16:46 | 000,000,311 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\ReadManiac.jad
[2011/07/17 12:14:08 | 004,169,701 | ---- | M] (Roman Lut ) -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\ReadManiacSetup.exe
[2011/07/16 14:27:31 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\Web Page Maker.lnk
[2011/07/15 18:41:13 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2011/07/15 18:41:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2011/07/15 13:48:38 | 000,032,804 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\vlcsnap-100336.png
[2011/07/15 12:30:41 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Mis imgenes
[2011/07/15 10:07:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2011/07/15 10:07:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2011/07/14 17:26:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2011/07/14 17:26:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2011/07/08 22:33:19 | 000,001,409 | ---- | M] () -- C:\WINDOWS.0\QTFont.for
[2011/07/08 21:24:41 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS.0\Escritorio\Mozilla Firefox.lnk
[4 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]
[4 C:\WINDOWS.0\*.tmp files -> C:\WINDOWS.0\*.tmp -> ]
[1 C:\Documents and Settings\Cesar.COLOSSUS\*.tmp files -> C:\Documents and Settings\Cesar.COLOSSUS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/06 11:17:18 | 000,002,509 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\HiJackThis.lnk
[2011/08/06 11:15:42 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\HiJackThis.msi
[2011/08/05 21:04:52 | 000,111,514 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\4169119201_2b6209a993.jpg
[2011/08/05 17:46:05 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Escritorio\Phoenix.lnk
[2011/08/05 17:32:36 | 000,000,000 | -H-- | C] () -- C:\WINDOWS.0\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2011/08/03 21:09:34 | 000,010,182 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\fondo nuevo fc.html
[2011/08/03 21:09:34 | 000,001,110 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\fondo nuevo fc.swf
[2011/08/01 17:31:05 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\fondo nuevo fc.fla
[2011/08/01 17:10:36 | 000,264,094 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\arsenal nike 2011 suplente.jpg
[2011/08/01 17:07:15 | 000,003,894 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\arsenalfcalternativa.jpg
[2011/08/01 16:37:47 | 015,385,833 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Inzestskandale_Verbotenes_Familienficken_1_Hardcore_sex_video_4e2aa588ba1a4.flv
[2011/07/30 19:48:22 | 000,104,284 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Imagen0332.jpg
[2011/07/30 19:47:48 | 000,239,023 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Imagen0322.jpg
[2011/07/29 22:02:36 | 000,065,536 | R--- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Mario & Yoshi (E) [!].gb
[2011/07/29 15:10:34 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\webpc.fla
[2011/07/29 09:54:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\Post taringa
[2011/07/28 17:05:49 | 000,000,000 | -H-- | C] () -- C:\WINDOWS.0\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/07/27 20:41:56 | 000,098,907 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\uno pagina.wss
[2011/07/27 11:57:50 | 392,036,351 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Gran turismo 4.iso
[2011/07/27 11:51:27 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\UltraISO.lnk
[2011/07/27 10:06:46 | 015,018,867 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\adflcs4esp.pdf
[2011/07/25 11:37:07 | 000,225,933 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Imagen0344.jpg
[2011/07/24 18:30:46 | 000,033,792 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\libusb0.sys
[2011/07/24 16:04:18 | 057,088,898 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\My_wife_really_wants_it_Hardcore_sex_video_4e207058465b8.flv
[2011/07/20 10:55:20 | 000,002,325 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\Macromedia Dreamweaver 8.lnk
[2011/07/19 12:21:06 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Escritorio\Mobile Partner.lnk
[2011/07/18 23:57:06 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\Fireworks.exe.lnk
[2011/07/18 13:46:03 | 000,691,162 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\wide-wallpaper-1920x1080-038.jpg
[2011/07/18 13:42:22 | 001,121,743 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Optimus-Prime-and-Bumblebee-Wallpaper-Full-HD-1080p.jpg
[2011/07/17 21:47:26 | 000,000,254 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\index.html
[2011/07/17 12:16:35 | 000,064,922 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\ReadManiac.jar
[2011/07/17 12:16:35 | 000,000,311 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\ReadManiac.jad
[2011/07/16 23:50:04 | 010,975,178 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Creación Sitios Web - Revista USERS.pdf
[2011/07/16 14:27:31 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\Web Page Maker.lnk
[2011/07/15 13:45:55 | 000,032,804 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Escritorio\vlcsnap-100336.png
[2011/07/15 12:30:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Mis imgenes
[2011/07/12 00:12:49 | 000,247,278 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Imagen0315.jpg
[2011/07/08 22:33:19 | 000,054,156 | -H-- | C] () -- C:\WINDOWS.0\QTFont.qfn
[2011/07/08 22:33:19 | 000,001,409 | ---- | C] () -- C:\WINDOWS.0\QTFont.for
[2011/07/08 21:24:41 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Escritorio\Mozilla Firefox.lnk
[2011/06/20 11:53:48 | 000,000,070 | ---- | C] () -- C:\WINDOWS.0\sbwin.ini
[2011/06/05 14:01:37 | 000,022,328 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\PnkBstrK.sys
[2011/06/05 14:01:36 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\PnkBstrK.sys
[2011/06/05 14:01:22 | 000,103,736 | ---- | C] () -- C:\WINDOWS.0\System32\PnkBstrB.exe
[2011/06/05 14:01:22 | 000,066,872 | ---- | C] () -- C:\WINDOWS.0\System32\PnkBstrA.exe
[2011/06/05 14:01:21 | 000,669,184 | ---- | C] () -- C:\WINDOWS.0\System32\pbsvc.exe
[2011/06/04 15:26:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS.0\ativpsrm.bin
[2011/06/04 15:25:55 | 000,887,724 | ---- | C] () -- C:\WINDOWS.0\System32\ativva6x.dat
[2011/06/04 15:25:55 | 000,294,912 | ---- | C] () -- C:\WINDOWS.0\System32\ATIODE.exe
[2011/06/04 15:25:55 | 000,205,156 | ---- | C] () -- C:\WINDOWS.0\System32\atiicdxx.dat
[2011/06/04 15:25:55 | 000,045,056 | ---- | C] () -- C:\WINDOWS.0\System32\ATIODCLI.exe
[2011/06/04 15:25:55 | 000,000,003 | ---- | C] () -- C:\WINDOWS.0\System32\ativva5x.dat
[2011/05/28 17:49:40 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Configuración local\Datos de programa\fusioncache.dat
[2011/05/05 10:02:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS.0\IFinst27.exe
[2011/04/27 22:38:12 | 000,022,976 | -H-- | C] () -- C:\WINDOWS.0\System32\mlfcache.dat
[2011/04/25 19:53:46 | 000,139,264 | ---- | C] () -- C:\WINDOWS.0\System32\xvidvfw.dll
[2011/04/08 15:36:46 | 000,000,050 | ---- | C] () -- C:\WINDOWS.0\MegaManager.INI
[2011/02/24 19:45:37 | 000,001,086 | ---- | C] () -- C:\WINDOWS.0\ARPR.INI
[2011/02/18 18:28:41 | 000,000,017 | ---- | C] () -- C:\WINDOWS.0\keys.ini
[2011/02/02 21:46:49 | 000,129,024 | ---- | C] () -- C:\WINDOWS.0\System32\AVERM.dll
[2011/02/02 21:46:49 | 000,028,672 | ---- | C] () -- C:\WINDOWS.0\System32\AVEQT.dll
[2011/01/31 18:53:38 | 000,000,091 | -H-- | C] () -- C:\WINDOWS.0\wininf.dat
[2011/01/31 18:53:38 | 000,000,068 | ---- | C] () -- C:\WINDOWS.0\hare.dat
[2011/01/31 18:50:49 | 000,000,073 | ---- | C] () -- C:\WINDOWS.0\anticrash.dat
[2011/01/31 18:50:49 | 000,000,072 | -H-- | C] () -- C:\WINDOWS.0\winshell.dat
[2011/01/27 13:31:39 | 000,000,207 | ---- | C] () -- C:\WINDOWS.0\cdplayer.ini
[2011/01/25 10:49:53 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\Cesar.COLOSSUS\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/23 13:34:06 | 000,177,152 | ---- | C] () -- C:\WINDOWS.0\Res2_uninst.exe
[2011/01/22 14:16:19 | 000,073,220 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPrinterDB.dat
[2011/01/22 14:16:19 | 000,031,053 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPattern131.dat
[2011/01/22 14:16:19 | 000,029,114 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPattern1.dat
[2011/01/22 14:16:19 | 000,027,417 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPattern121.dat
[2011/01/22 14:16:19 | 000,021,021 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPattern3.dat
[2011/01/22 14:16:19 | 000,015,670 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPattern5.dat
[2011/01/22 14:16:19 | 000,013,280 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPattern2.dat
[2011/01/22 14:16:19 | 000,010,673 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPattern4.dat
[2011/01/22 14:16:19 | 000,004,943 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPattern6.dat
[2011/01/22 14:16:19 | 000,001,140 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPresetData_PT.dat
[2011/01/22 14:16:19 | 000,001,140 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPresetData_BP.dat
[2011/01/22 14:16:19 | 000,001,137 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPresetData_ES.dat
[2011/01/22 14:16:19 | 000,001,130 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPresetData_FR.dat
[2011/01/22 14:16:19 | 000,001,130 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPresetData_CF.dat
[2011/01/22 14:16:19 | 000,001,104 | ---- | C] () -- C:\WINDOWS.0\System32\EPPICPresetData_EN.dat
[2011/01/22 14:16:19 | 000,000,097 | ---- | C] () -- C:\WINDOWS.0\System32\PICSDK.ini
[2011/01/22 14:15:44 | 000,000,079 | ---- | C] () -- C:\WINDOWS.0\EPCX5600.ini
[2011/01/21 13:23:59 | 000,005,627 | R--- | C] () -- C:\WINDOWS.0\System32\Ludap17.ini
[2011/01/21 13:23:59 | 000,000,039 | R--- | C] () -- C:\WINDOWS.0\System32\ctzapxx.ini
[2011/01/21 07:11:55 | 000,073,728 | R--- | C] () -- C:\WINDOWS.0\System32\RtNicProp32.dll
[2011/01/21 07:11:19 | 000,000,069 | ---- | C] () -- C:\WINDOWS.0\NeroDigital.ini
[2011/01/21 07:10:49 | 000,000,552 | ---- | C] () -- C:\WINDOWS.0\System32\d3d8caps.dat
[2011/01/21 06:53:57 | 000,049,152 | R--- | C] () -- C:\WINDOWS.0\DAOD.exe
[2011/01/21 06:53:55 | 000,005,810 | R--- | C] () -- C:\WINDOWS.0\System32\drivers\ASACPI.sys
[2011/01/21 06:53:51 | 000,001,769 | ---- | C] () -- C:\WINDOWS.0\Language_trs.ini
[2011/01/21 06:53:47 | 000,033,786 | ---- | C] () -- C:\WINDOWS.0\Ascd_tmp.ini
[2011/01/21 06:53:47 | 000,010,296 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\ASUSHWIO.SYS
[2011/01/21 06:42:27 | 001,559,040 | ---- | C] () -- C:\WINDOWS.0\System32\xvidcore.dll
[2011/01/21 06:42:27 | 000,164,352 | ---- | C] () -- C:\WINDOWS.0\System32\unrar.dll
[2011/01/21 06:39:16 | 000,000,385 | ---- | C] () -- C:\WINDOWS.0\ODBC.INI
[2011/01/21 06:26:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS.0\bootstat.dat
[2011/01/21 06:26:12 | 000,324,608 | ---- | C] () -- C:\WINDOWS.0\System32\wget.exe
[2011/01/21 06:26:12 | 000,319,488 | ---- | C] () -- C:\WINDOWS.0\System32\win-get.exe
[2011/01/21 06:26:12 | 000,313,856 | ---- | C] () -- C:\WINDOWS.0\System32\rar.exe
[2011/01/21 06:26:12 | 000,031,232 | ---- | C] () -- C:\WINDOWS.0\System32\cmdow.exe
[2011/01/21 06:26:12 | 000,026,013 | ---- | C] () -- C:\WINDOWS.0\System32\sleep.exe
[2011/01/21 06:26:12 | 000,012,800 | ---- | C] () -- C:\WINDOWS.0\System32\delage32.exe
[2011/01/21 06:26:12 | 000,005,447 | ---- | C] () -- C:\WINDOWS.0\System32\choice.com
[2011/01/21 06:26:12 | 000,000,209 | ---- | C] () -- C:\WINDOWS.0\System32\oeminfo.ini
[2011/01/21 06:22:57 | 000,021,900 | ---- | C] () -- C:\WINDOWS.0\System32\emptyregdb.dat
[2011/01/21 02:14:43 | 000,004,293 | ---- | C] () -- C:\WINDOWS.0\ODBCINST.INI
[2011/01/21 02:13:11 | 000,144,424 | ---- | C] () -- C:\WINDOWS.0\System32\FNTCACHE.DAT
[2011/01/20 21:17:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS.0\nsreg.dat
[2011/01/20 19:05:59 | 000,064,512 | R--- | C] () -- C:\WINDOWS.0\System32\P17.dll
[2011/01/20 19:05:59 | 000,053,248 | R--- | C] () -- C:\WINDOWS.0\System32\P17CPI.dll
[2009/07/25 09:50:43 | 000,000,236 | -H-- | C] () -- C:\Archivos de programa\Archivos comunes\dx.reg
[2009/07/14 17:15:00 | 000,178,432 | ---- | C] () -- C:\WINDOWS.0\System32\xlive.dll.cat
[2009/06/07 08:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS.0\System32\vbzlib1.dll
[2009/01/31 12:48:31 | 000,280,008 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat
[2008/12/12 18:28:26 | 007,155,864 | ---- | C] () -- C:\Archivos de programa\NGhost10.msi
[2008/12/12 18:28:26 | 000,000,035 | ---- | C] () -- C:\Archivos de programa\SCSSDist.ini
[2008/12/12 18:28:11 | 037,766,164 | ---- | C] () -- C:\Archivos de programa\Data1.cab
[2008/12/01 18:32:32 | 000,362,029 | ---- | C] () -- C:\WINDOWS.0\System32\sqlite3.dll
[2007/12/07 02:51:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS.0\System32\nvwdmcpl.dll
[2007/12/07 02:51:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS.0\System32\nwiz.exe
[2007/12/07 02:51:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS.0\System32\nview.dll
[2007/12/07 02:51:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS.0\System32\nvdspsch.exe
[2007/12/07 02:51:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS.0\System32\nvwimg.dll
[2007/12/07 02:51:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS.0\System32\nvshell.dll
[2007/12/07 02:51:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS.0\System32\nvappbar.exe
[2007/12/07 02:51:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS.0\System32\keystone.exe
[2007/12/07 02:51:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS.0\System32\nvnt4cpl.dll
[2007/08/15 18:52:57 | 000,000,098 | ---- | C] () -- C:\WINDOWS.0\System32\sindrivers.ini
[2004/08/19 14:58:52 | 000,001,788 | ---- | C] () -- C:\WINDOWS.0\System32\Dcache.bin
[2004/08/02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS.0\System32\secupd.dat
[2001/08/24 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS.0\System32\mlang.dat
[2001/08/24 07:00:00 | 000,505,148 | ---- | C] () -- C:\WINDOWS.0\System32\perfh00A.dat
[2001/08/24 07:00:00 | 000,441,624 | ---- | C] () -- C:\WINDOWS.0\System32\perfh009.dat
[2001/08/24 07:00:00 | 000,317,534 | ---- | C] () -- C:\WINDOWS.0\System32\perfi00A.dat
[2001/08/24 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS.0\System32\perfi009.dat
[2001/08/24 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS.0\System32\dssec.dat
[2001/08/24 07:00:00 | 000,090,672 | ---- | C] () -- C:\WINDOWS.0\System32\perfc00A.dat
[2001/08/24 07:00:00 | 000,071,308 | ---- | C] () -- C:\WINDOWS.0\System32\perfc009.dat
[2001/08/24 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS.0\System32\mib.bin
[2001/08/24 07:00:00 | 000,036,284 | ---- | C] () -- C:\WINDOWS.0\System32\perfd00A.dat
[2001/08/24 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS.0\System32\perfd009.dat
[2001/08/24 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS.0\System32\noise.dat
[2001/08/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS.0\System32\oembios.bin
[2001/08/23 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS.0\System32\oembios.dat

========== Files - Unicode (All) ==========
[2011/07/02 21:46:03 | 017,912,341 | ---- | M] ()(C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\?Peter_Capusotto___Juan_Carlos_Pelotudo_toca_la_serenata??.flv) -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Peter_Capusotto___Juan_Carlos_Pelotudo_toca_la_serenata‏.flv
[2011/07/02 21:30:40 | 017,912,341 | ---- | C] ()(C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\?Peter_Capusotto___Juan_Carlos_Pelotudo_toca_la_serenata??.flv) -- C:\Documents and Settings\Cesar.COLOSSUS\Mis documentos\Peter_Capusotto___Juan_Carlos_Pelotudo_toca_la_serenata‏.flv

< End of report >

  • 0

Advertisements


#2
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. :unsure:

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:


  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together :)
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.
____________________________________________________

Can you please post the contents of the Extras.txt log for me to review?


OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
    :Processes
    KILLALLPROCESSES
    :OTL
    IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Value error. File not found
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    [2011/02/16 11:00:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
    O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
    O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
    O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
    O2 - BHO: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - Reg Error: Value error. File not found
    O3 - HKLM\..\Toolbar: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - Reg Error: Value error. File not found
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
    O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
    O33 - MountPoints2\{54d91b7f-515d-11e0-94ee-485b39953b7f}\Shell - "" = AutoRun
    O33 - MountPoints2\{54d91b7f-515d-11e0-94ee-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{54d91b81-515d-11e0-94ee-485b39953b7f}\Shell - "" = AutoRun
    O33 - MountPoints2\{54d91b81-515d-11e0-94ee-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{54d91b82-515d-11e0-94ee-485b39953b7f}\Shell - "" = AutoRun
    O33 - MountPoints2\{54d91b82-515d-11e0-94ee-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{54d91b83-515d-11e0-94ee-485b39953b7f}\Shell - "" = AutoRun
    O33 - MountPoints2\{54d91b83-515d-11e0-94ee-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{54d91b84-515d-11e0-94ee-485b39953b7f}\Shell - "" = AutoRun
    O33 - MountPoints2\{54d91b84-515d-11e0-94ee-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{5e1b2097-7b48-11e0-981b-485b39953b7f}\Shell - "" = AutoRun
    O33 - MountPoints2\{5e1b2097-7b48-11e0-981b-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{66befa32-2547-11e0-975e-485b39953b7f}\Shell - "" = AutoRun
    O33 - MountPoints2\{66befa32-2547-11e0-975e-485b39953b7f}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2007/07/03 17:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
    [4 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]
    [4 C:\WINDOWS.0\*.tmp files -> C:\WINDOWS.0\*.tmp -> ]
    [1 C:\Documents and Settings\Cesar.COLOSSUS\*.tmp files -> C:\Documents and Settings\Cesar.COLOSSUS\*.tmp -> ]
    
    :Reg
    
    :Files
    dir /s /a "C:\Documents and Settings\Cesar.COLOSSUS\Datos de programa\QuickScan" /c
    echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c
    ipconfig /flushdns /c
    :Commands
    [purity]
    [resethosts]
    [CreateRestorePoint]
    [emptytemp]
    [EMPTYFLASH]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



Running ComboFix
Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
  • IMPORTANT - Disable your Anti-Virus and Anti-Spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

    Note: If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If for some reason these applications will not uninstall, try uninstalling with AppRemover by Opswat.
  • Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

  • Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the ComboFix log in your next reply as well as describe how your computer is running now
  • 0

#3
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP