Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unable to remove Rootkits identified by Trendmicro Rootkit Buster

Started by SubCmdanteNeto , Feb 28 2012 11:52 AM

  • Please log in to reply

#1
SubCmdanteNeto
Posted 28 February 2012 - 11:52 AM

SubCmdanteNeto

    New Member

  • Member
  • Pip
  • 2 posts
I'm not sure if I have trojans or not, my Avast antivirus has not found any but I did have and may still have a hacker entering into varios accounts. So I ran the free tools by Trendmicro which found about 50 rootkits that were unable to be removed even after varios restarts and intents. I did a search and found this similar topic on geekstogo; http://www.geekstogo...rojan-problems/ and so followed the instructions by the assisting tech expert. Below I am posting the following log reports in this order: aswMBR log / OTL log / Extras log

Thank you and any help would be greatly appreciated.


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-02-27 14:47:11
-----------------------------
14:47:11.200 OS Version: Windows 6.1.7600
14:47:11.200 Number of processors: 2 586 0x1C02
14:47:11.234 ComputerName: NATHAN UserName: Eli
14:47:13.958 Initialize success
14:47:17.840 AVAST engine defs: 12022700
14:47:27.185 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:47:27.218 Disk 0 Vendor: Hitachi_HTS543225L9A300 FBEOC40C Size: 238475MB BusType: 3
14:47:27.284 Disk 0 MBR read successfully
14:47:27.304 Disk 0 MBR scan
14:47:27.336 Disk 0 Windows 7 default MBR code
14:47:27.377 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:47:27.437 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238373 MB offset 206848
14:47:27.487 Disk 0 scanning sectors +488394752
14:47:27.739 Disk 0 scanning C:\Windows\system32\drivers
14:47:51.465 Service scanning
14:48:28.966 Modules scanning
14:49:38.380 Disk 0 trace - called modules:
14:49:38.478 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys dxgkrnl.sys igdkmd32.sys dxgmms1.sys
14:49:38.964 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85637638]
14:49:39.015 3 CLASSPNP.SYS[88bca59e] -> nt!IofCallDriver -> [0x848a3608]
14:49:39.054 5 ACPI.sys[8869e3b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85160908]
14:49:41.173 AVAST engine scan C:\Windows
14:50:29.136 AVAST engine scan C:\Windows\system32
14:58:19.916 AVAST engine scan C:\Windows\system32\drivers
14:58:53.103 AVAST engine scan C:\Users\Eli
15:19:06.734 AVAST engine scan C:\ProgramData
15:26:45.673 Scan finished successfully
15:36:48.334 Disk 0 MBR has been saved successfully to "C:\Users\Eli\Downloads\MBR.dat"
15:36:48.384 The log file has been saved successfully to "C:\Users\Eli\Downloads\aswMBR.txt"



OTL logfile created on: 27/02/2012 03:54:32 p.m. - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Eli\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.92 Gb Available Physical Memory | 46.20% Memory free
3.98 Gb Paging File | 2.89 Gb Available in Paging File | 72.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.79 Gb Total Space | 101.03 Gb Free Space | 43.40% Space Free | Partition Type: NTFS

Computer Name: NATHAN | User Name: Eli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/27 14:12:17 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Eli\Downloads\OTL.exe
PRC - [2012/02/23 10:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Archivos de programa\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/02/23 10:23:21 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/02/23 10:23:20 | 000,131,288 | ---- | M] (AVAST Software) -- C:\Archivos de programa\Alwil Software\Avast5\afwServ.exe
PRC - [2011/11/01 15:40:04 | 001,053,056 | ---- | M] (Nokia) -- C:\Archivos de programa\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2011/10/27 10:34:30 | 000,718,384 | ---- | M] (Nokia) -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011/10/27 10:33:58 | 000,173,104 | ---- | M] (Nokia) -- C:\Archivos de programa\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2011/10/27 10:33:40 | 000,126,512 | ---- | M] (Nokia) -- C:\Archivos de programa\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2011/10/27 10:33:32 | 000,148,016 | ---- | M] (Nokia) -- C:\Archivos de programa\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011/10/09 12:34:38 | 001,976,176 | ---- | M] (BitTorrent, Inc.) -- C:\Archivos de programa\BitTorrent\BitTorrent.exe
PRC - [2011/02/25 23:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/09 20:14:21 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Archivos de programa\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009/07/13 19:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe
PRC - [2009/07/13 19:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2006/10/27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Common Files\microsoft shared\VS7DEBUG\mdm.exe
PRC - [2006/10/22 23:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Archivos de programa\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2001/12/15 12:10:36 | 000,036,864 | ---- | M] (Zenographics) -- C:\Windows\System32\zstatus.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/01 15:42:14 | 000,392,064 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\ssoengine.dll
MOD - [2011/11/01 15:42:12 | 000,058,240 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\securestorage.dll
MOD - [2011/11/01 15:42:08 | 000,095,104 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\qjson.dll
MOD - [2011/11/01 15:42:06 | 000,272,768 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\phonon4.dll
MOD - [2011/11/01 15:41:38 | 000,165,248 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QxtWeb.dll
MOD - [2011/11/01 15:41:36 | 000,384,896 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QxtCore.dll
MOD - [2011/11/01 15:41:34 | 002,557,312 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2011/11/01 15:41:32 | 000,346,496 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtXml4.dll
MOD - [2011/11/01 15:41:30 | 010,843,520 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2011/11/01 15:41:24 | 000,196,480 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtSql4.dll
MOD - [2011/11/01 15:41:22 | 001,294,208 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtScript4.dll
MOD - [2011/11/01 15:41:20 | 000,682,880 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2011/11/01 15:41:18 | 000,919,936 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2011/11/01 15:41:16 | 000,517,504 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2011/11/01 15:41:14 | 008,172,928 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtGui4.dll
MOD - [2011/11/01 15:41:12 | 002,252,672 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2011/11/01 15:41:10 | 002,288,512 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\QtCore4.dll
MOD - [2011/11/01 15:41:06 | 000,422,272 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2011/11/01 15:40:56 | 000,202,624 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2011/11/01 15:40:54 | 000,034,688 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2011/11/01 15:40:52 | 000,032,640 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2011/11/01 15:40:08 | 000,388,480 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\OviShareLib.dll
MOD - [2011/11/01 15:40:00 | 000,438,144 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\NService.dll
MOD - [2011/11/01 15:39:36 | 001,041,792 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\Maps Service API.dll
MOD - [2011/11/01 15:39:06 | 000,740,736 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2011/11/01 14:57:42 | 000,112,640 | ---- | M] () -- C:\Archivos de programa\Nokia\Nokia Suite\mediaservice\dsengine.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/02/23 10:23:21 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/23 10:23:20 | 000,131,288 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2011/10/27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/11/09 20:14:21 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 19:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 19:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2012/02/23 10:13:00 | 000,112,984 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012/02/23 10:12:28 | 000,610,648 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/02/23 10:12:16 | 000,337,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/02/23 10:12:01 | 000,196,440 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012/02/23 10:11:24 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/02/23 10:10:59 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\Drivers\aswrdr2.sys -- (aswRdr)
DRV - [2012/02/23 10:10:39 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/02/23 10:10:34 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/02/23 10:10:16 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 11:26:19 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2011/08/17 13:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011/08/17 13:03:50 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011/08/17 12:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/08/17 12:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/08/17 12:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/08/17 12:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/13 19:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 19:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 19:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 17:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 17:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 17:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2005/08/30 01:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-533433892-2647781504-143371541-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://prodigy.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-533433892-2647781504-143371541-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-533433892-2647781504-143371541-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://prodigy.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-533433892-2647781504-143371541-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://prodigy.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-533433892-2647781504-143371541-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-MX
IE - HKU\S-1-5-21-533433892-2647781504-143371541-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 64 E2 F7 08 94 83 CC 01 [binary data]
IE - HKU\S-1-5-21-533433892-2647781504-143371541-1000\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
IE - HKU\S-1-5-21-533433892-2647781504-143371541-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-533433892-2647781504-143371541-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@plugin.couponnetwork.com/Coupon Print Activator;version=4.5: C:\Users\Eli\AppData\Roaming\E-centives\NPcolPM460.dll (Invenda)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Eli\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2011/11/30 20:55:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011/11/30 20:55:11 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Eli\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Eli\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Coupon Activator Netscape Plugin v. 4.5.0.0 (Enabled) = C:\Users\Eli\AppData\Roaming\E-centives\NPcolPM460.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: avast! WebRep = C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1407_0\
CHR - Extension: Zynga = C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcgmidjhhnnjikpigolabhacfngibde\2.3.0.15_0\
CHR - Extension: Disconnect = C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\3.1.1_0\
CHR - Extension: Gmail = C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-533433892-2647781504-143371541-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [hp 1000 firmware] C:\Archivos de programa\hp LaserJet 1000\fwdl.exe (Zenographics)
O4 - HKU\S-1-5-21-533433892-2647781504-143371541-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-533433892-2647781504-143371541-1000..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-533433892-2647781504-143371541-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.3.77.6 10.3.1.100 10.3.1.221
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BEA3F59B-BA7B-4959-9832-CB219C64E029}: DhcpNameServer = 10.3.77.6 10.3.1.100 10.3.1.221
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/02/27 08:59:28 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/02/26 09:09:13 | 000,044,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/02/26 09:09:12 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[3 C:\Users\Eli\Desktop\*.tmp files -> C:\Users\Eli\Desktop\*.tmp -> ]
[2 C:\Users\Eli\Documents\*.tmp files -> C:\Users\Eli\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/27 19:49:05 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/27 19:41:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/27 15:49:03 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/27 14:05:00 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/27 14:05:00 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/27 13:57:52 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2012/02/27 13:57:14 | 1602,961,408 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/26 21:55:47 | 000,313,127 | ---- | M] () -- C:\Users\Eli\AppData\Local\census.cache
[2012/02/26 21:55:43 | 000,109,316 | ---- | M] () -- C:\Users\Eli\AppData\Local\ars.cache
[2012/02/26 09:09:12 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/02/23 10:23:26 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/02/23 10:23:21 | 000,201,352 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/02/23 10:13:00 | 000,112,984 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012/02/23 10:12:28 | 000,610,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/02/23 10:12:16 | 000,337,112 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/02/23 10:12:01 | 000,196,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012/02/23 10:11:24 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2012/02/23 10:10:59 | 000,044,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/02/23 10:10:39 | 000,053,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/02/23 10:10:34 | 000,057,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/02/23 10:10:16 | 000,020,696 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/02/21 14:54:02 | 000,694,386 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2012/02/21 14:54:02 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/21 14:54:02 | 000,134,448 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2012/02/21 14:54:02 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[3 C:\Users\Eli\Desktop\*.tmp files -> C:\Users\Eli\Desktop\*.tmp -> ]
[2 C:\Users\Eli\Documents\*.tmp files -> C:\Users\Eli\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/07 15:06:41 | 000,233,525 | ---- | C] () -- C:\Windows\System32\isutil.dll
[2012/01/07 15:06:34 | 000,000,271 | ---- | C] () -- C:\Windows\apptune.ini
[2011/10/03 18:07:50 | 000,313,127 | ---- | C] () -- C:\Users\Eli\AppData\Local\census.cache
[2011/10/03 18:06:32 | 000,109,316 | ---- | C] () -- C:\Users\Eli\AppData\Local\ars.cache
[2011/10/03 17:51:44 | 000,000,036 | ---- | C] () -- C:\Users\Eli\AppData\Local\housecall.guid.cache
[2010/12/10 18:22:49 | 000,031,910 | ---- | C] () -- C:\Windows\MSUMLT0G.INI
[2010/12/09 11:19:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2010/12/09 11:19:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth2.dll
[2010/12/09 11:19:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth1.dll
[2010/12/09 11:19:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nsprs.dll
[2010/12/09 11:19:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2010/12/09 11:19:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2010/12/09 11:15:26 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2010/12/09 11:15:26 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010/11/09 20:24:55 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2010/11/09 18:31:40 | 000,012,854 | ---- | C] () -- C:\Windows\System32\lpgun.ini

========== LOP Check ==========

[2011/11/21 22:53:48 | 000,000,000 | ---D | M] -- C:\Users\Eli\AppData\Roaming\AnvSoft
[2012/02/27 19:51:26 | 000,000,000 | ---D | M] -- C:\Users\Eli\AppData\Roaming\BitTorrent
[2011/12/12 20:19:46 | 000,000,000 | ---D | M] -- C:\Users\Eli\AppData\Roaming\E-centives
[2011/10/11 13:19:51 | 000,000,000 | ---D | M] -- C:\Users\Eli\AppData\Roaming\FinalMediaPlayer
[2011/11/30 20:53:56 | 000,000,000 | ---D | M] -- C:\Users\Eli\AppData\Roaming\Nokia
[2010/11/11 20:45:53 | 000,000,000 | ---D | M] -- C:\Users\Eli\AppData\Roaming\PC Suite
[2011/02/18 14:34:09 | 000,000,000 | ---D | M] -- C:\Users\Eli\AppData\Roaming\Philipp Winterberg
[2012/02/27 13:57:52 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
[2011/12/04 14:21:06 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2011/02/25 23:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 19:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/25 23:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/25 23:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011/02/25 23:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/02 23:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/02 23:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 00:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/27 23:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/13 19:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/06/18 23:06:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/06/18 23:06:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/06/18 23:06:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/06/18 23:06:04 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/06/18 23:06:04 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/06/18 23:06:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/06/18 23:06:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/06/18 23:06:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/06/18 23:06:04 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/06/18 23:06:04 | 000,748,336 | ---- | M] (Microsoft Corporation)

< End of report >


OTL Extras logfile created on: 27/02/2012 03:54:32 p.m. - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Eli\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.92 Gb Available Physical Memory | 46.20% Memory free
3.98 Gb Paging File | 2.89 Gb Available in Paging File | 72.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.79 Gb Total Space | 101.03 Gb Free Space | 43.40% Space Free | Partition Type: NTFS

Computer Name: NATHAN | User Name: Eli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-533433892-2647781504-143371541-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java™ 6 Update 29
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{471F79CC-41F5-458F-B768-7F687F97B6EC}" = SPSS 15.0 para Windows
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{975C8028-51D8-44A9-9585-82E9810FE96A}" = hp LaserJet 1000
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}" = Adobe Creative Suite 3 Design Premium
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"504244733D18C8F63FF584AEB290E3904E791693" = Paquete de controladores de Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"Any Video Converter_is1" = Any Video Converter 3.3.4
"avast" = avast! Internet Security
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FinalMediaPlayer_is1" = Final Media Player 2011
"Google Chrome" = Google Chrome
"KONICA MINOLTA magicolor 1690MF" = KONICA MINOLTA magicolor 1690MF
"Larousse Gran Diccionario Inglés-Español/Spanish-English_is1" = Larousse Gran Diccionario Inglés-Español/Spanish-English 1.0
"LPCO" = Intel® Graphics Media Accelerator 500
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"RarZilla Free Unrar" = RarZilla Free Unrar
"SystemRequirementsLab" = System Requirements Lab
"Trusted Software Assistant_is1" = File Type Assistant
"WinRAR archiver" = WinRAR 4.10 beta 1 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-533433892-2647781504-143371541-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/02/2012 12:36:34 p.m. | Computer Name = Nathan | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Error en la extracción de la lista raíz de terceros del archivo .CAB
actualizado automáticamente: <http://www.download....uthrootstl.cab>
con el error: Un certificado requerido no se encuentra dentro del periodo de validez
cuando se ha realizado la comprobación con el reloj de sistema actual o con la
marca de tiempo en el archivo firmado. .

Error - 26/02/2012 10:18:23 p.m. | Computer Name = Nathan | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Error en la extracción de la lista raíz de terceros del archivo .CAB
actualizado automáticamente: <http://www.download....uthrootstl.cab>
con el error: Un certificado requerido no se encuentra dentro del periodo de validez
cuando se ha realizado la comprobación con el reloj de sistema actual o con la
marca de tiempo en el archivo firmado. .

Error - 27/02/2012 12:19:02 a.m. | Computer Name = Nathan | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Error en la extracción de la lista raíz de terceros del archivo .CAB
actualizado automáticamente: <http://www.download....uthrootstl.cab>
con el error: Un certificado requerido no se encuentra dentro del periodo de validez
cuando se ha realizado la comprobación con el reloj de sistema actual o con la
marca de tiempo en el archivo firmado. .

Error - 27/02/2012 12:19:03 a.m. | Computer Name = Nathan | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Error en la extracción de la lista raíz de terceros del archivo .CAB
actualizado automáticamente: <http://www.download....uthrootstl.cab>
con el error: Un certificado requerido no se encuentra dentro del periodo de validez
cuando se ha realizado la comprobación con el reloj de sistema actual o con la
marca de tiempo en el archivo firmado. .

Error - 27/02/2012 01:10:38 p.m. | Computer Name = Nathan | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: SafeZoneBrowser.exe, versión:
0.0.0.0, marca de tiempo: 0x4da894e3 Nombre del módulo con errores: SafeZoneBrowser.dll,
versión: 9.0.592.0, marca de tiempo: 0x4da894c1 Código de excepción: 0x80000003 Desplazamiento
de errores: 0x0015d740 Id. del proceso con errores: 0xe5c Hora de inicio de la aplicación
con errores: 0x01ccf572b6b600b8 Ruta de acceso de la aplicación con errores: C:\Program
Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.exe Ruta de acceso del módulo
con errores: C:\Program Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.dll Id.
del informe: f794863b-6165-11e1-aed8-00238bd90b05

Error - 27/02/2012 01:10:58 p.m. | Computer Name = Nathan | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: SafeZoneBrowser.exe, versión:
0.0.0.0, marca de tiempo: 0x4da894e3 Nombre del módulo con errores: SafeZoneBrowser.dll,
versión: 9.0.592.0, marca de tiempo: 0x4da894c1 Código de excepción: 0x80000003 Desplazamiento
de errores: 0x0015d740 Id. del proceso con errores: 0x1608 Hora de inicio de la aplicación
con errores: 0x01ccf572c50367f4 Ruta de acceso de la aplicación con errores: C:\Program
Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.exe Ruta de acceso del módulo
con errores: C:\Program Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.dll Id.
del informe: 037725f8-6166-11e1-aed8-00238bd90b05

Error - 27/02/2012 01:11:09 p.m. | Computer Name = Nathan | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: SafeZoneBrowser.exe, versión:
0.0.0.0, marca de tiempo: 0x4da894e3 Nombre del módulo con errores: SafeZoneBrowser.dll,
versión: 9.0.592.0, marca de tiempo: 0x4da894c1 Código de excepción: 0x80000003 Desplazamiento
de errores: 0x0015d740 Id. del proceso con errores: 0x1398 Hora de inicio de la aplicación
con errores: 0x01ccf572cbbb5293 Ruta de acceso de la aplicación con errores: C:\Program
Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.exe Ruta de acceso del módulo
con errores: C:\Program Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.dll Id.
del informe: 0a4000c6-6166-11e1-aed8-00238bd90b05

Error - 27/02/2012 02:12:03 p.m. | Computer Name = Nathan | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: SafeZoneBrowser.exe, versión:
0.0.0.0, marca de tiempo: 0x4da894e3 Nombre del módulo con errores: SafeZoneBrowser.dll,
versión: 9.0.592.0, marca de tiempo: 0x4da894c1 Código de excepción: 0x80000003 Desplazamiento
de errores: 0x0015d740 Id. del proceso con errores: 0x121c Hora de inicio de la aplicación
con errores: 0x01ccf57b4af46de7 Ruta de acceso de la aplicación con errores: C:\Program
Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.exe Ruta de acceso del módulo
con errores: C:\Program Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.dll Id.
del informe: 8c7c2e35-616e-11e1-aed8-00238bd90b05

Error - 27/02/2012 02:12:43 p.m. | Computer Name = Nathan | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: SafeZoneBrowser.exe, versión:
0.0.0.0, marca de tiempo: 0x4da894e3 Nombre del módulo con errores: SafeZoneBrowser.dll,
versión: 9.0.592.0, marca de tiempo: 0x4da894c1 Código de excepción: 0x80000003 Desplazamiento
de errores: 0x0015d740 Id. del proceso con errores: 0x1400 Hora de inicio de la aplicación
con errores: 0x01ccf57b661fc87f Ruta de acceso de la aplicación con errores: C:\Program
Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.exe Ruta de acceso del módulo
con errores: C:\Program Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.dll Id.
del informe: a41ea2ed-616e-11e1-aed8-00238bd90b05

Error - 27/02/2012 02:13:25 p.m. | Computer Name = Nathan | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: SafeZoneBrowser.exe, versión:
0.0.0.0, marca de tiempo: 0x4da894e3 Nombre del módulo con errores: SafeZoneBrowser.dll,
versión: 9.0.592.0, marca de tiempo: 0x4da894c1 Código de excepción: 0x80000003 Desplazamiento
de errores: 0x0015d740 Id. del proceso con errores: 0x17e4 Hora de inicio de la aplicación
con errores: 0x01ccf57b7ebbe31f Ruta de acceso de la aplicación con errores: C:\Program
Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.exe Ruta de acceso del módulo
con errores: C:\Program Files\Alwil Software\Avast5\sfzone\SafeZoneBrowser.dll Id.
del informe: bd19329e-616e-11e1-aed8-00238bd90b05

[ OSession Events ]
Error - 06/02/2011 08:28:35 p.m. | Computer Name = Nathan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 275278
seconds with 3300 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 22/09/2011 10:30:14 a.m. | Computer Name = Nathan | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio Wlansvc.

Error - 22/09/2011 10:30:19 a.m. | Computer Name = Nathan | Source = DCOM | ID = 10010
Description =

Error - 22/09/2011 01:59:16 p.m. | Computer Name = Nathan | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio WinDefend.

Error - 22/09/2011 03:37:28 p.m. | Computer Name = Nathan | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio ShellHWDetection.

Error - 22/09/2011 07:49:14 p.m. | Computer Name = Nathan | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio Wlansvc.

Error - 23/09/2011 12:15:05 a.m. | Computer Name = Nathan | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio PlugPlay.

Error - 23/09/2011 07:47:04 p.m. | Computer Name = Nathan | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio NlaSvc.

Error - 24/09/2011 06:24:08 a.m. | Computer Name = Nathan | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio Netman.

Error - 24/09/2011 10:26:16 a.m. | Computer Name = Nathan | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio ShellHWDetection.

Error - 24/09/2011 10:26:20 a.m. | Computer Name = Nathan | Source = DCOM | ID = 10010
Description =


< End of report >
  • 0

Advertisements

#2
SubCmdanteNeto
Posted 12 March 2012 - 08:41 PM

SubCmdanteNeto

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Are there any tech experts out there willing to take a peek here?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP