Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

avast! and Malwarebytes pop-ups that say "potentially maliciou


  • This topic is locked This topic is locked

#31
byayoi

byayoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hello.
I suppose you are already on vacation, and I haven't had the time to uninstall uTorrent again.
I had already uninstalled uTorrent once, as I explained on the same May 10th, 2012 replay, but I suppose I can do it again.

Spoiler

I'll try to do it this Wednesday and I'll keep you informed.
Have a nice vacation! :happy:
  • 0

Advertisements


#32
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi i have been doing some research on this with the various cases I am currently running... And it seems as though Malwarebytes does not like some of the torrent servers

So as long as Avast webshield is not having a problem then I consider it to be a Malwarebytes issue as opposed to a malware problem - all scans are coming up clean. Are you experiencing any other problems ?
  • 0

#33
byayoi

byayoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hello, welcome back.
About your question, I'm not sure. The systems seems to run at the same speed as it ran before the pop-ups, and apart from the internet stopping and me having to reboot sometimes, or a windows' "blue screen of the dead" after I tried to run photoshop to edit a really big image file of about 50 layers, or the fact that last week I had to re-install Firefox because it kept announcing that it had crashed and couldn't re-open my tabs instead of just starting a new browser window, apart from all these, everything seems normal.
I had to use a memory stick to move some files and print some others, and the computers I have used that memory stick with haven't found any virus or started behaving like this one.
So I'm a little bit confused. Could this really be just some Malwarebytes issue with some torrent servers? And what is trying to contact them? Because even if I don't run uTorrent something keeps trying to contact them.

I'll await your next instructions. :happy:
  • 0

#34
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK next stage will be to update to SP3

Download from here
Then install, once done then run a fresh OTL scan for me please
  • 0

#35
byayoi

byayoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Ok. I'm downloading the SP3... I'll let you know when it's finished and I've run the OTL scan.
  • 0

#36
byayoi

byayoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hello!
The Service pack 3 is installed.
The pop-ups stopped while uTorrent it's not running, and they begin to appear when it starts.
Here's the OTL.txt:


OTL logfile created on: 03/06/2012 07:48:09 p.m. - Run 5
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Documents and Settings\Casita\Escritorio
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 77.81% Memory free
4.84 Gb Paging File | 4.38 Gb Available in Paging File | 90.39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 127.99 Gb Total Space | 36.74 Gb Free Space | 28.70% Space Free | Partition Type: NTFS
Drive E: | 104.90 Gb Total Space | 13.75 Gb Free Space | 13.11% Space Free | Partition Type: NTFS
Drive F: | 12.16 Gb Total Space | 8.63 Gb Free Space | 70.94% Space Free | Partition Type: NTFS
Drive G: | 279.46 Gb Total Space | 15.32 Gb Free Space | 5.48% Space Free | Partition Type: NTFS
Drive H: | 97.66 Gb Total Space | 20.44 Gb Free Space | 20.93% Space Free | Partition Type: NTFS
Drive I: | 123.06 Gb Total Space | 33.01 Gb Free Space | 26.83% Space Free | Partition Type: NTFS

Computer Name: NEGRITA | User Name: Casita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Casita\Escritorio\OTL.exe (OldTimer Tools)
PRC - C:\Archivos de programa\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Archivos de programa\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Archivos de programa\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Archivos de programa\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Archivos de programa\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Archivos de programa\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
PRC - C:\WINDOWS\system32\nlssrv32.exe (Nalpeiron Ltd.)
PRC - C:\Archivos de programa\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Archivos de programa\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\Archivos de programa\Hewlett-Packard\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)


========== Modules (No Company Name) ==========

MOD - C:\Archivos de programa\AVAST Software\Avast\defs\12060301\algo.dll ()
MOD - C:\Archivos de programa\Mozilla Firefox\mozjs.dll ()
MOD - C:\Archivos de programa\OpenOffice.org 3\program\libxml2.dll ()


========== Win32 Services (SafeList) ==========

SRV - (McMPFSvc) -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Archivos de programa\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Archivos de programa\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (nvUpdatusService) -- C:\Archivos de programa\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (nlsX86cc) -- C:\WINDOWS\system32\nlssrv32.exe (Nalpeiron Ltd.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (ose) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (InCDRm) -- system32\drivers\InCDRm.sys File not found
DRV - (InCDPass) -- system32\drivers\InCDPass.sys File not found
DRV - (InCDFs) -- system32\drivers\InCDFs.sys File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\Casita\CONFIG~1\Temp\catchme.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Archivos de programa\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (aswFW) -- C:\WINDOWS\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswNdis2) -- C:\WINDOWS\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswKbd) -- C:\WINDOWS\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (nvatabus) -- C:\WINDOWS\system32\drivers\nvatabus.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
DRV - (ScFBPNT2) -- C:\WINDOWS\system32\drivers\ScFBPNT2.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-602162358-1563985344-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-602162358-1563985344-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-602162358-1563985344-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-602162358-1563985344-839522115-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2504091
IE - HKU\S-1-5-21-602162358-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Tokyo Toshokan"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.2
FF - prefs.js..extensions.enabledItems: [email protected]:2.8
FF - prefs.js..extensions.enabledItems: {566D6332-1439-43bf-857E-7AD5F137AD0C}:1.11
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.01.110527
FF - prefs.js..extensions.enabledItems: [email protected]:2.01.110527
FF - prefs.js..extensions.enabledItems: [email protected]:1.19.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.7.1
FF - prefs.js..extensions.enabledItems: {db131c55-60c8-4adc-84dc-9e76ab06e2dc}:3.8.0.8
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.2.23.17022012
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2012.1.0.30
FF - prefs.js..extensions.enabledItems: {36C13C8F-54F1-412e-8177-2E411719162D}:4.1.1
FF - prefs.js..extensions.enabledItems: {558D3F58-1E89-4fe2-A1F1-5EADC7BC77CB}:3.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.7
FF - prefs.js..keyword.URL: "http://mx.search.yah...8&fr=megaup&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Archivos de programa\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Archivos de programa\AVAST Software\Avast\WebRep\FF [2012/04/10 11:09:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2012/05/28 17:14:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2012/04/19 19:59:49 | 000,000,000 | ---D | M]

[2012/04/02 07:19:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Extensions
[2012/05/17 02:04:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions
[2012/04/02 07:14:52 | 000,000,000 | ---D | M] (Rikaichan) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}
[2012/04/02 07:14:51 | 000,000,000 | ---D | M] (Names Dictionary for rikaichan) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\{566D6332-1439-43bf-857E-7AD5F137AD0C}
[2012/04/02 07:14:51 | 000,000,000 | ---D | M] (Japanese-English Dictionary for rikaichan) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\{6D898772-AD34-4c16-86BB-9DE787A5DEA0}
[2012/04/02 07:14:51 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2012/04/02 07:14:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012/04/02 07:15:00 | 000,000,000 | ---D | M] (MAFIAAFIRE: Gee! No evil!) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\[email protected]
[2012/04/02 07:15:00 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\[email protected]
[2012/04/02 07:15:00 | 000,000,000 | ---D | M] (Diccionario español Mexico) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\[email protected]
[2012/04/02 07:14:58 | 000,000,000 | ---D | M] (Ghostery) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\[email protected]
[2012/04/02 07:14:58 | 000,000,000 | ---D | M] (Rikaichan Japanese-English Dictionary File) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\[email protected]
[2012/04/02 07:14:57 | 000,000,000 | ---D | M] (Rikaichan Japanese Names Dictionary File) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\[email protected]
[2012/04/02 07:14:53 | 000,000,000 | ---D | M] (MAFIAAFire: ThePirateBay Dancing!) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\[email protected]
[2012/04/02 07:14:53 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\extensions\[email protected]
[2008/10/05 15:20:22 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Casita\Datos de programa\Mozilla\Firefox\Profiles\pb6lmcss.default\searchplugins\wwwjdic.xml
[2012/05/28 17:14:50 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2012/04/03 05:56:19 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Archivos de programa\Mozilla Firefox\extensions\[email protected]
[2011/02/14 21:44:38 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Archivos de programa\Mozilla Firefox\extensions\[email protected]_bak
[2012/03/07 16:19:52 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Archivos de programa\Mozilla Firefox\extensions\[email protected]_bak2
[2012/04/11 22:24:03 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\ARCHIVOS DE PROGRAMA\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/03/09 14:57:50 | 000,014,961 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\CASITA\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\PB6LMCSS.DEFAULT\EXTENSIONS\[email protected]
[2012/02/16 09:55:34 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Archivos de programa\mozilla firefox\components\browsercomps.dll
[2012/04/11 22:24:03 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\mozilla firefox\plugins\npdeployJava1.dll
[2012/04/02 08:58:53 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Archivos de programa\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012/02/16 06:08:43 | 000,001,538 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/02/16 05:48:01 | 000,002,252 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\bing.xml
[2012/02/16 06:08:43 | 000,000,947 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/02/16 06:08:43 | 000,001,180 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/02/16 06:08:43 | 000,001,135 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2012/05/21 15:16:45 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Archivos de programa\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Software Update] C:\Archivos de programa\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Archivos de programa\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-602162358-1563985344-839522115-1003..\Run: [AnyDVD] C:\Archivos de programa\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - Startup: C:\Documents and Settings\Casita\Menú Inicio\Programas\Inicio\OpenOffice.org 3.1.lnk = C:\Archivos de programa\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-1563985344-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-602162358-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-602162358-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-602162358-1563985344-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-602162358-1563985344-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89217D2B-BAF0-4C3E-8291-AA70B0D640AA}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Archivos de programa\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Casita\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Casita\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/04 21:47:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/03 19:24:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/06/03 19:02:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012/06/03 19:02:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es
[2012/06/03 18:59:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012/06/03 18:55:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012/06/03 17:21:16 | 000,028,992 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2012/06/03 17:19:53 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012/06/03 17:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menú Inicio\Programas\TuneUp Utilities 2012
[2012/06/03 17:19:33 | 000,000,000 | ---D | C] -- C:\Archivos de programa\TuneUp Utilities 2012
[2012/05/27 17:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Datos de programa\inkscape
[2012/05/27 17:31:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Escritorio\Arcos
[2012/05/25 02:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Application Data
[2012/05/24 05:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Mis documentos\NeroVision
[2012/05/22 21:14:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Escritorio\Portafolio
[2012/05/22 15:22:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Configuración local\Datos de programa\Identities
[2012/05/18 00:37:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Casita\IECompatCache
[2012/05/17 23:51:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Casita\PrivacIE
[2012/05/17 19:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Menú Inicio\Programas\Accessories
[2012/05/17 19:47:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Casita\IETldCache
[2012/05/17 19:38:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/05/17 19:38:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012/05/17 19:37:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/05/14 21:16:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\.swt
[2012/05/14 21:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Configuración local\Datos de programa\temp
[2012/05/14 21:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Configuración local\Datos de programa\Conduit
[2012/05/14 20:59:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\Azureus
[2012/05/14 20:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Datos de programa\Azureus
[2012/05/14 20:58:47 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Vuze
[2012/05/14 02:28:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Escritorio\Fotos Tiffany
[2012/05/14 00:18:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Escritorio\Crochet Stitches VISUAL Encyclopedia
[2012/05/13 19:39:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Datos de programa\OpenOffice.org
[2012/05/13 19:38:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Menú Inicio\Programas\OpenOffice.org 3.1
[2012/05/13 19:31:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Escritorio\OpenOffice.org 3.1 (es) Installation Files
[2012/05/13 16:32:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menú Inicio\Programas\Malwarebytes' Anti-Malware
[2012/05/13 16:32:02 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/05/13 16:32:02 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
[2012/05/13 15:33:12 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/05/12 23:26:36 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Casita\Escritorio\tdsskiller.exe
[2012/05/12 00:51:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Casita\UserData
[2012/05/11 21:55:31 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/05/11 21:51:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/05/11 21:51:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/05/11 21:51:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/05/11 21:51:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/05/11 21:51:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/05/11 21:51:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/11 21:51:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Casita\Menú Inicio\Programas\Herramientas administrativas
[2012/05/11 21:22:38 | 004,490,121 | R--- | C] (Swearware) -- C:\Documents and Settings\Casita\Escritorio\ComboFix.exe
[2012/05/10 19:53:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Datos de programa\uTorrent
[2012/05/10 18:40:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Escritorio\uTorrent
[2012/05/08 21:33:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/07 14:15:39 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Casita\Escritorio\OTL.exe
[2012/05/07 03:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Escritorio\RK_Quarantine
[2012/05/06 12:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\NortonInstaller
[2012/05/05 23:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Escritorio\utmp
[2012/05/05 03:40:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Icons
[2012/05/05 01:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Casita\Datos de programa\TuneUp Software
[2012/05/05 01:22:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\TuneUp Software
[2012/05/05 01:22:18 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/05/05 01:22:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\Common Files
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/03 19:46:46 | 000,494,786 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
[2012/06/03 19:46:46 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/03 19:46:46 | 000,085,472 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
[2012/06/03 19:46:46 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/03 19:45:23 | 000,000,040 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\.zreglib
[2012/06/03 19:44:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/03 19:27:10 | 001,579,040 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/03 19:25:45 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/03 19:25:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/03 19:22:26 | 000,002,639 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/03 18:58:49 | 000,251,168 | RHS- | M] () -- C:\ntldr
[2012/06/03 17:20:51 | 000,000,353 | RHS- | M] () -- C:\boot.ini
[2012/06/03 17:19:51 | 000,001,810 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\TuneUp 1-Click Maintenance.lnk
[2012/06/03 17:19:51 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\TuneUp Utilities 2012.lnk
[2012/06/03 15:58:01 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2012/06/03 00:19:41 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Casita\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/01 17:56:37 | 000,004,792 | ---- | M] () -- C:\Documents and Settings\Casita\.recently-used.xbel
[2012/06/01 17:56:14 | 000,062,979 | ---- | M] () -- C:\Documents and Settings\Casita\Mis documentos\puerta.png
[2012/05/28 21:42:22 | 000,136,005 | ---- | M] () -- C:\Documents and Settings\Casita\Mis documentos\ventana 4.png
[2012/05/28 21:37:47 | 000,149,135 | ---- | M] () -- C:\Documents and Settings\Casita\Mis documentos\ventana 4.svg
[2012/05/28 21:33:02 | 000,211,874 | ---- | M] () -- C:\Documents and Settings\Casita\Mis documentos\ventana 3.svg
[2012/05/28 20:31:39 | 000,145,984 | ---- | M] () -- C:\Documents and Settings\Casita\Mis documentos\ventana 2.svg
[2012/05/28 19:48:16 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/05/28 17:14:52 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\Mozilla Firefox.lnk
[2012/05/28 00:05:08 | 000,032,303 | ---- | M] () -- C:\Documents and Settings\Casita\Mis documentos\ventana.svg
[2012/05/27 21:01:11 | 000,020,083 | ---- | M] () -- C:\Documents and Settings\Casita\Mis documentos\arcos 2.svg
[2012/05/27 19:55:26 | 000,020,107 | ---- | M] () -- C:\Documents and Settings\Casita\Mis documentos\arcos.svg
[2012/05/27 17:44:43 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\Inkscape.lnk
[2012/05/25 17:12:31 | 000,000,145 | ---- | M] () -- C:\Documents and Settings\Casita\default.pls
[2012/05/21 15:41:11 | 000,022,107 | ---- | M] () -- C:\Documents and Settings\Casita\Escritorio\avptool_sysinfo02.zip
[2012/05/21 15:16:45 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/05/21 04:33:28 | 000,021,989 | ---- | M] () -- C:\Documents and Settings\Casita\Escritorio\avptool_sysinfo.zip
[2012/05/19 14:52:44 | 136,117,536 | ---- | M] () -- C:\Documents and Settings\Casita\Escritorio\AVPTool - setup_11.0.0.1245.x01_2012_05_19_21_09.exe
[2012/05/13 19:40:14 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\Casita\Menú Inicio\Programas\Inicio\OpenOffice.org 3.1.lnk
[2012/05/13 19:38:30 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\OpenOffice.org 3.1.lnk
[2012/05/13 16:32:04 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\Malwarebytes Anti-Malware.lnk
[2012/05/12 23:27:12 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Casita\Escritorio\tdsskiller.exe
[2012/05/12 14:26:26 | 004,490,121 | R--- | M] (Swearware) -- C:\Documents and Settings\Casita\Escritorio\ComboFix.exe
[2012/05/10 19:55:01 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\µTorrent.lnk
[2012/05/08 21:58:42 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Casita\Escritorio\MBR.dat
[2012/05/08 00:58:03 | 000,000,269 | ---- | M] () -- C:\WINDOWS\RtlRack.ini
[2012/05/07 14:15:40 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Casita\Escritorio\OTL.exe
[2012/05/07 03:41:59 | 001,413,120 | ---- | M] () -- C:\Documents and Settings\Casita\Escritorio\RogueKiller.exe
[2012/05/05 03:24:12 | 000,000,413 | ---- | M] () -- C:\Boot.bak
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/03 19:02:36 | 000,666,623 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2012/06/03 19:02:36 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2012/06/03 19:02:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2012/06/03 19:02:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2012/06/03 19:02:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2012/06/03 19:02:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2012/06/03 19:02:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2012/06/03 19:02:36 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2012/06/03 19:02:36 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2012/06/03 19:02:36 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2012/06/03 19:02:36 | 000,074,638 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2012/06/03 19:02:36 | 000,026,745 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2012/06/03 19:02:36 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2012/06/03 19:02:36 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2012/06/03 19:02:36 | 000,001,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2012/06/03 19:02:36 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2012/06/03 19:02:35 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2012/06/03 19:02:35 | 000,058,412 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2012/06/03 19:02:35 | 000,034,556 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2012/06/03 19:02:35 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2012/06/03 19:02:35 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2012/06/03 19:02:35 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2012/06/03 19:02:35 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2012/06/03 19:02:35 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2012/06/03 19:02:35 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2012/06/03 19:02:35 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2012/06/03 19:02:35 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2012/06/03 19:02:35 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2012/06/03 19:02:35 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2012/06/03 19:02:35 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2012/06/03 19:02:35 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2012/06/03 19:02:35 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2012/06/03 19:02:35 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2012/06/03 19:02:35 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2012/06/03 19:02:35 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2012/06/03 19:02:35 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2012/06/03 19:02:35 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2012/06/03 19:02:35 | 000,001,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2012/06/03 19:02:35 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2012/06/03 19:02:35 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2012/06/03 19:02:35 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2012/06/03 19:02:35 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2012/06/03 19:02:35 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2012/06/03 19:02:34 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2012/06/03 19:02:34 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2012/06/03 19:02:34 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2012/06/03 19:02:34 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2012/06/03 19:02:34 | 000,085,852 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2012/06/03 19:02:34 | 000,066,174 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2012/06/03 19:02:34 | 000,036,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2012/06/03 19:02:34 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2012/06/03 19:02:34 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2012/06/03 19:02:34 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2012/06/03 19:02:34 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2012/06/03 19:02:34 | 000,001,488 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2012/06/03 19:02:34 | 000,001,481 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2012/06/03 19:02:34 | 000,001,481 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2012/06/03 19:02:34 | 000,001,453 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2012/06/03 19:02:34 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2012/06/03 19:02:34 | 000,001,251 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2012/06/03 19:02:34 | 000,001,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2012/06/03 19:02:34 | 000,001,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2012/06/03 19:02:34 | 000,001,038 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2012/06/03 19:02:34 | 000,000,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2012/06/03 19:02:34 | 000,000,812 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2012/06/03 19:02:34 | 000,000,785 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2012/06/03 19:02:34 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2012/06/03 19:02:34 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2012/06/03 19:02:34 | 000,000,736 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2012/06/03 19:02:34 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2012/06/03 19:02:33 | 000,184,132 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2012/06/03 19:02:33 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2012/06/03 19:02:33 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2012/06/03 19:02:33 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2012/06/03 19:02:33 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2012/06/03 19:02:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2012/06/03 19:02:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2012/06/03 19:02:33 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2012/06/03 19:02:33 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2012/06/03 19:02:33 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2012/06/03 18:59:05 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2012/06/03 18:59:04 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012/06/03 18:59:03 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012/06/03 17:19:51 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menú Inicio\Programas\TuneUp Utilities 2012.lnk
[2012/06/03 17:19:51 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\TuneUp 1-Click Maintenance.lnk
[2012/06/03 17:19:51 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\TuneUp Utilities 2012.lnk
[2012/06/01 17:56:37 | 000,004,792 | ---- | C] () -- C:\Documents and Settings\Casita\.recently-used.xbel
[2012/06/01 17:56:14 | 000,062,979 | ---- | C] () -- C:\Documents and Settings\Casita\Mis documentos\puerta.png
[2012/05/28 21:39:48 | 000,136,005 | ---- | C] () -- C:\Documents and Settings\Casita\Mis documentos\ventana 4.png
[2012/05/28 21:35:27 | 000,149,135 | ---- | C] () -- C:\Documents and Settings\Casita\Mis documentos\ventana 4.svg
[2012/05/28 20:31:50 | 000,211,874 | ---- | C] () -- C:\Documents and Settings\Casita\Mis documentos\ventana 3.svg
[2012/05/28 17:14:52 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menú Inicio\Programas\Mozilla Firefox.lnk
[2012/05/28 17:14:52 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\Mozilla Firefox.lnk
[2012/05/28 16:52:01 | 000,145,984 | ---- | C] () -- C:\Documents and Settings\Casita\Mis documentos\ventana 2.svg
[2012/05/27 21:55:47 | 000,032,303 | ---- | C] () -- C:\Documents and Settings\Casita\Mis documentos\ventana.svg
[2012/05/27 19:58:03 | 000,020,083 | ---- | C] () -- C:\Documents and Settings\Casita\Mis documentos\arcos 2.svg
[2012/05/27 18:33:31 | 000,020,107 | ---- | C] () -- C:\Documents and Settings\Casita\Mis documentos\arcos.svg
[2012/05/27 17:44:47 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menú Inicio\Programas\Inkscape.lnk
[2012/05/27 17:44:43 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\Inkscape.lnk
[2012/05/22 21:14:48 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\Casita\default.pls
[2012/05/21 15:42:22 | 000,022,107 | ---- | C] () -- C:\Documents and Settings\Casita\Escritorio\avptool_sysinfo02.zip
[2012/05/21 04:34:13 | 000,021,989 | ---- | C] () -- C:\Documents and Settings\Casita\Escritorio\avptool_sysinfo.zip
[2012/05/19 14:25:10 | 136,117,536 | ---- | C] () -- C:\Documents and Settings\Casita\Escritorio\AVPTool - setup_11.0.0.1245.x01_2012_05_19_21_09.exe
[2012/05/17 19:48:10 | 000,000,838 | ---- | C] () -- C:\Documents and Settings\Casita\Menú Inicio\Programas\Internet Explorer.lnk
[2012/05/13 19:40:14 | 000,000,913 | ---- | C] () -- C:\Documents and Settings\Casita\Menú Inicio\Programas\Inicio\OpenOffice.org 3.1.lnk
[2012/05/13 19:38:30 | 000,000,913 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\OpenOffice.org 3.1.lnk
[2012/05/13 16:32:04 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\Malwarebytes Anti-Malware.lnk
[2012/05/11 21:55:33 | 000,000,413 | ---- | C] () -- C:\Boot.bak
[2012/05/11 21:55:31 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/05/11 21:51:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/05/11 21:51:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/05/11 21:51:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/05/11 21:51:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/05/11 21:51:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/05/10 19:55:01 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Escritorio\µTorrent.lnk
[2012/05/08 21:58:42 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Casita\Escritorio\MBR.dat
[2012/05/07 03:42:26 | 001,413,120 | ---- | C] () -- C:\Documents and Settings\Casita\Escritorio\RogueKiller.exe
[2012/04/29 04:45:13 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\.zreglib
[2012/04/02 10:02:59 | 000,015,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\ScFBPNT2.sys
[2012/04/02 09:22:33 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/04/02 08:40:08 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012/04/02 08:40:03 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\Casita\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/02 08:30:55 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2012/04/02 08:10:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012/04/02 07:56:11 | 000,019,824 | ---- | C] () -- C:\WINDOWS\HPHins02.dat
[2012/04/02 07:56:11 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat
[2012/04/02 07:55:56 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\hphped05.exe
[2012/04/02 07:55:50 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2012/04/02 07:30:17 | 000,000,269 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2012/04/02 07:25:55 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2012/04/02 07:25:52 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2012/04/02 07:25:52 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/04/02 07:16:49 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/04/02 07:11:45 | 000,021,900 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/04/02 06:55:43 | 000,293,992 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/04/02 06:55:43 | 000,293,992 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/04/02 06:55:43 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/04/02 06:55:22 | 002,784,050 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/04/01 23:52:05 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/04/01 23:50:46 | 001,579,040 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== LOP Check ==========

[2010/08/24 00:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\2monkeys
[2009/11/24 01:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Ableton
[2010/02/25 01:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Aegisub
[2011/12/13 00:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Alawar Stargaze
[2011/02/01 04:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Alien Skin
[2012/01/09 04:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Amaranth Games
[2010/08/22 22:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Anarchy
[2009/10/19 17:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Anvil Studio
[2011/03/27 18:33:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Artogon
[2010/12/11 23:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Aveyond 3
[2010/11/20 18:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Aveyond I
[2011/11/12 18:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Beep Industries
[2011/12/07 23:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Big Fish Games
[2009/07/02 01:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\BloodTies
[2011/12/05 21:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Blue Tea Games
[2011/11/05 02:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Boomzap
[2011/11/01 00:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\BULKYPIX
[2011/08/26 03:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\calibre
[2011/12/07 22:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\CardBoard Castle
[2011/09/06 00:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Casual Box
[2011/09/08 01:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\casualArts
[2011/07/29 00:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Colibri Games
[2011/07/20 23:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\combustion2008
[2008/09/07 13:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\COWON
[2011/03/20 18:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\DarkParablesBriarRose_BFG
[2011/03/29 00:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Dying for Daylight
[2011/03/27 20:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Dying for Daylight Shared
[2011/05/16 00:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Elephant Games
[2011/11/10 22:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Enki Games
[2011/03/29 23:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Enlightenus
[2011/03/30 19:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Enlightenus2_BFG
[2010/09/17 18:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\ERS G-Studio
[2011/10/17 21:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\ERS Game Studios
[2011/04/03 11:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\FileZilla
[2011/01/18 01:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Flood Light Games
[2011/01/20 20:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Floodlight Games
[2009/12/24 17:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\FreeFLVConverter
[2010/09/23 16:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Freeze Tag
[2011/11/01 22:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Funzai!
[2010/12/12 16:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\GameMill Entertainment
[2010/09/19 21:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Ghost Ship Studios
[2011/09/22 21:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\GO Games
[2011/04/22 23:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\HdO Adventure
[2012/01/19 06:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Hue Forest Entertainment
[2009/09/10 18:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\ImgBurn
[2009/12/06 04:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\inkscape
[2011/09/11 03:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\IOMediaSupport6SZZ001s
[2010/09/19 23:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Lazy Turtle Games
[2010/03/05 21:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Leadertech
[2011/04/28 17:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\LG Electronics
[2010/05/17 00:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\LucasArts
[2011/12/26 21:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\MagicIndie
[2011/04/27 22:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\margrave3_full
[2010/10/04 18:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\MastersOfMystery2
[2010/08/30 00:32:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Meridian93
[2010/08/18 19:11:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\MysteryStudio
[2009/02/10 18:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Nokia
[2009/12/03 23:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\OpenOffice.org
[2011/01/16 21:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Phantasmat_bf_ce1
[2011/08/18 14:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\PlayFirst
[2010/09/27 02:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Playrix Entertainment
[2012/03/07 04:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\PriceGong
[2011/08/14 22:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\ProtectDISC
[2011/03/05 22:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Relentless Software
[2011/04/19 17:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Samsung
[2010/09/19 01:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Settlement. Colossus
[2011/07/20 23:17:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Sony
[2011/09/11 03:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Spinapse
[2011/01/20 22:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\SpinTop Games
[2011/08/18 22:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\SulusGames
[2011/09/11 03:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Suspects and Clues Players
[2011/09/11 03:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Suspects and Clues Prefs
[2010/09/19 23:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Ten Heavens
[2010/09/27 02:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\TheFixerUpper
[2010/01/07 02:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Thinstall
[2012/03/07 19:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\uTorrent
[2010/09/16 22:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\V-Games
[2011/09/17 16:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Vast Studios
[2010/12/24 20:29:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Virtual Prophecy
[2011/11/06 19:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Vogat Interactive
[2012/01/05 22:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Vso
[2011/02/14 21:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Xoyb
[2010/07/05 01:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Yatec Games
[2011/02/14 23:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\Ykry
[2010/09/30 18:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.NEGRITA\Datos de programa\YoudaGames
[2012/04/10 11:09:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\AVAST Software
[2012/05/14 20:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\Azureus
[2012/05/05 01:22:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\Common Files
[2012/04/29 04:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\SlySoft
[2012/05/05 01:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\TuneUp Software
[2012/05/05 01:22:18 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Datos de programa\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/03/10 00:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aqui\Datos de programa\calibre
[2012/03/09 23:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aqui\Datos de programa\COWON
[2012/04/02 04:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aqui\Datos de programa\uTorrent
[2012/05/03 23:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Casita\Datos de programa\Alien Skin
[2012/05/14 21:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Casita\Datos de programa\Azureus
[2012/04/24 03:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Casita\Datos de programa\calibre
[2012/05/21 18:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Casita\Datos de programa\COWON
[2012/05/27 17:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Casita\Datos de programa\inkscape
[2012/05/13 19:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Casita\Datos de programa\OpenOffice.org
[2012/05/05 03:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Casita\Datos de programa\TuneUp Software
[2012/06/03 19:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Casita\Datos de programa\uTorrent
[2012/05/08 01:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser.NEGRITA\Datos de programa\TuneUp Software

========== Purity Check ==========



< End of report >



So uTorrent is the problem, right?
  • 0

#37
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yep, MBAM does not like the torrent sites

So you either need to stop the MBAM protection an rely on Avast, or uninstall and cease using torrent

How is the computer behaving otherwise
  • 0

#38
byayoi

byayoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
It's fine. A little bit faster, I think. It's behaving quite well. I wasn't expecting the installation to be so painless.
No blue screens of death, no un-working internet, everything it's good, at least at the moment.

I think I'll stop using Malwarebytes and rely entirely on avast. At least until I can stop seeding all the torrents that I downloaded last month :happy:

So what's next? :happy:
  • 0

#39
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix

  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled


Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#40
byayoi

byayoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Thank you! :happy:
I have updated Java and downloaded the filehippo update checker.
And the computer seems OK, at least until today.
So I'd like to thank you for all your help and patience, and for all the time you spent thinking in those bizarre pop-ups. I really appreciate all your effort.
I suppose this is good-bye. I'll try hard to stay clean and safe, and I hope Windows XP SP 3 behaves at least for a month or so. ;)

Bye!
  • 0

Advertisements


#41
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP