Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

(SOLVED) memory leaks, memory errors, insufficient resources

Started by Dixel , Jul 03 2012 02:07 PM

  • Please log in to reply

#1
Dixel
Posted 03 July 2012 - 02:07 PM

Dixel

    New Member

  • Member
  • Pip
  • 1 posts
SOLVED:
it was avast fault...
http://forum.avast.c...?topic=100359.0
http://forum.avast.c...?topic=100608.0
there is a memory leak in build 1442, update to 1456 ASAP...
(5 days trying to fix this and the one doing it was the one supposed to be protecting me =\ makes you ponder... cheers)


this all started last friday 29 of june, i was watching a video and the computer started acting like there was no more RAM available, i checked the task manager and had a surplus of 1,5gbs of free RAM plus a lot of virtual memory....
i started closing programs and the system restored for a while, before stating again that i was out of memory....
this occurrance happened to me as fast as just rebooting and as long as 7-8 hours of having the computer on...

as smart as i was, since this computer was malfunctioning, i decided to shut it down and use the OTHER computer to see videos -.-... im so freaking SMRT... so smart that this other computer started exhibiting the exact same symptoms as the first one... good news is i realized it wasnt a hardware malfunction or otherwise software related, bad news is now i have 2 malfunctioning computers that randomly run out of memory.

after 3 days of tracking memory leaks, memory corruptions, and everything else memory related, (i even tracked desktop heap, to no avail) i came across flash urgent update that fixed issues regarding attacks that could be made:

Description

According to its version, the instance of Flash Player installed on
the remote Windows host is 10.x equal to or earlier than 10.3.183.19
or 11.x equal to or earlier than 11.3.300.256. It is, therefore,
potentially affected by multiple vulnerabilities :

– Multiple memory corruption vulnerabilities exist that
could lead to code execution. (CVE-2012-2034,
CVE-2012-2037)

– A stack overflow vulnerability exists that could lead to
code execution. (CVE-2012-2035)

– An integer overflow vulnerability exists that could lead
to code execution. (CVE-2012-2036)

– A security bypass vulnerability exists that could lead
to information disclosure. (CVE-2012-2038)

– A null dereference vulnerability exists that could lead
to code execution. (CVE-2012-2039)

– A binary planting vulnerability exists in the Flash
Player installer that could lead to code execution.
(CVE-2012-2040)

i came across this becuz both computers had flash players uninstalled both for IE and firefox... i then restored my computer to a restore point from 2 months ago and installed the latest flash player, that supposely fixed this (?)... then left the computers overnight... the next day i had memory issues again.... it's really random as i said, it can happen 10 mins from boot or hours after... but once it starts, it gets progressivelly worse untill you have no choise but to restart.... some programs even get corrupted files... like emule... i have to hash ALL my shared files from scratch cuz the "known.met" file gets corrupted...
and if i have VB6 open at the time, some of the controls sometimes get giberish inside and get restored by VB6 next time i open the proyect after restarting....

btw, i noticed by quickly searching the forums, that this thread: http://www.geekstogo...s-disappearing/ might have the same issue as me.

here's the OTL log, and the extras log, from the first computer that got infected, if u need the log from the second computer, let me know...

thanks in advance...


edit: btw, im now checking ports, to see if im getting attacked when the system starts 'magically' running out of memory... (both RAM and desktop heap are never even close to 50% used)

edit2: i forgot to mention i have scanned the systems over 10 times now, with different malware software removal tools, including, spybot search & destroy, avast, Malwarebytes Anti-Malware, ccleaner... i also ran windows Malicious Software Removal Tool... ive just ran out of ideas... thats why im posting this... hope someone can help....

edit3: issues that arise when this weird behavior starts include messages as "insufficient resources to open aplication", "missing files", start->programs->accessories is empty, trying to start any program will give an error either with missing files or not enough resources, icons on desktop fade out and become invisible, bars/menus and any other form of GUI, loses color, text in buttons, etc; text inside a notepad or browser becomes invisible and sometimes fades out and in again.

ALL this is magically fixed upon restarting the CPU, and will occur again at an unspecified time interval, even if i dont open anything, and just leave the computer on (i've checked the task manager for things that shouldnt be there and couldnt find anything).

im not able to reproduce this erratic behavior while being in safe mode.

i once checked the RAM while the error was occurring using memtest, memtest took all the free RAM (about 2gbs) and couldnt find any errors on it... after closing memtest, i couldnt open it again, saying i had "insufficient resources", though i had just freed up all the ram it was testing.... i believe this test to be of hardware nature though...
if memory was corrupted, it would still show as free, right?

edit4: i believe the site i was watching videos in, was http://www.uploadc.com, not sure if i could get another computer infected though, and im sure as heck not trying...
it's the only thing that i did the same with both computers; and it's the last thing i did in both of them before this issue started in each machine.

edit5: i have included aswMBR log and FSS log at the end of this same post.
aswMBR log showed this two lines in RED:
20:08:43.984 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8a4851e8]<<
20:08:44.000 \Driver\nvgts[0x8a40d3d8] -> IRP_MJ_CREATE -> 0x8a4851e8


edit6: the guy at the other post (http://www.geekstogo...s-disappearing/) suggests its avast fault, i just updated avast (a new update came in) in both computers and have yet to suffer another breakdown....

OTL logfile created on: 03/07/2012 17:38:25 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = H:\Utilities
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 62,95% Memory free
4,84 Gb Paging File | 3,77 Gb Available in Paging File | 77,98% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Archivos de programa
Drive H: | 48,83 Gb Total Space | 11,48 Gb Free Space | 23,52% Space Free | Partition Type: NTFS
Drive I: | 882,68 Gb Total Space | 569,97 Gb Free Space | 64,57% Space Free | Partition Type: NTFS

Computer Name: DIXEL-QUADCORE | User Name: Dixel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - H:\Utilities\OTL.exe (OldTimer Tools)
PRC - H:\Archivos de programa\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - H:\Utilities\Avast\AvastSvc.exe (AVAST Software)
PRC - H:\Utilities\Avast\AvastUI.exe (AVAST Software)
PRC - H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - H:\Utilities\cports\cports.exe (NirSoft)
PRC - H:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - H:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - H:\Utilities\TortoiseSVN\bin\TSVNCache.exe (http://tortoisesvn.net)
PRC - H:\Utilities\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - H:\Utilities\BOINC\boincmgr.exe (World Community Grid)
PRC - H:\Utilities\BOINC\boinctray.exe (Space Sciences Laboratory)
PRC - H:\Utilities\BOINC\boinc.exe (World Community Grid)
PRC - H:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - H:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - H:\Utilities\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - H:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - H:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - H:\Utilities\Avast\defs\12070300\algo.dll ()
MOD - H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\Application\20.0.1132.47\ppgooglenaclpluginchrome.dll ()
MOD - H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\Application\20.0.1132.47\pdf.dll ()
MOD - H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\Application\20.0.1132.47\libglesv2.dll ()
MOD - H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\Application\20.0.1132.47\libegl.dll ()
MOD - H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\Application\20.0.1132.47\avutil-51.dll ()
MOD - H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\Application\20.0.1132.47\avformat-54.dll ()
MOD - H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll ()
MOD - H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\Application\20.0.1132.47\gcswf32.dll ()
MOD - H:\Utilities\BOINC\zlib1.dll ()
MOD - H:\WINDOWS\system32\msdmo.dll ()
MOD - H:\Utilities\WinRAR\RarExt.dll ()
MOD - H:\Utilities\WS_FTP Pro\Res040a.dll ()
MOD - H:\Utilities\WS_FTP Pro\nsftpch.dll ()
MOD - H:\Utilities\WS_FTP Pro\wsfirscr.dll ()
MOD - H:\Utilities\WS_FTP Pro\wsftplib.dll ()
MOD - H:\Utilities\WS_FTP Pro\wshosts.dll ()
MOD - H:\Utilities\WS_FTP Pro\libeay32.dll ()
MOD - H:\Utilities\WS_FTP Pro\ssleay32.dll ()


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- H:\Archivos de programa\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (avast! Antivirus) -- H:\Utilities\Avast\AvastSvc.exe (AVAST Software)
SRV - (MozillaMaintenance) -- H:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (odserv) -- H:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (BBSvc) -- H:\Archivos de programa\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- H:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- H:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (nmservice) -- H:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (ose) -- H:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (PciCon) -- D:\PciCon.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (EagleXNt) -- H:\WINDOWS\system32\drivers\EagleXNt.sys File not found
DRV - (Changer) -- File not found
DRV - (ae9gb75m) -- File not found
DRV - (aswSP) -- H:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- H:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSnx) -- H:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswMon2) -- H:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- H:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- H:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- H:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (atksgt) -- H:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- H:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (ati2mtag) -- H:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (sptd) -- H:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (AtiHDAudioService) -- H:\WINDOWS\system32\drivers\AtihdXP3.sys (ATI Technologies, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- H:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Monfilt) -- H:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- H:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (nvgts) -- H:\WINDOWS\system32\drivers\nvgts.sys (NVIDIA Corporation)
DRV - (BIOS) -- H:\WINDOWS\system32\drivers\BIOS.sys (BIOSTAR Group)
DRV - (purendis) -- H:\WINDOWS\system32\drivers\purendis.sys (Cisco Systems, Inc.)
DRV - (pnarp) -- H:\WINDOWS\system32\drivers\pnarp.sys (Cisco Systems, Inc.)
DRV - (WUSB54GCv3) -- H:\WINDOWS\system32\drivers\WUSB54GCv3.sys (Ralink Technology, Corp.)
DRV - (nvnetbus) -- H:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- H:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdPPM) -- H:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (DHEAPDMP) -- H:\WINDOWS\system32\drivers\dheapdmp.sys (Microsoft Corporation)
DRV - (OVT511Plus) -- H:\WINDOWS\system32\drivers\omcamvid.sys (OmniVision Technologies, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 510403078
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = SOCKS=174.57.28.73:1752

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: H:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: H:\Archivos de programa\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: H:\Archivos de programa\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: H:\Documents and Settings\All Users\Datos de programa\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: H:\Documents and Settings\All Users\Datos de programa\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: H:\Archivos de programa\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: H:\Utilities\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Utilities\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: H:\Archivos de programa\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: H:\Utilities\Avast\WebRep\FF [2012/06/28 16:06:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: H:\Utilities\Mozilla Firefox\components [2012/06/18 21:20:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: H:\Utilities\Mozilla Firefox\plugins

[2011/05/16 22:00:54 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Dixel\Datos de programa\Mozilla\Extensions
[2012/06/18 21:20:56 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Dixel\Datos de programa\Mozilla\Firefox\Profiles\1c07njvj.default\extensions
[2012/05/18 21:05:38 | 000,000,000 | ---D | M] (Greasemonkey) -- H:\Documents and Settings\Dixel\Datos de programa\Mozilla\Firefox\Profiles\1c07njvj.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/12/02 03:57:21 | 000,000,000 | ---D | M] (Greasemonkey) -- H:\Documents and Settings\Dixel\Datos de programa\Mozilla\Firefox\Profiles\1c07njvj.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}(2)
[2011/05/16 22:07:22 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- H:\Documents and Settings\Dixel\Datos de programa\Mozilla\Firefox\Profiles\1c07njvj.default\extensions\[email protected]
[2011/05/16 22:07:20 | 000,002,055 | ---- | M] () -- H:\Documents and Settings\Dixel\Datos de programa\Mozilla\Firefox\Profiles\1c07njvj.default\searchplugins\daemon-search.xml
[2012/06/18 21:20:56 | 000,080,872 | ---- | M] () (No name found) -- H:\DOCUMENTS AND SETTINGS\DIXEL\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\1C07NJVJ.DEFAULT\EXTENSIONS\{9C51BD27-6ED8-4000-A2BF-36CB95C0C947}.XPI
[2011/07/19 19:39:06 | 000,007,849 | ---- | M] () (No name found) -- H:\DOCUMENTS AND SETTINGS\DIXEL\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\1C07NJVJ.DEFAULT\EXTENSIONS\{A3A5C777-F583-4FEF-9380-AB4ADD1BC2A8}.XPI
[2012/05/18 18:16:56 | 000,015,611 | ---- | M] () (No name found) -- H:\DOCUMENTS AND SETTINGS\DIXEL\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\1C07NJVJ.DEFAULT\EXTENSIONS\[email protected]
[2012/05/18 18:16:57 | 001,335,949 | ---- | M] () (No name found) -- H:\DOCUMENTS AND SETTINGS\DIXEL\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\1C07NJVJ.DEFAULT\EXTENSIONS\[email protected]
[2012/06/28 16:06:20 | 000,000,000 | ---D | M] (avast! WebRep) -- H:\UTILITIES\AVAST\WEBREP\FF
[2012/07/03 04:54:36 | 000,000,000 | ---D | M] (Java Console) -- H:\UTILITIES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2011/05/17 19:57:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- H:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = H:\Documents and Settings\Dixel\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = H:\Documents and Settings\Dixel\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = H:\Documents and Settings\Dixel\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = H:\Documents and Settings\Dixel\Configuraci\u00F3n local\Datos de programa\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = H:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = H:\Archivos de programa\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = H:\Archivos de programa\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = H:\Archivos de programa\Windows Media Player\npdsplay.dll
CHR - plugin: Adobe Acrobat (Disabled) = H:\Utilities\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = H:\Utilities\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = H:\Utilities\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = H:\Archivos de programa\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = H:\Archivos de programa\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Nexon Game Controller (Enabled) = H:\Documents and Settings\All Users\Datos de programa\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Nexon Game Controller (Enabled) = H:\Documents and Settings\All Users\Datos de programa\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Google Update (Enabled) = H:\Documents and Settings\Dixel\Configuraci\u00F3n local\Datos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = H:\Documents and Settings\Dixel\Configuraci\u00F3n local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = H:\Utilities\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Translate = H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.3.1_0\
CHR - Extension: YouTube = H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1451_0\
CHR - Extension: Gmail = H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/06/30 13:23:37 | 000,442,988 | R--- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15221 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - H:\Utilities\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (WsftpBrowserHelper Class) - {601ED020-FB6C-11D3-87D8-0050DA59922B} - H:\Utilities\WS_FTP Pro\wsbho2k0.dll (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Utilities\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - H:\Archivos de programa\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - H:\Archivos de programa\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - H:\Archivos de programa\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Utilities\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - H:\Archivos de programa\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [avast] H:\Utilities\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [boincmgr] H:\Utilities\BOINC\boincmgr.exe (World Community Grid)
O4 - HKLM..\Run: [boinctray] H:\Utilities\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [googletalk] H:\Archivos de programa\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] H:\Utilities\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [SpybotSD TeaTimer] H:\Utilities\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\Utilities\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\mswsock.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CE7579B-95FC-4C25-B75F-91A1BC973854}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - H:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - H:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - H:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a254f40a-7e18-11e0-93cd-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{a254f40a-7e18-11e0-93cd-806d6172696f}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/03 13:15:13 | 000,000,000 | ---D | C] -- H:\WINDOWS\System32\kktools
[2012/07/03 06:23:54 | 000,000,000 | RH-D | C] -- H:\Documents and Settings\Dixel\Reciente
[2012/07/03 05:34:59 | 000,000,000 | ---D | C] -- H:\Archivos de programa\Oracle
[2012/06/30 13:17:43 | 000,000,000 | RH-D | C] -- H:\Documents and Settings\Dixel\Recent
[2012/06/30 00:40:18 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Dixel\Datos de programa\Malwarebytes
[2012/06/30 00:40:12 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes' Anti-Malware
[2012/06/30 00:40:12 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Datos de programa\Malwarebytes
[2012/06/30 00:40:11 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- H:\WINDOWS\System32\drivers\mbam.sys
[2012/06/29 14:18:50 | 000,000,000 | -HSD | C] -- H:\Config.Msi
[2012/06/22 16:09:26 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\Cygwin
[2012/06/19 02:48:29 | 000,000,000 | ---D | C] -- H:\WINDOWS\symbols
[2012/06/19 02:48:25 | 000,000,000 | ---D | C] -- H:\Archivos de programa\Archivos comunes\Merge Modules
[2012/06/18 19:36:43 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Dixel\.android
[2012/06/17 22:50:47 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Dixel\Datos de programa\SQLyog
[2012/06/17 22:50:41 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\SQLyog Community
[2012/06/15 18:30:22 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Dixel\Datos de programa\Skype
[2012/06/15 18:30:03 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\Skype
[2012/06/15 18:30:03 | 000,000,000 | ---D | C] -- H:\Archivos de programa\Archivos comunes\Skype
[2012/06/15 18:29:58 | 000,000,000 | R--D | C] -- H:\Archivos de programa\Skype
[2012/06/15 18:29:46 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Datos de programa\Skype
[2012/06/15 14:33:01 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Dixel\Datos de programa\Fatshark
[2012/06/14 19:34:12 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Dixel\Mis documentos\StampsCollectibles
[2012/06/14 17:34:42 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\System.Data.SQLite
[2012/06/14 17:26:51 | 000,000,000 | ---D | C] -- H:\Archivos de programa\Microsoft SQL Server
[2012/06/14 17:26:17 | 000,000,000 | ---D | C] -- H:\Archivos de programa\Microsoft Synchronization Services
[2012/06/14 17:26:15 | 000,000,000 | ---D | C] -- H:\Archivos de programa\Microsoft SQL Server Compact Edition
[2012/06/14 17:25:39 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Dixel\Mis documentos\Visual Studio 2010
[2012/06/14 17:25:30 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\Microsoft Visual Studio 2010 Express
[2012/06/14 17:24:10 | 000,000,000 | ---D | C] -- H:\Archivos de programa\Microsoft SDKs
[2012/06/14 17:24:10 | 000,000,000 | ---D | C] -- H:\Archivos de programa\Microsoft Help Viewer
[2012/06/14 17:21:09 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Documentos\microsoft
[2012/06/14 16:09:09 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\Diablo.III.Collectors.Edition
[2012/06/10 04:10:30 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Dixel\Configuración local\Datos de programa\Camel 101
[2012/06/10 00:18:13 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\Iceberg Interactive
[2012/06/08 14:38:45 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\Hooligans
[2012/06/07 19:26:33 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\VBReFormer
[2012/06/07 19:12:46 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Dixel\oni
[2012/06/07 18:58:33 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menú Inicio\Programas\CosmicBreak_eng
[3 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]
[1 H:\Documents and Settings\Dixel\Escritorio\*.tmp files -> H:\Documents and Settings\Dixel\Escritorio\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/03 17:39:00 | 000,001,192 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-1078145449-725345543-1003UA.job
[2012/07/03 16:48:15 | 000,000,838 | ---- | M] () -- H:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/03 15:52:26 | 000,000,278 | -H-- | M] () -- H:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/03 15:52:26 | 000,000,260 | ---- | M] () -- H:\WINDOWS\tasks\WGASetup.job
[2012/07/03 15:52:23 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2012/07/03 15:52:22 | 3220,557,824 | -HS- | M] () -- H:\hiberfil.sys
[2012/07/03 06:10:43 | 000,002,338 | ---- | M] () -- H:\Documents and Settings\Dixel\Escritorio\Google Chrome.lnk
[2012/07/03 06:07:16 | 000,000,762 | ---- | M] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120703_060714.reg
[2012/07/03 06:06:26 | 000,209,180 | ---- | M] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120703_060619.reg
[2012/07/02 21:57:32 | 000,035,328 | ---- | M] () -- H:\Documents and Settings\Dixel\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/02 14:43:49 | 000,002,206 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2012/06/30 18:39:00 | 000,001,140 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-1078145449-725345543-1003Core.job
[2012/06/30 13:23:37 | 000,442,988 | R--- | M] () -- H:\WINDOWS\System32\drivers\etc\hosts
[2012/06/30 13:22:29 | 000,000,762 | ---- | M] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120630_132228.reg
[2012/06/30 13:22:19 | 000,195,194 | ---- | M] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120630_132211.reg
[2012/06/30 13:08:46 | 000,003,068 | ---- | M] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120630_130843.reg
[2012/06/30 12:32:29 | 000,626,906 | ---- | M] () -- H:\WINDOWS\System32\perfh00A.dat
[2012/06/30 12:32:29 | 000,555,974 | ---- | M] () -- H:\WINDOWS\System32\perfh009.dat
[2012/06/30 12:32:29 | 000,130,720 | ---- | M] () -- H:\WINDOWS\System32\perfc00A.dat
[2012/06/30 12:32:29 | 000,102,888 | ---- | M] () -- H:\WINDOWS\System32\perfc009.dat
[2012/06/30 12:12:31 | 000,000,762 | ---- | M] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120630_121227.reg
[2012/06/30 12:12:14 | 000,196,256 | ---- | M] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120630_121157.reg
[2012/06/30 00:51:38 | 000,442,988 | R--- | M] () -- H:\WINDOWS\System32\drivers\etc\hosts.20120630-132337.backup
[2012/06/30 00:41:38 | 000,000,793 | ---- | M] () -- H:\Documents and Settings\Dixel\Escritorio\SpyBot.lnk
[2012/06/30 00:41:07 | 000,000,686 | ---- | M] () -- H:\Documents and Settings\Dixel\Escritorio\CCleaner.lnk
[2012/06/30 00:40:12 | 000,000,788 | ---- | M] () -- H:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk
[2012/06/29 23:15:35 | 000,002,948 | ---- | M] () -- H:\WINDOWS\System32\CONFIG.NT
[2012/06/29 04:15:44 | 000,294,072 | ---- | M] () -- H:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/28 09:52:42 | 000,353,688 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswSP.sys
[2012/06/28 09:52:42 | 000,054,232 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswTdi.sys
[2012/06/28 09:52:37 | 000,721,000 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswSnx.sys
[2012/06/28 09:52:37 | 000,097,352 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswmon2.sys
[2012/06/28 09:52:37 | 000,089,624 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswmon.sys
[2012/06/28 09:52:37 | 000,035,928 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswRdr.sys
[2012/06/28 09:52:36 | 000,025,256 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aavmker4.sys
[2012/06/28 09:52:36 | 000,021,256 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/06/28 09:52:20 | 000,041,224 | ---- | M] (AVAST Software) -- H:\WINDOWS\avastSS.scr
[2012/06/28 09:51:49 | 000,227,648 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\aswBoot.exe
[2012/06/22 16:09:26 | 000,000,579 | ---- | M] () -- H:\Documents and Settings\All Users\Escritorio\Cygwin Terminal.lnk
[2012/06/18 16:49:04 | 000,002,307 | ---- | M] () -- H:\Documents and Settings\All Users\Escritorio\Skype.lnk
[2012/06/17 22:50:41 | 000,000,777 | ---- | M] () -- H:\Documents and Settings\All Users\Escritorio\SQLyog Community.lnk
[2012/06/14 16:36:12 | 000,000,165 | ---- | M] () -- H:\WINDOWS\System32\spupdsvc.inf
[2012/06/14 16:27:48 | 000,437,759 | ---- | M] () -- H:\WINDOWS\System32\drivers\etc\hosts.20120630-005137.backup
[2012/06/13 02:34:48 | 000,263,415 | ---- | M] () -- H:\Documents and Settings\Dixel\Mis documentos\TP_1c2012.pdf
[2012/06/08 21:10:51 | 000,101,771 | ---- | M] () -- H:\Documents and Settings\Dixel\Mis documentos\Yo_CV.PNG
[3 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]
[1 H:\Documents and Settings\Dixel\Escritorio\*.tmp files -> H:\Documents and Settings\Dixel\Escritorio\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/03 06:07:15 | 000,000,762 | ---- | C] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120703_060714.reg
[2012/07/03 06:06:20 | 000,209,180 | ---- | C] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120703_060619.reg
[2012/07/03 03:04:31 | 000,000,838 | ---- | C] () -- H:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/30 13:22:28 | 000,000,762 | ---- | C] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120630_132228.reg
[2012/06/30 13:22:13 | 000,195,194 | ---- | C] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120630_132211.reg
[2012/06/30 13:08:45 | 000,003,068 | ---- | C] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120630_130843.reg
[2012/06/30 12:12:30 | 000,000,762 | ---- | C] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120630_121227.reg
[2012/06/30 12:12:02 | 000,196,256 | ---- | C] () -- H:\Documents and Settings\Dixel\Mis documentos\cc_20120630_121157.reg
[2012/06/30 00:41:38 | 000,000,793 | ---- | C] () -- H:\Documents and Settings\Dixel\Escritorio\SpyBot.lnk
[2012/06/30 00:41:07 | 000,000,686 | ---- | C] () -- H:\Documents and Settings\Dixel\Escritorio\CCleaner.lnk
[2012/06/30 00:40:12 | 000,000,788 | ---- | C] () -- H:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk
[2012/06/29 23:15:34 | 000,000,278 | -H-- | C] () -- H:\WINDOWS\tasks\avast! Emergency Update.job
[2012/06/29 14:27:21 | 3220,557,824 | -HS- | C] () -- H:\hiberfil.sys
[2012/06/22 16:09:26 | 000,000,579 | ---- | C] () -- H:\Documents and Settings\All Users\Escritorio\Cygwin Terminal.lnk
[2012/06/17 22:50:41 | 000,000,777 | ---- | C] () -- H:\Documents and Settings\All Users\Escritorio\SQLyog Community.lnk
[2012/06/15 18:30:03 | 000,002,307 | ---- | C] () -- H:\Documents and Settings\All Users\Escritorio\Skype.lnk
[2012/06/14 16:36:12 | 000,000,165 | ---- | C] () -- H:\WINDOWS\System32\spupdsvc.inf
[2012/06/13 02:34:46 | 000,263,415 | ---- | C] () -- H:\Documents and Settings\Dixel\Mis documentos\TP_1c2012.pdf
[2012/06/10 00:18:14 | 000,000,427 | ---- | C] () -- H:\Documents and Settings\All Users\Menú Inicio\Programas\Gemini Wars.lnk
[2012/06/08 21:10:51 | 000,101,771 | ---- | C] () -- H:\Documents and Settings\Dixel\Mis documentos\Yo_CV.PNG
[2012/06/08 14:39:28 | 000,000,232 | ---- | C] () -- H:\WINDOWS\XIIIHooligans.ini
[2012/06/07 19:26:33 | 000,295,514 | ---- | C] () -- H:\WINDOWS\System32\VB6.OLB
[2012/05/28 19:46:17 | 000,000,134 | ---- | C] () -- H:\Documents and Settings\Dixel\Configuración local\Datos de programa\fusioncache.dat
[2012/05/22 01:05:42 | 000,176,352 | ---- | C] () -- H:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat
[2012/05/21 15:07:23 | 000,000,036 | ---- | C] () -- H:\WINDOWS\Tiny_Run.ini
[2012/05/14 16:41:50 | 000,354,816 | ---- | C] () -- H:\WINDOWS\System32\psisdecd.dll
[2012/04/20 01:14:11 | 000,165,376 | ---- | C] () -- H:\WINDOWS\System32\drivers\atksgt.sys
[2012/04/20 01:14:05 | 000,018,048 | ---- | C] () -- H:\WINDOWS\System32\drivers\lirsgt.sys
[2012/04/13 19:32:57 | 000,021,840 | ---- | C] () -- H:\WINDOWS\System32\SIntfNT.dll
[2012/04/13 19:32:57 | 000,017,212 | ---- | C] () -- H:\WINDOWS\System32\SIntf32.dll
[2012/04/13 19:32:57 | 000,012,067 | ---- | C] () -- H:\WINDOWS\System32\SIntf16.dll
[2012/04/13 17:13:14 | 000,000,287 | ---- | C] () -- H:\WINDOWS\SIERRA.INI
[2012/04/05 08:18:40 | 000,010,240 | ---- | C] () -- H:\WINDOWS\System32\vidx16.dll
[2012/02/14 20:10:25 | 000,003,072 | ---- | C] () -- H:\WINDOWS\System32\iacenc.dll
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- H:\WINDOWS\System32\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- H:\WINDOWS\System32\OVDecode.dll
[2011/10/22 16:34:59 | 000,000,754 | ---- | C] () -- H:\WINDOWS\WORDPAD.INI
[2011/09/06 03:21:36 | 000,035,328 | ---- | C] () -- H:\Documents and Settings\Dixel\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/30 14:27:17 | 000,053,248 | ---- | C] () -- H:\WINDOWS\System32\FTPStubInstUtils.dll
[2011/08/14 00:13:40 | 000,004,096 | ---- | C] () -- H:\WINDOWS\d3dx.dat
[2011/07/27 18:38:33 | 000,015,312 | R--- | C] () -- H:\WINDOWS\System32\RaCoInst.dat
[2011/07/18 15:06:37 | 000,000,012 | ---- | C] () -- H:\Documents and Settings\All Users\Datos de programa\ReminderNextRun
[2011/05/31 03:39:50 | 000,058,368 | ---- | C] () -- H:\WINDOWS\System32\bdmpegv.dll
[2011/05/31 03:38:18 | 000,015,360 | ---- | C] () -- H:\WINDOWS\System32\bdmjpeg.dll
[2011/05/27 11:20:41 | 000,000,290 | ---- | C] () -- H:\WINDOWS\ODBC.INI
[2011/05/16 22:00:50 | 000,000,000 | ---- | C] () -- H:\WINDOWS\nsreg.dat
[2011/05/16 15:03:33 | 000,000,000 | ---- | C] () -- H:\WINDOWS\ativpsrm.bin
[2011/05/16 15:03:25 | 000,887,724 | ---- | C] () -- H:\WINDOWS\System32\ativva6x.dat
[2011/05/16 15:03:25 | 000,243,168 | ---- | C] () -- H:\WINDOWS\System32\atiicdxx.dat
[2011/05/16 15:03:25 | 000,000,003 | ---- | C] () -- H:\WINDOWS\System32\ativva5x.dat
[2011/05/16 14:42:14 | 000,004,984 | ---- | C] () -- H:\WINDOWS\System32\drivers\nvphy.bin
[2011/05/14 07:10:29 | 000,004,205 | ---- | C] () -- H:\WINDOWS\ODBCINST.INI
[2011/05/14 07:09:35 | 000,294,072 | ---- | C] () -- H:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/14 01:26:51 | 000,002,048 | --S- | C] () -- H:\WINDOWS\bootstat.dat
[2011/05/14 01:23:14 | 000,021,900 | ---- | C] () -- H:\WINDOWS\System32\emptyregdb.dat
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- H:\WINDOWS\System32\xlive.dll.cat

========== LOP Check ==========

[2011/08/21 17:27:43 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\AVAST Software
[2012/05/30 01:47:26 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\Battle.net
[2011/05/16 15:28:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\DAEMON Tools Lite
[2012/05/30 14:26:30 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\Firefly Studios
[2012/05/14 16:37:12 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\Lionhead Studios
[2012/05/29 15:03:21 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\LucasArts
[2012/03/06 23:39:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\Nexon
[2012/03/07 02:54:18 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\NexonEU
[2012/03/06 23:39:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\NexonUS
[2012/06/30 00:30:20 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\PMB Files
[2012/05/08 03:28:36 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\regid.1986-12.com.adobe
[2012/05/22 00:34:04 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\RELOADED
[2012/05/30 14:55:32 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\SPC
[2012/05/24 21:48:43 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Datos de programa\The Humans
[2011/06/11 12:29:22 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\.minecraft
[2011/09/27 21:23:54 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\AtomZombieData
[2012/04/06 21:50:39 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\BoneCraft-KaOs
[2012/05/21 15:10:26 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Carbon
[2011/05/16 22:34:32 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\DAEMON Tools Lite
[2011/11/24 15:31:36 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Dropbox
[2011/12/18 20:31:50 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Dwarfs
[2012/06/15 14:33:01 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Fatshark
[2012/05/30 14:34:00 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Firefly Studios
[2012/05/21 18:07:07 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Kalypso Media
[2012/05/14 20:03:55 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Lionhead Studios
[2011/05/19 19:08:03 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\LolClient
[2012/05/24 13:42:38 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\LolClient2
[2012/05/06 18:32:51 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\LS
[2011/10/12 20:09:37 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\MinerWars
[2012/02/02 13:11:20 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\OpenOffice.org
[2012/05/25 16:37:05 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Oracle
[2012/06/01 14:03:05 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\ProxyCap
[2012/06/17 23:26:36 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\SQLyog
[2012/05/21 17:41:33 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Squids
[2012/05/16 19:03:56 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Subversion
[2012/03/08 18:14:34 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\The Mirror Lied
[2012/05/24 22:15:33 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Ubisoft
[2011/08/14 18:13:38 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\UFOAI
[2011/10/24 22:01:25 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Unity
[2011/11/05 05:04:55 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Dixel\Datos de programa\Voxatron
[2012/07/03 15:52:26 | 000,000,278 | -H-- | M] () -- H:\WINDOWS\Tasks\avast! Emergency Update.job
[2012/07/03 15:52:26 | 000,000,260 | ---- | M] () -- H:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



< End of report >



OTL Extras logfile created on: 03/07/2012 17:38:25 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = H:\Utilities
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 62,95% Memory free
4,84 Gb Paging File | 3,77 Gb Available in Paging File | 77,98% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Archivos de programa
Drive H: | 48,83 Gb Total Space | 11,48 Gb Free Space | 23,52% Space Free | Partition Type: NTFS
Drive I: | 882,68 Gb Total Space | 569,97 Gb Free Space | 64,57% Space Free | Partition Type: NTFS

Computer Name: DIXEL-QUADCORE | User Name: Dixel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "H:\Utilities\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "H:\Utilities\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"58997:TCP" = 58997:TCP:*:Enabled:Pando Media Booster
"58997:UDP" = 58997:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"58997:TCP" = 58997:TCP:*:Disabled:Pando Media Booster
"58997:UDP" = 58997:UDP:*:Disabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"H:\Archivos de programa\Pando Networks\Media Booster\PMB.exe" = H:\Archivos de programa\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"I:\Juegos\Uplink\uplink.exe" = I:\Juegos\Uplink\uplink.exe:*:Disabled:uplink
"H:\Utilities\Java\jre6\bin\javaw.exe" = H:\Utilities\Java\jre6\bin\javaw.exe:*:Enabled:javaw.exe
"I:\Juegos\Heroes of Newerth\hon.exe" = I:\Juegos\Heroes of Newerth\hon.exe:*:Enabled:Heroes of Newerth -- (S2 Games)
"I:\Juegos\Warcraft III\war3.exe" = I:\Juegos\Warcraft III\war3.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"H:\Archivos de programa\Google\Google Talk\googletalk.exe" = H:\Archivos de programa\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"I:\Juegos\Dead Island\deadislandgame.exe" = I:\Juegos\Dead Island\deadislandgame.exe:*:Disabled:DeadIsland -- (Techland)
"H:\Utilities\WS_FTP Pro\wsftppro.exe" = H:\Utilities\WS_FTP Pro\wsftppro.exe:*:Enabled:WS_FTP Pro Application -- (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
"H:\Documents and Settings\Dixel\Datos de programa\Dropbox\bin\Dropbox.exe" = H:\Documents and Settings\Dixel\Datos de programa\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox
"I:\Juegos\Orcs Must Die!\Build\release\OrcsMustDie.exe" = I:\Juegos\Orcs Must Die!\Build\release\OrcsMustDie.exe:*:Disabled:Orcs Must Die! -- (Robot Entertainment, Inc.)
"I:\Juegos\Portal 2\portal2.exe" = I:\Juegos\Portal 2\portal2.exe:*:Disabled:portal2
"I:\Juegos\Dungeon Defenders\Binaries\Win32\DunDefGame.exe" = I:\Juegos\Dungeon Defenders\Binaries\Win32\DunDefGame.exe:*:Disabled:DunDefGame -- (Trendy Entertainment LLC)
"H:\Documents and Settings\All Users\Datos de programa\NexonUS\NGM\NGM.exe" = H:\Documents and Settings\All Users\Datos de programa\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"I:\Juegos\Vindictus\game\Vindictus\en-US\NMService.exe" = I:\Juegos\Vindictus\game\Vindictus\en-US\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"H:\Documents and Settings\All Users\Datos de programa\NexonEU\NGM\NGM.exe" = H:\Documents and Settings\All Users\Datos de programa\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"I:\Juegos\unl-azmd\Binaries\Win32\ShippingPC-Bzb2Game.exe" = I:\Juegos\unl-azmd\Binaries\Win32\ShippingPC-Bzb2Game.exe:*:Disabled:ShippingPC-Bzb2Game
"J:\EdgeOfChaos.exe" = J:\EdgeOfChaos.exe:*:Disabled:Edge of Chaos Autorun
"H:\WINDOWS\system32\dplaysvr.exe" = H:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"I:\Juegos\Independence War 2 - Edge of Chaos\EdgeOfChaos.exe" = I:\Juegos\Independence War 2 - Edge of Chaos\EdgeOfChaos.exe:*:Disabled:Edge of Chaos Autorun -- (Particle Systems Ltd)
"I:\Juegos\Independence War 2 - Edge of Chaos\bin\release\loader.exe" = I:\Juegos\Independence War 2 - Edge of Chaos\bin\release\loader.exe:*:Disabled:Independence War 2 Loader -- ()
"I:\Juegos\Genesis Rising\bin\GenesisRising.exe" = I:\Juegos\Genesis Rising\bin\GenesisRising.exe:*:Disabled:GenesisRising -- ()
"H:\Utilities\Java\jdk1.6.0_25\bin\javaw.exe" = H:\Utilities\Java\jdk1.6.0_25\bin\javaw.exe:*:Disabled:Java™ Platform SE binary
"I:\Juegos\Confrontation\Confrontation.exe" = I:\Juegos\Confrontation\Confrontation.exe:*:Disabled:Confrontation -- (Cyanide)
"I:\Juegos\Gearbox Software\Borderlands\Binaries\Borderlands.exe" = I:\Juegos\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Disabled:Borderlands -- (Take-Two Interactive Software, Inc.)
"H:\Documents and Settings\All Users\Datos de programa\Battle.net\Agent\Agent.976\Agent.exe" = H:\Documents and Settings\All Users\Datos de programa\Battle.net\Agent\Agent.976\Agent.exe:*:Disabled:Blizzard Agent -- (Blizzard Entertainment)
"H:\Documents and Settings\All Users\Datos de programa\Battle.net\Agent\Agent.515\Agent.exe" = H:\Documents and Settings\All Users\Datos de programa\Battle.net\Agent\Agent.515\Agent.exe:*:Disabled:Blizzard Agent
"I:\Juegos\Diablo III Beta\Diablo III.exe" = I:\Juegos\Diablo III Beta\Diablo III.exe:*:Disabled:Diablo III Beta
"I:\Juegos\Release mooege-5f9b522\Release mooege-5f9b522\Mooege.exe" = I:\Juegos\Release mooege-5f9b522\Release mooege-5f9b522\Mooege.exe:*:Disabled:mooege
"H:\Archivos de programa\Pando Networks\Media Booster\PMB.exe" = H:\Archivos de programa\Pando Networks\Media Booster\PMB.exe:*:Disabled:Pando Media Booster -- ()
"I:\Juegos\Port Royale 3\PortRoyale3.exe" = I:\Juegos\Port Royale 3\PortRoyale3.exe:*:Disabled:Port Royale 3 -- (Gaming Minds Studios GmbH)
"H:\Archivos de programa\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = H:\Archivos de programa\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Disabled:Ubisoft Game Launcher -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0215A652-E081-4B09-9333-DC85AAB67FFA}" = Adobe Dreamweaver CS5.5
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04C6EC0A-4201-41A3-8162-E0533C638AAB}" = CubeMapGen v1.1
"{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies™
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{094D498F-466E-4822-97BF-FB43A961B669}" = ProxyCap
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12E0A949-8861-35F8-B7ED-5658788A7BFE}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - ESN
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{190601AF-7BE4-046E-CEBF-14EE74434250}" = AMD Catalyst Install Manager
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{298B7460-A43A-3083-B295-75547FC68392}" = Microsoft .NET Framework 3.5 Language Pack - esn
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31B25CCC-C459-4A7B-8059-0D9913D4FAA1}" = World Community Grid
"{32A3A4F4-B792-11D6-A78A-00B0D0160330}" = Java™ SE Development Kit 6 Update 33
"{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3828EC4B-D4B9-A742-4D81-9C0A3C72DF8A}" = CCC Help English
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B930AE3-61C6-4D02-A9D4-84F4ACBCEC25}" = OpenOffice.org 3.3
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{54F6C98F-94A0-421C-B90E-0B6A2A96A9CF}" = Pure Networks Platform
"{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{639555DF-952A-4161-97F6-AB9807E421D7}" = UFO Aftershock
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{68DED384-1F74-4AEE-8B8E-95AF15572FE3}" = Port Royale 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{79A65475-2F7F-491C-BF2F-8D5C0AF0775C}" = DUNGEONS
"{7A8BD96D-2F17-420F-995A-896672C1EAE4}_is1" = Mapear V9.60 versión 9.60
"{81A917A1-DBA3-3639-53DA-B6E833D41A57}" = ccc-utility
"{82931CCC-65F4-5A50-57AD-AE6DF6B10929}" = Catalyst Control Center
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0A087E5-149E-EC75-F45D-3A3C04344B4A}" = Catalyst Control Center Graphics Previews Common
"{A1928ACA-FAB4-4122-86F2-E7C7949EE22E}" = TortoiseSVN 1.6.15.21042 (32 bit)
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B6D789-EF42-39D5-B36B-A1282951E0D5}" = Microsoft .NET Framework 4 Extended ESN Language Pack
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B89933C8-E38D-44BE-B3DB-96657D11338F}" = Hooligans - Storm over Europe
"{BB0DCC5E-7477-3350-B5F5-7CE64E1E83B6}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ESN
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C06A7DAC-1708-417C-B694-28C84DFE2DF9}" = The Movies™ Stunts & Effects
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C9BFF8C0-2698-4E07-A808-5971E573D257}_is1" = Quintessence - The Blighted Venom [Chapter 1 - 11]
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC67DD84-77C6-C9F8-FA03-953F1C1C92A9}" = Catalyst Control Center InstallProxy
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1
"{ceca424e-2d49-4406-b1ff-b570a1a2933a}" = MinerWars
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1D632A2-E249-466D-A094-B1B934D37645}_is1" = Stronghold Kingdoms
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC2379D8-4715-96C7-B6C6-1BF0DCCE3121}" = ATI AVIVO Codecs
"{E3388F08-CDA0-886C-8759-5DCDE2194981}" = ATI Problem Report Wizard
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FDE049C8-E4B2-4EB5-A534-CF5C581F5D32}_is1" = KaM Remake Full r2736
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.85
"avast" = avast! Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Cataclysm" = Cataclysm
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"CosmicBreak_eng" = CosmicBreak_eng
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Darkstar One_is1" = Darkstar One
"Darkwind_is1" = Darkwind Client For Windows
"Dheapmon" = Desktop Heap Monitor (Uninstall Only)
"Dungeon Defenders_is1" = Dungeon Defenders
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Freelancer 1.0" = Freelancer
"Future Cop" = Future Cop
"Gemini Wars" = Gemini Wars
"Genesis Rising_is1" = Genesis Rising
"hon" = Heroes of Newerth
"ie8" = Windows Internet Explorer 8
"ImageJ_is1" = ImageJ 1.45s
"Independence War 2 - Edge of Chaos" = Independence War 2 - Edge of Chaos
"InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies™ Stunts & Effects
"KaM - The Peasants Rebellion" = KaM - The Peasants Rebellion
"Linksys Wireless Manager" = Linksys Wireless Manager
"Lucidity_is1" = Lucidity
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - esn" = Paquete de idioma de Microsoft .NET Framework 3.5 - esn
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Extended ESN
"Mozilla Firefox 13.0 (x86 en-US)" = Mozilla Firefox 13.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Octodad" = Octodad
"Orcs Must Die!_is1" = Orcs Must Die!
"Socks Proxy Checker_is1" = Socks Proxy Checker 1.05C
"Space Rangers 2" = Excalibur Publishing Limited - 1C\Space Rangers 2
"Stellar Impact" = Stellar Impact
"The Wager" = The Wager 1.1
"UFO:Alien Invasion" = UFO:AI 2.3.1
"VBReFormer 2012 Free_is1" = VBReFormer 5.9 Free Edition
"Vindictus" = Vindictus
"Visual Basic 6.0 Edición profesional (esp)" = Microsoft Visual Basic 6.0 Edición profesional (Español)
"VLC media player" = VLC media player 1.1.9
"Warhammer 40000 Space Marine_is1" = Warhammer 40000 Space Marine
"WebPost" = Asistente para la publicación en Web 1.53 de Microsoft
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WS_FTP Pro" = Ipswitch WS_FTP Pro
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Zombie Shooter_is1" = Zombie Shooter v 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Ardor3D Demo - renderer.UpdateTextureExample" = Ardor3D Demo - renderer.UpdateTextureExample
"BallsDemo" = BallsDemo
"Galactic Commander" = Galactic Commander
"Google Chrome" = Google Chrome
"jMonkeyEngine 3.0beta" = jMonkeyEngine 3.0beta
"LWJGL Demo [examples.spaceinvaders.Game]" = LWJGL Demo [examples.spaceinvaders.Game]
"LWJGL Demo [test.DisplayTest]" = LWJGL Demo [test.DisplayTest]
"LWJGL Demo [test.openal.StressTest]" = LWJGL Demo [test.openal.StressTest]
"LWJGL Demo [test.opengl.Gears]" = LWJGL Demo [test.opengl.Gears]
"LWJGL Demo [test.opengl.PbufferTest]" = LWJGL Demo [test.opengl.PbufferTest]
"LWJGL Demo [test.opengl.VBOIndexTest]" = LWJGL Demo [test.opengl.VBOIndexTest]
"LWJGL Demo [test.opengl.VBOTest]" = LWJGL Demo [test.opengl.VBOTest]
"LWJGL Demo [test.SysTest]" = LWJGL Demo [test.SysTest]
"LWJGL Demo [test.WindowCreationTest]" = LWJGL Demo [test.WindowCreationTest]
"Modulus" = Modulus
"StarWarrior" = StarWarrior
"TANKZ" = TANKZ
"Technopolies" = Technopolies
"Towerfield" = Towerfield
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 02/07/2012 19:56:30 | Computer Name = DIXEL-QUADCORE | Source = MsiInstaller | ID = 11711
Description = Producto: Microsoft .NET Framework 4 Client Profile -- Error 1711.
Error al escribir la información de instalación en el disco. Compruebe que hay
suficiente espacio en disco disponible y haga clic en Reintentar, o bien haga clic
en Cancelar para terminar la instalación.

Error - 02/07/2012 19:56:30 | Computer Name = DIXEL-QUADCORE | Source = MsiInstaller | ID = 11711
Description = Producto: Microsoft .NET Framework 4 Client Profile -- Error 1711.
Error al escribir la información de instalación en el disco. Compruebe que hay
suficiente espacio en disco disponible y haga clic en Reintentar, o bien haga clic
en Cancelar para terminar la instalación.

Error - 02/07/2012 19:56:30 | Computer Name = DIXEL-QUADCORE | Source = MsiInstaller | ID = 11711
Description = Producto: Microsoft .NET Framework 4 Client Profile -- Error 1711.
Error al escribir la información de instalación en el disco. Compruebe que hay
suficiente espacio en disco disponible y haga clic en Reintentar, o bien haga clic
en Cancelar para terminar la instalación.

Error - 02/07/2012 19:56:30 | Computer Name = DIXEL-QUADCORE | Source = MsiInstaller | ID = 11711
Description = Producto: Microsoft .NET Framework 4 Client Profile -- Error 1711.
Error al escribir la información de instalación en el disco. Compruebe que hay
suficiente espacio en disco disponible y haga clic en Reintentar, o bien haga clic
en Cancelar para terminar la instalación.

Error - 02/07/2012 19:56:30 | Computer Name = DIXEL-QUADCORE | Source = MsiInstaller | ID = 11711
Description = Producto: Microsoft .NET Framework 4 Client Profile -- Error 1711.
Error al escribir la información de instalación en el disco. Compruebe que hay
suficiente espacio en disco disponible y haga clic en Reintentar, o bien haga clic
en Cancelar para terminar la instalación.

Error - 02/07/2012 19:56:30 | Computer Name = DIXEL-QUADCORE | Source = MsiInstaller | ID = 11711
Description = Producto: Microsoft .NET Framework 4 Client Profile -- Error 1711.
Error al escribir la información de instalación en el disco. Compruebe que hay
suficiente espacio en disco disponible y haga clic en Reintentar, o bien haga clic
en Cancelar para terminar la instalación.

Error - 02/07/2012 19:56:30 | Computer Name = DIXEL-QUADCORE | Source = MsiInstaller | ID = 11711
Description = Producto: Microsoft .NET Framework 4 Client Profile -- Error 1711.
Error al escribir la información de instalación en el disco. Compruebe que hay
suficiente espacio en disco disponible y haga clic en Reintentar, o bien haga clic
en Cancelar para terminar la instalación.

Error - 02/07/2012 19:56:30 | Computer Name = DIXEL-QUADCORE | Source = MsiInstaller | ID = 11711
Description = Producto: Microsoft .NET Framework 4 Client Profile -- Error 1711.
Error al escribir la información de instalación en el disco. Compruebe que hay
suficiente espacio en disco disponible y haga clic en Reintentar, o bien haga clic
en Cancelar para terminar la instalación.

Error - 02/07/2012 19:56:31 | Computer Name = DIXEL-QUADCORE | Source = MsiInstaller | ID = 11711
Description = Producto: Microsoft .NET Framework 4 Client Profile -- Error 1711.
Error al escribir la información de instalación en el disco. Compruebe que hay
suficiente espacio en disco disponible y haga clic en Reintentar, o bien haga clic
en Cancelar para terminar la instalación.

Error - 02/07/2012 19:56:31 | Computer Name = DIXEL-QUADCORE | Source = MsiInstaller | ID = 11711
Description = Producto: Microsoft .NET Framework 4 Client Profile -- Error 1711.
Error al escribir la información de instalación en el disco. Compruebe que hay
suficiente espacio en disco disponible y haga clic en Reintentar, o bien haga clic
en Cancelar para terminar la instalación.

[ System Events ]
Error - 03/07/2012 14:46:39 | Computer Name = DIXEL-QUADCORE | Source = SideBySide | ID = 16842811
Description = Error en Resolve Partial Assembly para Microsoft.Windows.Common-Controls.
Mensaje
de error referencia: Recursos insuficientes en el sistema para completar el servicio
solicitado. .

Error - 03/07/2012 14:46:39 | Computer Name = DIXEL-QUADCORE | Source = SideBySide | ID = 16842811
Description = Error en Generate Activation Context para H:\WINDOWS\system32\CRYPTUI.dll.
Mensaje
de error referencia: La operación se ha completado correctamente. .

Error - 03/07/2012 14:49:09 | Computer Name = DIXEL-QUADCORE | Source = SideBySide | ID = 16842811
Description = Error en Resolve Partial Assembly para Microsoft.Windows.Common-Controls.
Mensaje
de error referencia: Recursos insuficientes en el sistema para completar el servicio
solicitado. .

Error - 03/07/2012 14:49:09 | Computer Name = DIXEL-QUADCORE | Source = SideBySide | ID = 16842811
Description = Error en Generate Activation Context para H:\WINDOWS\WindowsShell.manifest.
Mensaje
de error referencia: La operación se ha completado correctamente. .

Error - 03/07/2012 14:49:09 | Computer Name = DIXEL-QUADCORE | Source = SideBySide | ID = 16842811
Description = Error en Resolve Partial Assembly para Microsoft.Windows.Common-Controls.
Mensaje
de error referencia: Recursos insuficientes en el sistema para completar el servicio
solicitado. .

Error - 03/07/2012 14:49:09 | Computer Name = DIXEL-QUADCORE | Source = SideBySide | ID = 16842811
Description = Error en Generate Activation Context para H:\WINDOWS\WindowsShell.manifest.
Mensaje
de error referencia: La operación se ha completado correctamente. .

Error - 03/07/2012 14:49:56 | Computer Name = DIXEL-QUADCORE | Source = SideBySide | ID = 16842811
Description = Error en Resolve Partial Assembly para Microsoft.Windows.Common-Controls.mui.
Mensaje
de error referencia: Recursos insuficientes en el sistema para completar el servicio
solicitado. .

Error - 03/07/2012 14:49:56 | Computer Name = DIXEL-QUADCORE | Source = SideBySide | ID = 16842811
Description = Error en Generate Activation Context para H:\WINDOWS\system32\urlmon.dll.
Mensaje
de error referencia: La operación se ha completado correctamente. .

Error - 03/07/2012 14:50:34 | Computer Name = DIXEL-QUADCORE | Source = SideBySide | ID = 16842811
Description = Error en Resolve Partial Assembly para Microsoft.VC80.CRT.mui. Mensaje
de error referencia: Recursos insuficientes en el sistema para completar el servicio
solicitado. .

Error - 03/07/2012 14:50:34 | Computer Name = DIXEL-QUADCORE | Source = SideBySide | ID = 16842811
Description = Error en Generate Activation Context para H:\WINDOWS\system32\sirenacm.dll.
Mensaje
de error referencia: La operación se ha completado correctamente. .


< End of report >


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-03 20:07:45
-----------------------------
20:07:45.781 OS Version: Windows 5.1.2600 Service Pack 3
20:07:45.781 Number of processors: 4 586 0x503
20:07:45.781 ComputerName: DIXEL-QUADCORE UserName: Dixel
20:07:46.671 Initialize success
20:07:46.828 AVAST engine defs: 12070301
20:08:32.796 Service scanning
20:08:37.265 Service PciCon D:\PciCon.sys **LOCKED** 21
20:08:37.906 Service sptd H:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
20:08:39.281 Modules scanning
20:08:43.984 Disk 0 trace - called modules:
20:08:43.984 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8a4851e8]<<
20:08:43.984 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a457ab8]
20:08:44.000 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000006e[0x8a42e938]
20:08:44.000 5 ACPI.sys[b9e56620] -> nt!IofCallDriver -> \Device\Scsi\nvgts1Port2Path0Target0Lun0[0x8a436030]
20:08:44.000 \Driver\nvgts[0x8a40d3d8] -> IRP_MJ_CREATE -> 0x8a4851e8
20:08:45.140 AVAST engine scan H:\WINDOWS
20:08:47.906 AVAST engine scan H:\WINDOWS\system32
20:10:59.234 AVAST engine scan H:\WINDOWS\system32\drivers
20:11:10.500 AVAST engine scan H:\Documents and Settings\Dixel
20:20:25.250 AVAST engine scan H:\Documents and Settings\All Users
20:23:14.234 Scan finished successfully
20:25:05.078 The log file has been saved successfully to "H:\Utilities\aswMBR.txt"


Farbar Service Scanner Version: 02-07-2012
Ran by Dixel (administrator) on 03-07-2012 at 20:33:17
Running from "H:\Utilities"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
H:\WINDOWS\system32\dhcpcsvc.dll
[2008-04-14 09:00] - [2008-04-14 09:00] - 0126976 ____A (Microsoft Corporation) 2DDFB3A5679FA02366686ECB1AF622F0

H:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
H:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
H:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
H:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
H:\WINDOWS\system32\dnsrslvr.dll
[2008-04-14 09:00] - [2009-04-20 14:18] - 0045568 ____A (Microsoft Corporation) 2E6D76CAB5A402AF257A963916FE05E7

H:\WINDOWS\system32\ipnathlp.dll
[2008-04-14 09:00] - [2008-04-14 09:00] - 0332288 ____A (Microsoft Corporation) 4A4EF3EE166FAD4A04B1D767AD986329

H:\WINDOWS\system32\netman.dll
[2008-04-14 09:00] - [2008-04-14 09:00] - 0198144 ____A (Microsoft Corporation) A48884C9359EE9F1FC8F3F0D93FB1D95

H:\WINDOWS\system32\wbem\WMIsvc.dll
[2011-05-14 01:22] - [2008-04-14 09:00] - 0145408 ____A (Microsoft Corporation) A5FC75CAB140CF6A78E16C3681001872

H:\WINDOWS\system32\srsvc.dll
[2011-05-14 01:23] - [2008-04-14 09:00] - 0171520 ____A (Microsoft Corporation) 0F30EEC6013FCF76693405EC4A7DF899

H:\WINDOWS\system32\Drivers\sr.sys
[2011-05-14 01:23] - [2008-04-14 09:00] - 0073472 ____A (Microsoft Corporation) CCB3065C3EE63A4515FE84AF9E78D1DD

H:\WINDOWS\system32\wscsvc.dll
[2008-04-14 09:00] - [2008-04-14 09:00] - 0080896 ____A (Microsoft Corporation) 8CD684FD248DFE208C2F8F5052838A81

H:\WINDOWS\system32\wbem\WMIsvc.dll
[2011-05-14 01:22] - [2008-04-14 09:00] - 0145408 ____A (Microsoft Corporation) A5FC75CAB140CF6A78E16C3681001872

H:\WINDOWS\system32\wuauserv.dll
[2011-05-14 01:24] - [2008-04-14 09:00] - 0006656 ____A (Microsoft Corporation) 0B8FC4D0F9D6964713E81AD558B50A71

H:\WINDOWS\system32\qmgr.dll
[2011-05-14 01:24] - [2008-04-14 09:00] - 0409088 ____A (Microsoft Corporation) 8EE9639C01B92490E09638CAA1B16C3C

H:\WINDOWS\system32\es.dll
[2008-04-14 09:00] - [2008-07-07 17:27] - 0253952 ____A (Microsoft Corporation) A225DD0D0489BD580781D19524A10B19

H:\WINDOWS\system32\cryptsvc.dll
[2008-04-14 09:00] - [2008-04-14 09:00] - 0062464 ____A (Microsoft Corporation) E423C9C1946C656E0E4840210A0A8681

H:\WINDOWS\system32\svchost.exe
[2008-04-14 09:00] - [2008-04-14 09:00] - 0014336 ____A (Microsoft Corporation) 4F2340F0BD5B6365C38E74DD391919A8

H:\WINDOWS\system32\rpcss.dll
[2008-04-14 09:00] - [2009-02-09 07:52] - 0401408 ____A (Microsoft Corporation) 97869C55F562B777987100EA30AD8108

H:\WINDOWS\system32\services.exe
[2008-04-14 09:00] - [2009-02-09 08:23] - 0111104 ____A (Microsoft Corporation) 953DF7327510DF0DE048B8E80E504EF9


Extra List:
=======
aswTdi(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****

Edited by Dixel, 03 July 2012 - 10:14 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP