Thank you Essexboy!!! And sorry for the late reply, I´ve been working with old paper books lately.
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-14 17:56:03
-----------------------------
17:56:03.168 OS Version: Windows 6.1.7601 Service Pack 1
17:56:03.169 Number of processors: 2 586 0x1C0A
17:56:03.184 ComputerName: CARLOTA-PC UserName: Carlota
17:57:02.925 Initialize success
17:58:58.335 AVAST engine defs: 12031400
18:24:28.386 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
18:24:28.402 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
18:24:28.433 Disk 0 MBR read successfully
18:24:28.448 Disk 0 MBR scan
18:24:28.558 Disk 0 Windows 7 default MBR code
18:24:28.573 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 102400 MB offset 2048
18:24:28.604 Disk 0 Partition 2 00 1B Hidd FAT32 MSDOS5.0 15360 MB offset 209717248
18:24:28.682 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 120694 MB offset 241174528
18:24:28.729 Disk 0 Partition 4 00 EF EFI FAT 20 MB offset 488355840
18:24:28.760 Disk 0 scanning sectors +488397168
18:24:29.369 Disk 0 scanning C:\windows\system32\drivers
18:24:56.934 Service scanning
18:26:13.749 Modules scanning
18:26:47.367 Disk 0 trace - called modules:
18:26:47.429 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
18:26:47.460 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84c53498]
18:26:47.491 3 CLASSPNP.SYS[86c6a59e] -> nt!IofCallDriver -> [0x84263900]
18:26:47.507 5 ACPI.sys[864c23d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x83e48028]
18:26:48.864 AVAST engine scan C:\windows
18:26:53.622 AVAST engine scan C:\windows\system32
18:33:34.668 AVAST engine scan C:\windows\system32\drivers
18:34:06.351 AVAST engine scan C:\Users\Carlota
18:35:44.366 File: C:\Users\Carlota\AppData\Roaming\13CE.exe **INFECTED** Win32:IRCBot-END [Trj]
18:35:44.491 File: C:\Users\Carlota\AppData\Roaming\1728.exe **INFECTED** Win32:VBCrypt-JL [Trj]
18:35:44.632 File: C:\Users\Carlota\AppData\Roaming\2210.exe **INFECTED** Win32:VBCrypt-ACM [Trj]
18:35:44.772 File: C:\Users\Carlota\AppData\Roaming\2378.exe **INFECTED** Win32:VBCrypt-WJ [Trj]
18:35:44.944 File: C:\Users\Carlota\AppData\Roaming\2D08.tmp **INFECTED** Win32:Crypt-LTT [Trj]
18:35:45.115 File: C:\Users\Carlota\AppData\Roaming\3AB7.tmp **INFECTED** Win32:IRCBot-END [Trj]
18:35:45.256 File: C:\Users\Carlota\AppData\Roaming\3BD4.exe **INFECTED** Win32:VBCrypt-NS [Trj]
18:35:45.412 File: C:\Users\Carlota\AppData\Roaming\3F1C.tmp **INFECTED** Win32:Crypt-LTT [Trj]
18:35:45.568 File: C:\Users\Carlota\AppData\Roaming\4105.tmp **INFECTED** Win32:VBCrypt-ACM [Trj]
18:35:45.724 File: C:\Users\Carlota\AppData\Roaming\4B14.exe **INFECTED** Win32:VBCrypt-NU [Trj]
18:35:45.895 File: C:\Users\Carlota\AppData\Roaming\4D17.exe **INFECTED** Win32:VBCrypt-QJ [Trj]
18:35:46.036 File: C:\Users\Carlota\AppData\Roaming\4D19.tmp **INFECTED** Win32:Crypt-LTT [Trj]
18:35:46.192 File: C:\Users\Carlota\AppData\Roaming\4FA6.exe **INFECTED** Win32:VBCrypt-NS [Trj]
18:35:46.332 File: C:\Users\Carlota\AppData\Roaming\4FC0.exe **INFECTED** Win32:Crypt-LTT [Trj]
18:35:46.504 File: C:\Users\Carlota\AppData\Roaming\535D.tmp **INFECTED** Win32:IRCBot-END [Trj]
18:35:46.660 File: C:\Users\Carlota\AppData\Roaming\5366.exe **INFECTED** Win32:VBCrypt-QJ [Trj]
18:35:46.784 File: C:\Users\Carlota\AppData\Roaming\64D.exe **INFECTED** Win32:VBCrypt-PH [Trj]
18:35:46.972 File: C:\Users\Carlota\AppData\Roaming\65A5.tmp **INFECTED** Win32:VBCrypt-ACT [Trj]
18:35:47.471 File: C:\Users\Carlota\AppData\Roaming\6622.exe **INFECTED** Win32:Crypt-LTT [Trj]
18:35:47.642 File: C:\Users\Carlota\AppData\Roaming\66AF.exe **INFECTED** Win32:VBCrypt-ACM [Trj]
18:35:47.814 File: C:\Users\Carlota\AppData\Roaming\7483.tmp **INFECTED** Win32:IRCBot-END [Trj]
18:35:48.095 File: C:\Users\Carlota\AppData\Roaming\878.exe **INFECTED** Win32:Trojan-gen
18:35:48.266 File: C:\Users\Carlota\AppData\Roaming\8B4E.exe **INFECTED** Win32:VBCrypt-ACT [Trj]
18:35:48.454 File: C:\Users\Carlota\AppData\Roaming\9923.tmp **INFECTED** Win32:IRCBot-END [Trj]
18:35:48.625 File: C:\Users\Carlota\AppData\Roaming\9C57.exe **INFECTED** Win32:VBCrypt-PC [Trj]
18:35:48.797 File: C:\Users\Carlota\AppData\Roaming\9E71.exe **INFECTED** Win32:IRCBot-END [Trj]
18:35:49.000 File: C:\Users\Carlota\AppData\Roaming\9F7A.exe **INFECTED** Win32:Trojan-gen
18:35:49.156 File: C:\Users\Carlota\AppData\Roaming\AB0E.exe **INFECTED** Win32:IRCBot-END [Trj]
18:35:49.343 File: C:\Users\Carlota\AppData\Roaming\AD7D.tmp **INFECTED** Win32:Crypt-LTT [Trj]
18:35:53.352 File: C:\Users\Carlota\AppData\Roaming\B5A7.tmp **INFECTED** Win32:IRCBot-END [Trj]
18:35:53.492 File: C:\Users\Carlota\AppData\Roaming\BD75.exe **INFECTED** Win32:Crypt-LTT [Trj]
18:35:53.664 File: C:\Users\Carlota\AppData\Roaming\C73C.exe **INFECTED** Win32:Crypt-LTT [Trj]
18:35:53.804 File: C:\Users\Carlota\AppData\Roaming\D1BF.exe **INFECTED** Win32:Crypt-LTT [Trj]
18:35:53.929 File: C:\Users\Carlota\AppData\Roaming\D633.exe **INFECTED** Win32:VBCrypt-LY [Trj]
18:35:55.271 File: C:\Users\Carlota\AppData\Roaming\E6B7.exe **INFECTED** Win32:IRCBot-END [Trj]
18:35:55.708 File: C:\Users\Carlota\AppData\Roaming\F9E8.exe **INFECTED** Win32:VBCrypt-JL [Trj]
18:37:27.732 AVAST engine scan C:\ProgramData
18:38:21.911 Scan finished successfully
18:44:10.494 Disk 0 MBR has been saved successfully to "C:\Users\Carlota\Desktop\MBR.dat"
18:44:10.525 The log file has been saved successfully to "C:\Users\Carlota\Desktop\aswMBR1.txt"
OTL:
OTL Extras logfile created on: 3/14/2012 7:10:01 PM - Run 1
OTL by OldTimer - Version 3.2.36.1 Folder = C:\Users\Carlota\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: España | Language: ESN | Date Format: dd/MM/yyyy
1014.18 Mb Total Physical Memory | 221.27 Mb Available Physical Memory | 21.82% Memory free
1.99 Gb Paging File | 0.89 Gb Available in Paging File | 44.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 66.21 Gb Free Space | 66.21% Space Free | Partition Type: NTFS
Drive D: | 117.87 Gb Total Space | 40.27 Gb Free Space | 34.16% Space Free | Partition Type: NTFS
Computer Name: CARLOTA-PC | User Name: Carlota | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series" = Canon MP270 series MP Drivers
"{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"{185AFA7A-F63E-450B-94AA-011CAC18090E}" = E-Cam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B5092B6-F231-4D18-83BC-2618B729CA45}" = CapsHook
"{4B930AE3-61C6-4D02-A9D4-84F4ACBCEC25}" = OpenOffice.org 3.3
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{859D40CF-8491-44AD-8FA8-7389CB418C64}" = 32 Bit HP CIO Components Installer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_PROPLUS_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_PROPLUS_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_PROPLUS_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_PROPLUS_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007
"{90120000-0044-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_PROPLUS_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D802DD00-16A8-4A58-AFC9-020C2380ECDA}" = EeeSplendid
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASUS VIBE" = ASUS VIBE
"B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"CCleaner" = CCleaner
"DriverNavigator_is1" = DriverNavigator 1.5.3
"Eee Docking_is1" = Eee Docking 3.7.0
"Glary Utilities_is1" = Glary Utilities 2.43.0.1419
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.22.02.00
"InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versión 1.60.1.1000
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"movistarES" = Escritorio Movistar
"Mozilla Firefox 4.0.1 (x86 es-ES)" = Mozilla Firefox 4.0.1 (x86 es-ES)
"PROPLUS" = Microsoft Office Professional Plus 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.10
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 2/8/2012 11:39:03 AM | Computer Name = Carlota-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\trend
micro\internet security\component\framework\200\UfNavi.exe". No se encontró el ensamblado
dependiente Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Use
sxstrace.exe para obtener un diagnóstico detallado.
Error - 2/8/2012 11:39:03 AM | Computer Name = Carlota-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\trend
micro\internet security\component\framework\200\UfUpdUi.exe". No se encontró el
ensamblado dependiente Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Use
sxstrace.exe para obtener un diagnóstico detallado.
Error - 2/9/2012 10:15:12 AM | Computer Name = Carlota-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: svchost.exe_RasMan, versión:
6.1.7600.16385, marca de tiempo: 0x4a5bc100 Nombre del módulo con errores: msvcrt.dll,
versión: 7.0.7600.16385, marca de tiempo: 0x4a5bda6f Código de excepción: 0xc0000005
Desplazamiento
de errores: 0x0000db79 Id. del proceso con errores: 0x3dc Hora de inicio de la aplicación
con errores: 0x01cce3f0c17ba730 Ruta de acceso de la aplicación con errores: C:\windows\system32\svchost.exe
Ruta
de acceso del módulo con errores: C:\windows\system32\msvcrt.dll Id. del informe:
7a7baf30-5328-11e1-9c35-bcaec5139627
Error - 2/20/2012 6:03:19 PM | Computer Name = Carlota-PC | Source = RasClient | ID = 20227
Description =
Error - 3/1/2012 10:38:33 AM | Computer Name = Carlota-PC | Source = SideBySide | ID = 16842815
Description = Error al generar el contexto de activación para "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Error en el archivo de manifiesto
o directiva "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll"
en la línea 3. El valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
del atributo "version" del elemento "assemblyIdentity" no es válido.
Error - 3/1/2012 10:38:36 AM | Computer Name = Carlota-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\Easeware\drivernavigator\amd64\dpinst.exe".
No
se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
sxstrace.exe para obtener un diagnóstico detallado.
Error - 3/1/2012 12:45:41 PM | Computer Name = Carlota-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: chrome.exe, versión: 17.0.963.56,
marca de tiempo: 0x4f3b1160 Nombre del módulo con errores: KERNELBASE.dll, versión:
6.1.7601.17651, marca de tiempo: 0x4e2111c0 Código de excepción: 0x80000003 Desplazamiento
de errores: 0x0000d36f Id. del proceso con errores: 0x11b8 Hora de inicio de la aplicación
con errores: 0x01ccf7bd808a3b16 Ruta de acceso de la aplicación con errores: C:\Users\Carlota\AppData\Local\Google\Chrome\Application\chrome.exe
Ruta
de acceso del módulo con errores: C:\windows\system32\KERNELBASE.dll Id. del informe:
fa99bac3-63bd-11e1-a6db-001e101f2500
Error - 3/1/2012 8:36:17 PM | Computer Name = Carlota-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: chrome.exe, versión: 17.0.963.56,
marca de tiempo: 0x4f3b1160 Nombre del módulo con errores: chrome.dll, versión:
17.0.963.56, marca de tiempo: 0x4f3b1106 Código de excepción: 0xc0000005 Desplazamiento
de errores: 0x0001ba53 Id. del proceso con errores: 0x7b0 Hora de inicio de la aplicación
con errores: 0x01ccf80c762bc112 Ruta de acceso de la aplicación con errores: C:\Users\Carlota\AppData\Local\Google\Chrome\Application\chrome.exe
Ruta
de acceso del módulo con errores: C:\Users\Carlota\AppData\Local\Google\Chrome\Application\17.0.963.56\chrome.dll
Id.
del informe: b8f6cb80-63ff-11e1-a6db-001e101f2500
Error - 3/2/2012 7:19:06 AM | Computer Name = Carlota-PC | Source = SideBySide | ID = 16842815
Description = Error al generar el contexto de activación para "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Error en el archivo de manifiesto
o directiva "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll"
en la línea 3. El valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
del atributo "version" del elemento "assemblyIdentity" no es válido.
Error - 3/2/2012 7:19:09 AM | Computer Name = Carlota-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\Easeware\drivernavigator\amd64\dpinst.exe".
No
se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
sxstrace.exe para obtener un diagnóstico detallado.
[ System Events ]
Error - 8/8/2011 2:21:21 PM | Computer Name = Carlota-PC | Source = Service Control Manager | ID = 7026
Description = El siguiente controlador de inicio del sistema o de inicio del arranque
no se cargó correctamente: cdrom
Error - 8/8/2011 4:26:48 PM | Computer Name = Carlota-PC | Source = DCOM | ID = 10010
Description =
Error - 8/10/2011 4:18:59 PM | Computer Name = Carlota-PC | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio ShellHWDetection.
Error - 8/11/2011 3:35:20 AM | Computer Name = Carlota-PC | Source = Service Control Manager | ID = 7009
Description = Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio
Instalador de módulos de Windows.
Error - 8/11/2011 3:35:21 AM | Computer Name = Carlota-PC | Source = Service Control Manager | ID = 7000
Description = El servicio Instalador de módulos de Windows no pudo iniciarse debido
al siguiente error: %%1053
Error - 8/11/2011 3:35:27 AM | Computer Name = Carlota-PC | Source = DCOM | ID = 10005
Description =
Error - 8/11/2011 3:35:27 AM | Computer Name = Carlota-PC | Source = DCOM | ID = 10010
Description =
Error - 8/11/2011 7:35:59 AM | Computer Name = Carlota-PC | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio wscsvc.
Error - 8/11/2011 3:42:11 PM | Computer Name = Carlota-PC | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio ShellHWDetection.
Error - 8/12/2011 12:38:47 AM | Computer Name = Carlota-PC | Source = Service Control Manager | ID = 7011
Description = Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción
del servicio WinDefend.
< End of report >
OTL logfile created on: 3/14/2012 7:10:01 PM - Run 1
OTL by OldTimer - Version 3.2.36.1 Folder = C:\Users\Carlota\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: España | Language: ESN | Date Format: dd/MM/yyyy
1014.18 Mb Total Physical Memory | 221.27 Mb Available Physical Memory | 21.82% Memory free
1.99 Gb Paging File | 0.89 Gb Available in Paging File | 44.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 66.21 Gb Free Space | 66.21% Space Free | Partition Type: NTFS
Drive D: | 117.87 Gb Total Space | 40.27 Gb Free Space | 34.16% Space Free | Partition Type: NTFS
Computer Name: CARLOTA-PC | User Name: Carlota | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ========== PRC - [2012/03/14 17:34:46 | 000,055,808 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\7C11.exe
PRC - [2012/03/10 10:21:44 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/03/08 23:53:16 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Carlota\Downloads\OTL.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/10/09 09:51:48 | 000,736,040 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2010/09/29 14:08:58 | 000,200,624 | ---- | M] (Telefónica I+D) -- C:\Program Files\Movistar\Escritorio Movistar\ImpWiFiSvc.exe
PRC - [2010/06/09 22:26:34 | 000,412,600 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
PRC - [2010/06/04 03:40:30 | 001,242,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
PRC - [2010/05/29 00:41:36 | 000,445,344 | ---- | M] (ASUS) -- C:\Program Files\EeePC\CapsHook\CapsHook.exe
PRC - [2010/04/13 03:37:47 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
PRC - [2010/02/23 11:47:04 | 001,024,368 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2010/01/29 19:18:52 | 000,751,592 | ---- | M] () -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/09/11 19:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
PRC - [2009/08/19 01:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2009/08/03 00:05:24 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/08/03 00:05:24 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/06/05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
========== Modules (No Company Name) ========== MOD - [2012/03/14 17:34:46 | 000,055,808 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\7C11.exe
MOD - [2009/08/03 00:05:40 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
========== Win32 Services (SafeList) ========== SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/10/09 09:51:48 | 000,736,040 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2010/09/29 14:08:58 | 000,200,624 | ---- | M] (Telefónica I+D) [Auto | Running] -- C:\Program Files\Movistar\Escritorio Movistar\ImpWiFiSvc.exe -- (TGCM_ImportWiFiSvc)
SRV - [2010/04/27 05:13:50 | 000,689,416 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV - [2010/04/27 05:13:48 | 000,497,008 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw)
SRV - [2010/04/27 05:13:37 | 000,345,352 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/19 01:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009/08/03 00:05:24 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel®
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aswMBR)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/01/13 03:54:16 | 000,073,344 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010/12/24 04:48:26 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/12/23 02:46:46 | 000,353,280 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/10/08 09:55:06 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2010/07/30 18:29:10 | 000,249,424 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmxpflt.sys -- (tmxpflt)
DRV - [2010/07/30 18:29:00 | 000,036,432 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmpreflt.sys -- (tmpreflt)
DRV - [2010/07/30 18:06:08 | 001,331,512 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vsapint.sys -- (vsapint)
DRV - [2010/07/27 02:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010/07/19 19:03:10 | 000,059,472 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/07/19 19:03:00 | 000,051,792 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/07/19 19:02:54 | 000,163,408 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2010/06/10 14:14:32 | 000,011,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2010/04/27 05:13:37 | 000,089,872 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/04/27 05:13:36 | 000,283,152 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tmwfp.sys -- (tmwfp)
DRV - [2010/04/27 05:13:36 | 000,146,448 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tmlwf.sys -- (tmlwf)
DRV - [2010/04/13 03:39:17 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2010/04/13 03:36:46 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2010/04/13 03:36:12 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009/10/05 17:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2007/10/12 02:00:44 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/10/12 01:56:22 | 000,490,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...rc=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://asus.msn.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://homitrlz.inIE - HKCU\..\SearchScopes,DefaultScope = {02D4E505-7C9D-4937-AF3E-5394EBA7D90B}
IE - HKCU\..\SearchScopes\{02D4E505-7C9D-4937-AF3E-5394EBA7D90B}: "URL" =
http://www.google.co...q={searchTerms}IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://homitrlz.in" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/06 19:02:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/06/06 19:19:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carlota\AppData\Roaming\mozilla\Extensions
[2012/03/07 12:56:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/03/07 12:56:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011/04/14 17:43:44 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,003,996 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
[2010/01/01 09:00:00 | 000,001,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
[2010/01/01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
[2010/01/01 09:00:00 | 000,001,102 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Carlota\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Carlota\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Carlota\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Carlota\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Carlota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: B\u00FAsqueda de Google = C:\Users\Carlota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: MegaSkipper = C:\Users\Carlota\AppData\Local\Google\Chrome\User Data\Default\Extensions\phlpjnmkcepflfoglccifhajagahaglm\19.63_0\
CHR - Extension: Gmail = C:\Users\Carlota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [Rxlclt] C:\Users\Carlota\AppData\Roaming\Rxlclt.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 87.216.1.65 87.216.1.66
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B52D6DBC-245F-489A-A446-C093FA09E1CB}: DhcpNameServer = 87.216.1.65 87.216.1.66
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{280786e7-c1eb-11e0-b63c-bcaec5139627}\Shell - "" = AutoRun
O33 - MountPoints2\{280786e7-c1eb-11e0-b63c-bcaec5139627}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{c3abe024-fc93-11e0-8f05-bcaec5139627}\Shell - "" = AutoRun
O33 - MountPoints2\{c3abe024-fc93-11e0-8f05-bcaec5139627}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{dbcedf2d-aad3-11e0-a7fc-bcaec5139627}\Shell - "" = AutoRun
O33 - MountPoints2\{dbcedf2d-aad3-11e0-a7fc-bcaec5139627}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 60 Days ========== [2012/03/14 17:55:16 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Carlota\Desktop\aswMBR.exe
[2012/03/14 15:31:28 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll
[2012/03/14 15:31:28 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe
[2012/03/14 15:31:27 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll
[2012/03/14 15:31:20 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcore.dll
[2012/03/09 02:05:16 | 000,000,000 | ---D | C] -- C:\Users\Carlota\Desktop\Limpiadores
[2012/03/09 01:47:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/03/09 01:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/03/09 01:13:27 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/03/08 23:27:52 | 000,000,000 | ---D | C] -- C:\Users\Carlota\AppData\Roaming\GlarySoft
[2012/03/08 23:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2012/03/08 23:14:31 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2012/03/08 21:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/03/08 21:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/03/08 21:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/03/08 15:55:54 | 000,000,000 | ---D | C] -- C:\Users\Carlota\AppData\Roaming\Malwarebytes
[2012/03/08 15:55:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/08 15:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/03/08 15:55:30 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/03/08 15:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/03/07 13:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/03/07 12:56:44 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2012/03/07 12:56:44 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2012/03/07 12:56:44 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2012/03/07 12:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/03/01 23:33:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012/03/01 23:33:13 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2012/03/01 23:33:13 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msls31.dll
[2012/03/01 23:33:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieakeng.dll
[2012/03/01 23:33:13 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll
[2012/03/01 23:33:13 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2012/03/01 23:33:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe
[2012/03/01 23:33:13 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2012/03/01 23:33:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012/03/01 23:33:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll
[2012/03/01 23:33:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2012/03/01 23:33:13 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2012/03/01 23:33:12 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat
[2012/03/01 23:33:12 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2012/03/01 23:33:12 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2012/03/01 23:33:12 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2012/03/01 23:33:12 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2012/03/01 23:33:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012/03/01 23:33:12 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2012/03/01 23:33:12 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2012/03/01 23:33:12 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2012/03/01 23:33:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2012/03/01 23:33:11 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2012/03/01 23:33:11 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2012/03/01 23:33:11 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wextract.exe
[2012/03/01 23:33:11 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe
[2012/03/01 23:33:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2012/03/01 23:33:11 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2012/03/01 23:33:09 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012/03/01 23:33:09 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieaksie.dll
[2012/03/01 23:33:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2012/03/01 23:33:09 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\admparse.dll
[2012/03/01 23:33:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll
[2012/03/01 23:33:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieakui.dll
[2012/03/01 23:33:05 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2012/03/01 23:33:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2012/03/01 23:33:05 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll
[2012/02/25 17:24:39 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\timedate.cpl
[2012/02/25 17:22:19 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2012/02/25 10:39:17 | 000,000,000 | R--D | C] -- C:\Users\Carlota\Saved Games
[2012/02/20 22:49:38 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2012/02/20 22:47:26 | 000,000,000 | ---D | C] -- C:\Users\Carlota\Documents\Bluetooth Exchange Folder
[2012/02/06 19:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/02/06 19:16:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2012/02/06 19:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2012/02/06 19:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/02/06 19:14:26 | 000,000,000 | ---D | C] -- C:\windows\PCHEALTH
[2012/02/06 19:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2012/02/06 19:10:30 | 000,000,000 | ---D | C] -- C:\windows\SHELLNEW
[2012/02/06 19:10:14 | 000,000,000 | ---D | C] -- C:\Users\Carlota\AppData\Local\Microsoft Help
[2012/02/06 19:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/02/06 19:09:00 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/01/28 22:18:12 | 000,000,000 | ---D | C] -- C:\Oki Driver
[2012/01/28 21:53:03 | 000,000,000 | ---D | C] -- C:\OkiDriver
[2012/01/28 15:59:38 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll
[2012/01/28 15:59:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll
[2012/01/24 18:48:34 | 000,000,000 | R--D | C] -- C:\Users\Carlota\Searches
[2012/01/22 13:14:26 | 000,000,000 | R--D | C] -- C:\Users\Carlota\Favorites
[2012/01/22 12:38:02 | 000,000,000 | ---D | C] -- C:\Users\Carlota\AppData\Local\SoftGrid Client
[2012/01/22 12:37:59 | 000,000,000 | ---D | C] -- C:\Users\Carlota\AppData\Roaming\SoftGrid Client
[2012/01/22 12:35:15 | 000,000,000 | ---D | C] -- C:\Users\Carlota\AppData\Roaming\TP
[2012/01/20 14:53:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\packager.dll
[2012/01/20 14:52:42 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\quartz.dll
[2012/01/20 14:52:41 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll
[13 C:\Users\Carlota\AppData\Roaming\*.tmp files -> C:\Users\Carlota\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 60 Days ========== [2012/03/14 18:44:10 | 000,000,512 | ---- | M] () -- C:\Users\Carlota\Desktop\MBR.dat
[2012/03/14 18:42:38 | 000,119,296 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\Rxlclt.exe
[2012/03/14 18:23:04 | 000,001,090 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/14 17:57:16 | 000,703,840 | ---- | M] () -- C:\windows\System32\perfh00A.dat
[2012/03/14 17:57:16 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/03/14 17:57:16 | 000,137,806 | ---- | M] () -- C:\windows\System32\perfc00A.dat
[2012/03/14 17:57:16 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/03/14 17:40:16 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Carlota\Desktop\aswMBR.exe
[2012/03/14 17:37:53 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/14 17:37:53 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/14 17:34:46 | 000,055,808 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\7C11.exe
[2012/03/14 17:30:49 | 000,000,316 | ---- | M] () -- C:\windows\tasks\GlaryInitialize.job
[2012/03/14 17:30:48 | 000,001,086 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/14 17:30:07 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/03/14 17:30:00 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/14 15:10:41 | 000,312,065 | ---- | M] () -- C:\Users\Carlota\Desktop\bolsas investigación.pdf
[2012/03/14 14:42:22 | 000,055,808 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\B24.exe
[2012/03/13 15:10:37 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\8B4E.exe
[2012/03/13 02:57:25 | 000,036,206 | ---- | M] () -- C:\Users\Carlota\Desktop\Weirdthing.jpg
[2012/03/13 02:06:46 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\2210.exe
[2012/03/12 17:31:45 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\66AF.exe
[2012/03/09 15:20:21 | 000,000,052 | ---- | M] () -- C:\Users\Carlota\Desktop\Xuventude.net.url
[2012/03/09 12:57:27 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\13CE.exe
[2012/03/08 21:36:45 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/03/08 21:33:00 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\9E71.exe
[2012/03/08 12:44:14 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\E6B7.exe
[2012/03/08 00:49:53 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\AB0E.exe
[2012/03/07 12:56:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\deployJava1.dll
[2012/03/07 12:56:12 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2012/03/07 12:56:12 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2012/03/07 12:56:12 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2012/03/07 12:32:36 | 000,019,310 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\33CD.exe
[2012/03/06 21:14:06 | 000,055,808 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\C73C.exe
[2012/03/06 17:23:13 | 000,055,808 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\6622.exe
[2012/03/05 17:47:40 | 000,055,808 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\BD75.exe
[2012/03/04 15:11:51 | 000,000,073 | ---- | M] () -- C:\Users\Carlota\Desktop\VNU Servicio Voluntariado en Línea - Inicio.url
[2012/03/04 14:15:09 | 000,055,808 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\D1BF.exe
[2012/03/03 22:44:41 | 000,055,808 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\4FC0.exe
[2012/03/01 23:33:13 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012/03/01 23:33:13 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2012/03/01 23:33:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msls31.dll
[2012/03/01 23:33:13 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieakeng.dll
[2012/03/01 23:33:13 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll
[2012/03/01 23:33:13 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2012/03/01 23:33:13 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe
[2012/03/01 23:33:13 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2012/03/01 23:33:13 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012/03/01 23:33:13 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll
[2012/03/01 23:33:13 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2012/03/01 23:33:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2012/03/01 23:33:12 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat
[2012/03/01 23:33:12 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2012/03/01 23:33:12 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2012/03/01 23:33:12 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2012/03/01 23:33:12 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2012/03/01 23:33:12 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2012/03/01 23:33:12 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012/03/01 23:33:12 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2012/03/01 23:33:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2012/03/01 23:33:12 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2012/03/01 23:33:12 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2012/03/01 23:33:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2012/03/01 23:33:11 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2012/03/01 23:33:11 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wextract.exe
[2012/03/01 23:33:11 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe
[2012/03/01 23:33:11 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2012/03/01 23:33:11 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2012/03/01 23:33:10 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012/03/01 23:33:09 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieaksie.dll
[2012/03/01 23:33:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieakui.dll
[2012/03/01 23:33:09 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2012/03/01 23:33:09 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\admparse.dll
[2012/03/01 23:33:09 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll
[2012/03/01 23:33:08 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2012/03/01 23:33:05 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2012/03/01 23:33:05 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll
[2012/03/01 11:14:47 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\878.exe
[2012/03/01 10:57:43 | 000,428,752 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/03/01 00:48:15 | 000,000,123 | ---- | M] () -- C:\Users\Carlota\Desktop\Webinar Internet, herramienta útil para encontrar trabajo.url
[2012/02/29 23:06:12 | 000,045,601 | ---- | M] () -- C:\Users\Carlota\Desktop\comercio_internacional.pdf
[2012/02/29 22:55:00 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\9F7A.exe
[2012/02/25 16:56:30 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\2378.exe
[2012/02/23 09:18:36 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\MpSigStub.exe
[2012/02/20 23:33:31 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msclmd.dll
[2012/02/17 06:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\rdpcore.dll
[2012/02/09 12:12:31 | 000,086,016 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\64D.exe
[2012/02/07 22:22:20 | 000,086,016 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\9C57.exe
[2012/02/06 22:38:42 | 000,086,016 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\3BD4.exe
[2012/02/06 14:21:48 | 000,086,016 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\4FA6.exe
[2012/02/05 13:37:09 | 000,844,546 | ---- | M] () -- C:\Users\Carlota\Documents\crisis.png
[2012/02/05 11:29:36 | 000,086,016 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\4B14.exe
[2012/02/04 11:39:47 | 000,086,016 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\4D17.exe
[2012/02/03 18:24:55 | 000,086,016 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\5366.exe
[2012/02/03 12:09:44 | 000,086,016 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\D633.exe
[2012/01/29 21:13:47 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\1728.exe
[2012/01/29 11:53:34 | 000,106,496 | ---- | M] () -- C:\Users\Carlota\AppData\Roaming\F9E8.exe
[2012/01/25 06:32:35 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll
[2012/01/25 06:32:34 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll
[2012/01/25 06:27:51 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe
[13 C:\Users\Carlota\AppData\Roaming\*.tmp files -> C:\Users\Carlota\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/03/14 18:44:10 | 000,000,512 | ---- | C] () -- C:\Users\Carlota\Desktop\MBR.dat
[2012/03/14 17:34:46 | 000,055,808 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\7C11.exe
[2012/03/14 17:34:43 | 000,119,296 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\Rxlclt.exe
[2012/03/14 15:10:27 | 000,312,065 | ---- | C] () -- C:\Users\Carlota\Desktop\bolsas investigación.pdf
[2012/03/14 14:42:22 | 000,055,808 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\B24.exe
[2012/03/13 15:10:37 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\8B4E.exe
[2012/03/13 02:55:47 | 000,036,206 | ---- | C] () -- C:\Users\Carlota\Desktop\Weirdthing.jpg
[2012/03/13 02:06:46 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\2210.exe
[2012/03/12 17:31:45 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\66AF.exe
[2012/03/09 15:20:21 | 000,000,052 | ---- | C] () -- C:\Users\Carlota\Desktop\Xuventude.net.url
[2012/03/09 12:57:27 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\13CE.exe
[2012/03/09 01:13:44 | 000,001,090 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/09 01:13:42 | 000,001,086 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/08 23:14:48 | 000,000,316 | ---- | C] () -- C:\windows\tasks\GlaryInitialize.job
[2012/03/08 21:33:00 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\9E71.exe
[2012/03/08 12:44:14 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\E6B7.exe
[2012/03/08 00:49:53 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\AB0E.exe
[2012/03/07 12:32:36 | 000,019,310 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\33CD.exe
[2012/03/06 21:14:06 | 000,055,808 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\C73C.exe
[2012/03/06 17:23:13 | 000,055,808 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\6622.exe
[2012/03/05 17:47:40 | 000,055,808 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\BD75.exe
[2012/03/04 15:11:51 | 000,000,073 | ---- | C] () -- C:\Users\Carlota\Desktop\VNU Servicio Voluntariado en Línea - Inicio.url
[2012/03/04 14:15:09 | 000,055,808 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\D1BF.exe
[2012/03/03 22:44:41 | 000,055,808 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\4FC0.exe
[2012/03/01 23:33:12 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2012/03/01 11:14:47 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\878.exe
[2012/03/01 00:48:15 | 000,000,123 | ---- | C] () -- C:\Users\Carlota\Desktop\Webinar Internet, herramienta útil para encontrar trabajo.url
[2012/02/29 23:06:28 | 000,045,601 | ---- | C] () -- C:\Users\Carlota\Desktop\comercio_internacional.pdf
[2012/02/29 22:55:00 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\9F7A.exe
[2012/02/25 16:56:30 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\2378.exe
[2012/02/09 12:12:31 | 000,086,016 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\64D.exe
[2012/02/07 22:22:20 | 000,086,016 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\9C57.exe
[2012/02/06 22:38:42 | 000,086,016 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\3BD4.exe
[2012/02/06 14:21:48 | 000,086,016 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\4FA6.exe
[2012/02/05 13:37:19 | 000,844,546 | ---- | C] () -- C:\Users\Carlota\Documents\crisis.png
[2012/02/05 11:29:36 | 000,086,016 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\4B14.exe
[2012/02/04 11:39:47 | 000,086,016 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\4D17.exe
[2012/02/03 18:24:55 | 000,086,016 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\5366.exe
[2012/02/03 12:09:44 | 000,086,016 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\D633.exe
[2012/01/29 21:13:47 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\1728.exe
[2012/01/29 11:53:34 | 000,106,496 | ---- | C] () -- C:\Users\Carlota\AppData\Roaming\F9E8.exe
[2011/03/09 13:29:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/09 13:16:36 | 000,000,117 | ---- | C] () -- C:\windows\TmPfw.ini
[2011/03/09 13:14:58 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS
[2011/03/09 12:58:32 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat
[2011/03/09 12:58:32 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat
[2010/06/24 21:36:05 | 000,129,472 | ---- | C] () -- C:\windows\TISReg.exe
[2010/06/24 21:16:02 | 000,219,136 | ---- | C] () -- C:\windows\System32\AsusService.exe
[2010/06/24 21:16:02 | 000,025,616 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2010/06/24 21:14:21 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/06/24 21:12:36 | 000,011,520 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys
[2010/06/24 21:07:33 | 000,013,931 | ---- | C] () -- C:\windows\System32\RaCoInst.dat
[2010/04/13 03:36:12 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys
========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: SVCHOST.EXE >[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< C:\Windows\assembly\tmp\U\*.* /s > < %Temp%\smtmp\1\*.* > < %Temp%\smtmp\2\*.* > < %Temp%\smtmp\3\*.* > < %Temp%\smtmp\4\*.* > ========== Drive Information ==========Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00GB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 15.00GB
Starting Offset: 107375230976
Hidden sectors: 0
DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 118.00GB
Starting Offset: 123481358336
Hidden sectors: 0
DeviceID: Disk #0, Partition #3
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 0.00GB
Starting Offset: 250038190080
Hidden sectors: 0
< End of report >
I hope is fine.
By the way, when I try to switch off my computer it says that some programmes are still working.
And a weird box that changes colour appeared on my desktop(you can find a picture attached. I can move it, but not delete it, open it, cut it...
Thank you
Carlota