Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

ad.adserverplus.com popups - W. Vista, Google Chrome [Solved]

Started by Deo808 , Aug 29 2012 10:40 AM

  • This topic is locked This topic is locked

#1
Deo808
Posted 29 August 2012 - 10:40 AM

Deo808

    New Member

  • Member
  • Pip
  • 6 posts
Hello guys, Since I don't know what else to do, here I am.
As the thread title says I am getting ad.serverplus popups almost everytime I click on something. I'm using Google Chrome.

Also another one comes up a lot at the bottom of the browser, I think is ad.harrenmedianetwork.com

I've scanned with "Malwarebytes Anti-Malware", also with "Spy-bot, search and destroy" but it hasn't worked.

I don't know how I acquired this.

Any help would be greatly appreciated. Thank you.

OTL logfile created on: 28/08/2012 08:37:30 a.m. - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Leonell-\Descargas\Descargas Chrome
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

1,44 Gb Total Physical Memory | 0,31 Gb Available Physical Memory | 21,81% Memory free
3,55 Gb Paging File | 2,16 Gb Available in Paging File | 60,78% Paging File free
Paging file location(s): C:\pagefile.sys 2203 2203 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104,39 Gb Total Space | 5,19 Gb Free Space | 4,97% Space Free | Partition Type: NTFS
Drive D: | 7,40 Gb Total Space | 0,90 Gb Free Space | 12,22% Space Free | Partition Type: NTFS

Computer Name: LEONELL-1 | User Name: Leonell- | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/28 08:36:39 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Leonell-\Descargas\Descargas Chrome\OTL (1).exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgidsagent.exe
PRC - [2012/06/28 07:43:13 | 000,935,008 | ---- | M] () -- C:\Archivos de programa\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012/06/28 07:43:06 | 001,107,552 | ---- | M] () -- C:\Archivos de programa\AVG Secure Search\vprot.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/11 20:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe
PRC - [2011/02/15 13:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) -- C:\Archivos de programa\Prey\platform\windows\cronsvc.exe
PRC - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Archivos de programa\Nero\Update\NASvc.exe
PRC - [2009/09/30 10:12:14 | 000,091,392 | ---- | M] () -- C:\Archivos de programa\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2009/09/30 10:12:10 | 000,273,664 | ---- | M] (Motorola) -- C:\Archivos de programa\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2009/06/03 09:34:50 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Archivos de programa\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/10/29 03:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 04:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe
PRC - [2008/01/19 04:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnscfg.exe
PRC - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/17 19:28:55 | 000,442,392 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
MOD - [2012/08/17 19:28:54 | 012,236,824 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
MOD - [2012/08/17 19:28:52 | 003,997,720 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
MOD - [2012/08/17 19:27:36 | 000,526,872 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\libglesv2.dll
MOD - [2012/08/17 19:27:35 | 000,104,984 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\libegl.dll
MOD - [2012/08/17 19:27:23 | 000,144,424 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MOD - [2012/08/17 19:27:22 | 000,266,792 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MOD - [2012/08/17 19:27:21 | 002,480,680 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll
MOD - [2012/06/28 07:43:14 | 000,132,704 | ---- | M] () -- C:\Archivos de programa\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012/06/28 07:43:06 | 001,107,552 | ---- | M] () -- C:\Archivos de programa\AVG Secure Search\vprot.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012/08/10 17:33:55 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Archivos de programa\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/06/28 07:43:13 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Archivos de programa\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/18 00:04:30 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/08/11 20:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/02/15 13:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) [Auto | Running] -- C:\Archivos de programa\Prey\platform\windows\cronsvc.exe -- (CronService)
SRV - [2010/10/19 15:10:34 | 000,659,456 | R--- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Archivos de programa\epson\MyEpson Portal\mepService.exe -- (MyEpson Portal Service)
SRV - [2010/08/02 18:17:16 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Archivos de programa\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/09/30 10:12:14 | 000,091,392 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/06/03 09:34:50 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Archivos de programa\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/19 04:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 04:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007/03/05 05:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Archivos de programa\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2006/10/27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006/10/26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Motousbnet.sys -- (Motousbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motmodem.sys -- (motmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgpfl.sys -- (motccgpfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgp.sys -- (motccgp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\ElbyVCD.sys -- (ElbyVCD)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | Boot | Stopped] -- -- (BTHidMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motfilt.sys -- (BTCFilterService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (BT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\blueletaudio.sys -- (BlueletAudio)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | System | Stopped] -- -- (ASPI32)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ao7yd4tr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a4y6ogfl)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/04/11 12:40:28 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2012/04/06 15:15:10 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/07/22 13:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 18:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/09/27 10:20:34 | 000,035,363 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\windrvNT.sys -- (windrvNT)
DRV - [2010/09/15 18:55:11 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010/09/15 18:53:36 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010/09/15 18:53:36 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/07/04 16:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Archivos de programa\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/06/24 23:01:12 | 000,108,416 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smhwser.sys -- (smhwser)
DRV - [2010/06/24 23:01:12 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smhwdev.sys -- (smhwdev)
DRV - [2010/06/24 23:01:12 | 000,025,728 | R--- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smhwadb.sys -- (androidusb)
DRV - [2010/04/29 10:06:58 | 000,254,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMUVC.sys -- (VMUVC)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/06/24 06:08:00 | 007,542,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/18 10:42:12 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/03/20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009/03/20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2008/07/01 11:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vvftUVC.sys -- (vvftUVC)
DRV - [2008/03/15 05:11:11 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008/03/03 05:10:44 | 000,182,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/11/02 14:51:28 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007/10/25 18:31:08 | 000,616,064 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/10 06:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/05/03 18:29:10 | 001,065,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/05/02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007/05/02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007/05/02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2007/02/21 21:24:48 | 000,159,232 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/02/15 13:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/12/22 02:28:56 | 000,100,648 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/11/30 06:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/01 18:45:14 | 000,219,264 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BTCamDrv.sys -- (BTCAMDRV)
DRV - [2006/06/28 05:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2003/01/10 10:56:34 | 000,030,921 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SQCaptur.sys -- (DCamUSBSQTECH)
DRV - [1998/03/10 19:28:24 | 000,014,848 | ---- | M] (MARX Data Security GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MARXDEV3.SYS -- (MarxDev3)
DRV - [1998/03/10 19:28:22 | 000,014,848 | ---- | M] (MARX Data Security GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MARXDEV2.SYS -- (MarxDev2)
DRV - [1998/03/10 19:28:22 | 000,014,848 | ---- | M] (MARX Data Security GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MARXDEV1.SYS -- (MarxDev1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000ff56b70c4c
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...6F-FEAF8F9192A8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2011-10-27 00:22:32&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylo...me?affID=17425"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: avg@toolbar:8.0.0.40
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1865
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "http://search.babylo...0ff56b70c4c&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\users\leonell-\downloads\real player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\users\leonell-\downloads\real player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\users\leonell-\downloads\real player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Leonell-\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Leonell-\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Leonell-\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/07/01 10:49:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/08 17:23:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/21 01:03:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/06/24 11:15:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/24 13:03:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/14 10:04:43 | 000,000,000 | ---D | M]

[2008/07/08 20:57:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Extensions
[2012/08/06 21:38:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions
[2010/06/25 21:02:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/03/12 23:14:52 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/03/30 07:23:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/01/19 20:45:17 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\avg@toolbar
[2012/03/30 07:23:50 | 000,000,000 | ---D | M] (CodecC) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\[email protected]
[2012/08/06 08:28:22 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\[email protected]
[2012/08/06 21:38:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\staged
[2012/05/22 12:57:00 | 000,002,401 | ---- | M] () -- C:\Users\Leonell-\AppData\Roaming\Mozilla\Firefox\Profiles\idrxjxk4.default\searchplugins\askcom.xml
[2012/07/13 04:15:43 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2011/12/08 22:38:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Archivos de programa\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/05/06 18:26:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012/07/13 04:15:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/05/13 23:12:10 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Archivos de programa\Mozilla Firefox\extensions\[email protected]
[2012/04/24 13:03:52 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\distribution\extensions
[2012/06/24 11:15:30 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/05/06 18:26:21 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012/07/13 04:15:44 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/05/13 23:12:10 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected]
[2012/04/25 19:52:21 | 000,000,000 | ---D | M] (General Crawler) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
[2012/01/20 22:40:46 | 000,013,642 | ---- | M] () (No name found) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IDRXJXK4.DEFAULT\EXTENSIONS\{A3A5C777-F583-4FEF-9380-AB4ADD1BC2A8}.XPI
[2012/01/19 20:45:27 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IDRXJXK4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/04/24 13:06:34 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IDRXJXK4.DEFAULT\EXTENSIONS\[email protected]
[2011/12/11 14:47:02 | 000,007,129 | ---- | M] () (No name found) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IDRXJXK4.DEFAULT\EXTENSIONS\[email protected]
[2012/04/18 00:05:51 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/23 23:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2007/03/09 20:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012/06/28 07:43:04 | 000,003,770 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/07/07 03:10:16 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/04/18 00:59:16 | 000,004,080 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
[2012/04/18 00:59:16 | 000,002,470 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolibre-ar.xml
[2012/04/18 00:59:16 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
[2012/04/18 00:59:16 | 000,000,824 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-ar.xml

========== Chrome ==========

CHR - homepage: http://search.babylo...000111111111111
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.babylo...000111111111111
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Leonell-\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Turn Off the Lights = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.5_0\
CHR - Extension: Frat Boy Beer Pong = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldnejoajcpmegfmelnfikdlnnpclaoi\1.0_0\
CHR - Extension: Striker Manager = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmachfiimeggafocgeldapnchdnoiib\5_0\
CHR - Extension: Adobe Flash Player = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghlbihfamkcfkndodljobfdegplmppp\12.3.0_2\
CHR - Extension: Ver Pelis = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhmljjiefmmaebmpcliimnkfojboocgi\3.1_0\
CHR - Extension: AT_Reas = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinoconpnefhjndafimindldhibbcdae\2_0\
CHR - Extension: Radios del Argentina = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\djlnllmnlolplmikofclonjoehopgffj\1.1_0\
CHR - Extension: El Padrino: Las Cinco Familias = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl\1.0_0\
CHR - Extension: Ver Pelis Stream = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkgpaodlinanchogblmbefbfpdhfille\2.0.1_0\
CHR - Extension: Fanatico-Online = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkloengihdhiicmnpkbgbkmlpoaefcap\1.5.0_0\
CHR - Extension: AdBlock = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_0\
CHR - Extension: Cut the Rope = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\13_0\
CHR - Extension: TweetDeck = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\1.5.8_0\
CHR - Extension: Peliculas-Flv.com = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilenniiheilgldeeldljefjgeinigbei\3.8.0_0\
CHR - Extension: RedRiot = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\ionjheihajallacpbdgdbhpfoihmmole\1.2_0\
CHR - Extension: Prueba de mecanograf\u00EDa - KeyHero = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm\1.4.0_0\
CHR - Extension: AVG Safe Search = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\
CHR - Extension: StumbleUpon = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\4.7.12.1_0\
CHR - Extension: Emoticones en tus cometarios de Taringa! = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgegbdkpllfnldlgdihmmdajajieinil\2.0_0\
CHR - Extension: MiraModernFamily.com - Plugin = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjfhbdkhhkjgfaceahbjeadgjjdpaaoo\1.0_0\
CHR - Extension: TodoAnimes = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkeablihghinieijobfdfegggebeljgd\4.0_0\
CHR - Extension: Steambirds: Survival = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn\1.0_0\
CHR - Extension: Fieldrunners = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak\1.0.0.5_0\
CHR - Extension: Contract Killer = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\meklndaflopgghbomkdpofehonfclipi\1.1.2_0\
CHR - Extension: KickNerds Software = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfelaacnhmebkfigncdhamnepacfmdbj\1.0_0\
CHR - Extension: Sniper Assassin 4 = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjnfafaebnkjolpfbchmhfpbepdpgogc\1.3_0\
CHR - Extension: EMOTIMANIA = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlmpodlidphdljfhnkilgceljmagpohl\0.2_0\
CHR - Extension: AVG Do Not Track = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Curling = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0\
CHR - Extension: GIFPAL = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch\1.2_0\
CHR - Extension: Maldi Stream = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhibokfmlbonieidpbbdbinbmebjiom\2.3.0_0\
CHR - Extension: Running = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\pibmbphgclmikgclcjlfnlepeofhcffm\1.5_0\

O1 HOSTS File: ([2012/08/25 20:07:39 | 000,443,968 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15253 more lines...
O2 - BHO: (Aplicación auxiliar de vínculos de Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Archivos de programa\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Archivos de programa\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Archivos de programa\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Archivos de programa\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Archivos de programa\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Archivos de programa\Emulador java\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O2 - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Archivos de programa\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Archivos de programa\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Archivos de programa\Emulador java\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKCU\..\Toolbar\ShellBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Archivos de programa\Emulador java\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKCU\..\Toolbar\WebBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Archivos de programa\Emulador java\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Facebook Update] "C:\Users\Leonell-\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O8 - Extra context menu item: Enviar a &Bluetooth - C:\Archivos de programa\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Leonell-\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Leonell-\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Link to &MidpX - C:\Archivos de programa\Emulador java\MidpX\JadInvoker\Extent\jad_wrap.htm ()
O9 - Extra 'Tools' menuitem : Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Archivos de programa\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.42.4.204 200.49.130.41
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D48D2919-0E87-4CDE-8800-559FA448CAB6}: DhcpNameServer = 200.42.4.204 200.49.130.41
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC017067-2835-4784-8D91-6AC4F8EEF608}: DhcpNameServer = 190.7.31.226 190.7.31.228
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Archivos de programa\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Archivos de programa\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (EXPLORER.EXE) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - File not found
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/30 23:47:43 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{182efd4b-7a88-11da-93d2-001b245aa4ee}\Shell\AutoRun\command - "" = qhbfqx.exe
O33 - MountPoints2\{182efd4b-7a88-11da-93d2-001b245aa4ee}\Shell\open\Command - "" = qhbfqx.exe
O33 - MountPoints2\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\Shell\AutoRun\command - "" = I:\gbyqce.exe
O33 - MountPoints2\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\Shell\explore\Command - "" = I:\gbyqce.exe
O33 - MountPoints2\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\Shell\open\Command - "" = I:\gbyqce.exe
O33 - MountPoints2\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\Shell\AutoRun\command - "" = G:\pa39xth.cmd
O33 - MountPoints2\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\Shell\explore\Command - "" = G:\pa39xth.cmd
O33 - MountPoints2\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\Shell\open\Command - "" = G:\pa39xth.cmd
O33 - MountPoints2\{2f2d275a-7b38-11da-aad4-001b245aa4ee}\Shell\AutoRun\command - "" = yveqsh93.exe
O33 - MountPoints2\{2f2d275a-7b38-11da-aad4-001b245aa4ee}\Shell\open\Command - "" = yveqsh93.exe
O33 - MountPoints2\{5767b9c6-493f-11dd-9091-001b245aa4ee}\Shell\AutoRun\command - "" = pa39xth.cmd
O33 - MountPoints2\{5767b9c6-493f-11dd-9091-001b245aa4ee}\Shell\explore\Command - "" = pa39xth.cmd
O33 - MountPoints2\{5767b9c6-493f-11dd-9091-001b245aa4ee}\Shell\open\Command - "" = pa39xth.cmd
O33 - MountPoints2\{84014d08-c49f-11dc-a60b-001b245aa4ee}\Shell\Auto\command - "" = fun.xls.exe
O33 - MountPoints2\{84014d08-c49f-11dc-a60b-001b245aa4ee}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe
O33 - MountPoints2\{8b3b6862-6cfb-11e0-8129-111111111111}\Shell - "" = AutoRun
O33 - MountPoints2\{8b3b6862-6cfb-11e0-8129-111111111111}\Shell\AutoRun\command - "" = H:\PcOptions.exe
O33 - MountPoints2\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\Shell\AutoRun\command - "" = I:\fooool.exe
O33 - MountPoints2\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\Shell\explore\Command - "" = I:\fooool.exe
O33 - MountPoints2\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\Shell\open\Command - "" = I:\fooool.exe
O33 - MountPoints2\{aab949e0-6d66-11e0-a18c-0c0c0c0c0c45}\Shell - "" = AutoRun
O33 - MountPoints2\{aab949e0-6d66-11e0-a18c-0c0c0c0c0c45}\Shell\AutoRun\command - "" = H:\PcOptions.exe
O33 - MountPoints2\{b11c1440-5a8b-11e0-ab6e-111111111111}\Shell - "" = AutoRun
O33 - MountPoints2\{b11c1440-5a8b-11e0-ab6e-111111111111}\Shell\AutoRun\command - "" = H:\PcOptions.exe
O33 - MountPoints2\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\Shell\AutoRun\command - "" = I:\fooool.exe
O33 - MountPoints2\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\Shell\explore\Command - "" = I:\fooool.exe
O33 - MountPoints2\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\Shell\open\Command - "" = I:\fooool.exe
O33 - MountPoints2\{bd2bcf2e-7a72-11da-b49e-0c0c0c0c0c45}\Shell - "" = AutoRun
O33 - MountPoints2\{bd2bcf2e-7a72-11da-b49e-0c0c0c0c0c45}\Shell\AutoRun\command - "" = H:\PcOptions.exe
O33 - MountPoints2\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\Shell\AutoRun\command - "" = I:\gbyqce.exe
O33 - MountPoints2\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\Shell\explore\Command - "" = I:\gbyqce.exe
O33 - MountPoints2\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\Shell\open\Command - "" = I:\gbyqce.exe
O33 - MountPoints2\{bdc92876-7a72-11da-b504-001b245aa4ee}\Shell\AutoRun\command - "" = I:\fooool.exe
O33 - MountPoints2\{bdc92876-7a72-11da-b504-001b245aa4ee}\Shell\explore\Command - "" = I:\fooool.exe
O33 - MountPoints2\{bdc92876-7a72-11da-b504-001b245aa4ee}\Shell\open\Command - "" = I:\fooool.exe
O33 - MountPoints2\{d9113d6b-1326-11de-9d6c-001b245aa4ee}\Shell\Auto\command - "" = fun.xls.exe
O33 - MountPoints2\{d9113d6b-1326-11de-9d6c-001b245aa4ee}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe
O33 - MountPoints2\{d9113d7c-1326-11de-9d6c-001b245aa4ee}\Shell\Auto\command - "" = fun.xls.exe
O33 - MountPoints2\{d9113d7c-1326-11de-9d6c-001b245aa4ee}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe
O33 - MountPoints2\{fcbc00b9-1389-11de-928e-001b245aa4ee}\Shell\Auto\command - "" =
O33 - MountPoints2\{fcbc00b9-1389-11de-928e-001b245aa4ee}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/24 20:29:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/08/24 12:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAce
[2012/08/24 12:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinAce
[2012/08/24 05:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2012/08/23 09:20:46 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\Desktop\Nueva carpeta
[2012/08/23 06:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/08/23 06:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/08/23 06:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/08/16 00:13:24 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\Application Data\Documents\Data files backup
[2012/08/12 12:36:47 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\Bethesda Softworks
[2012/08/11 21:03:56 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\Help
[2012/08/11 21:03:56 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Local\Help
[2012/08/11 20:58:11 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftsrch.dll
[2012/08/11 20:58:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx041e.dll
[2012/08/11 20:58:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx0411.dll
[2012/08/11 20:58:10 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\winhlp32.exe
[2012/08/10 17:33:10 | 009,826,504 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2012/08/08 15:14:59 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eJay FreePlayer
[2012/08/08 15:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eJay FreePlayer
[2012/08/08 15:14:56 | 000,163,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmaudsdk.dll
[2012/08/08 15:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\eJay FreePlayer
[2012/08/08 14:56:07 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnalogX
[2012/08/08 14:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\AnalogX
[2012/08/08 14:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\GoldWave
[2012/08/08 14:40:33 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\Opera
[2012/08/08 14:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2012/08/08 14:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVibesHOME7DEMO
[2012/08/08 14:12:38 | 000,000,000 | ---D | C] -- C:\Program Files\MixVibesHOME7DEMO
[2012/08/08 13:48:17 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\VUPlayer
[2012/08/08 13:47:48 | 000,000,000 | ---D | C] -- C:\Program Files\VUPlayer
[2012/08/06 21:36:51 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Local\Macromedia
[2012/08/06 15:48:17 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\Textures
[2012/08/06 15:48:17 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\Better_Heads_Extras
[2012/08/06 11:45:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morrowind Script Extender
[2012/08/06 11:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\MWScriptExtender
[2012/08/06 08:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012/08/06 07:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morrowind Mod Manager
[2012/08/05 10:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Mender
[2012/08/05 10:00:36 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Mender
[2012/08/05 10:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\Image Mender
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/28 08:49:13 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1397375062-2753414827-256561568-1000UA.job
[2012/08/28 08:32:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/28 08:28:06 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/28 08:23:02 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012/08/28 08:20:54 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/28 08:20:53 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/28 08:20:15 | 000,000,029 | ---- | M] () -- C:\Windows\System32\TempWmicBatchFile.bat
[2012/08/28 08:19:48 | 000,048,104 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/08/28 08:19:06 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/28 08:19:04 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/08/28 08:18:38 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/08/28 08:18:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/27 19:44:17 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/08/27 19:11:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1397375062-2753414827-256561568-1000UA.job
[2012/08/27 17:04:35 | 105,173,144 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/08/27 16:11:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1397375062-2753414827-256561568-1000Core.job
[2012/08/27 12:40:22 | 000,710,636 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2012/08/27 12:40:22 | 000,627,494 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/27 12:40:22 | 000,149,132 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2012/08/27 12:40:22 | 000,116,318 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/26 17:56:15 | 000,477,774 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/08/25 20:07:39 | 000,443,968 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/08/24 06:49:30 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1397375062-2753414827-256561568-1000Core.job
[2012/08/23 09:17:25 | 000,209,408 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/23 06:51:44 | 000,001,063 | ---- | M] () -- C:\Users\Leonell-\Desktop\Spybot - Search & Destroy.lnk
[2012/08/20 22:53:16 | 195,127,374 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/16 00:17:20 | 000,000,949 | ---- | M] () -- C:\Users\Leonell-\Desktop\Morrowind Enhanced.exe.lnk
[2012/08/14 19:33:10 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk
[2012/08/13 09:08:34 | 000,042,091 | ---- | M] () -- C:\Users\Leonell-\Application Data\Documents\llñlñl.nrj
[2012/08/10 17:33:47 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/10 17:33:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/08/10 17:33:13 | 009,826,504 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2012/08/08 03:20:58 | 000,002,344 | ---- | M] () -- C:\Users\Leonell-\Desktop\traderdaniel.ESP
[2012/08/05 10:00:47 | 000,000,804 | ---- | M] () -- C:\Users\Leonell-\Desktop\Image Mender.lnk
[2012/08/04 22:50:44 | 005,622,596 | ---- | M] () -- C:\Users\Leonell-\Untitled.mp3
[2012/08/03 14:37:30 | 009,099,694 | ---- | M] () -- C:\Users\Leonell-\Untitled.wav
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/23 06:51:44 | 000,001,063 | ---- | C] () -- C:\Users\Leonell-\Desktop\Spybot - Search & Destroy.lnk
[2012/08/20 22:51:53 | 195,127,374 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/08/16 00:17:00 | 000,000,949 | ---- | C] () -- C:\Users\Leonell-\Desktop\Morrowind Enhanced.exe.lnk
[2012/08/14 19:33:10 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk
[2012/08/13 09:08:34 | 000,042,091 | ---- | C] () -- C:\Users\Leonell-\Application Data\Documents\llñlñl.nrj
[2012/08/08 14:26:31 | 000,000,824 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2012/08/08 03:20:57 | 000,002,344 | ---- | C] () -- C:\Users\Leonell-\Desktop\traderdaniel.ESP
[2012/08/05 10:00:47 | 000,000,804 | ---- | C] () -- C:\Users\Leonell-\Desktop\Image Mender.lnk
[2012/08/03 14:37:07 | 009,099,694 | ---- | C] () -- C:\Users\Leonell-\Untitled.wav
[2012/08/03 14:36:22 | 005,622,596 | ---- | C] () -- C:\Users\Leonell-\Untitled.mp3
[2012/05/13 23:16:43 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat
[2012/04/06 21:34:35 | 005,702,115 | ---- | C] () -- C:\Users\Leonell-\idea.mp3
[2011/11/02 15:46:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/06/10 13:20:53 | 000,000,027 | ---- | C] () -- C:\ProgramData\droidcam-settings
[2011/02/10 23:45:42 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011/02/10 23:45:41 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011/02/10 23:45:41 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011/02/10 23:45:41 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011/02/10 23:45:41 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011/02/10 23:45:41 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011/02/10 23:45:41 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011/02/10 23:45:41 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011/02/10 23:45:41 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011/02/10 23:45:41 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011/02/10 23:45:41 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011/02/10 23:45:41 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011/02/10 23:45:41 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011/02/10 23:45:41 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011/02/10 23:45:41 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011/02/10 23:45:41 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011/02/10 23:37:55 | 000,000,088 | ---- | C] () -- C:\Windows\TX220.ini
[2010/09/27 10:20:34 | 000,053,248 | ---- | C] () -- C:\Windows\System32\suppdll.dll
[2010/09/27 10:20:34 | 000,035,363 | ---- | C] () -- C:\Windows\System32\windrvNT.sys
[2010/06/25 04:28:09 | 000,048,104 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/06/25 04:28:09 | 000,048,104 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/06/22 20:49:02 | 000,000,000 | ---- | C] () -- C:\Users\Leonell-\AppData\Local\prvlcl.dat
[2009/03/18 03:55:04 | 000,000,282 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/07/07 05:59:54 | 000,633,344 | ---- | C] () -- C:\Program Files\00WebCam.002
[2007/10/11 15:53:15 | 000,000,000 | ---- | C] () -- C:\Users\Leonell-\AppData\Roaming\wklnhst.dat
[2007/10/02 11:34:23 | 000,209,408 | ---- | C] () -- C:\Users\Leonell-\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/02 10:16:41 | 000,013,166 | ---- | C] () -- C:\Users\Leonell-\AppData\Roaming\nvModes.001
[2007/10/02 10:16:36 | 000,013,166 | ---- | C] () -- C:\Users\Leonell-\AppData\Roaming\nvModes.dat
[2007/10/02 01:54:02 | 000,022,280 | ---- | C] () -- C:\Users\Leonell-\AppData\Roaming\UserTile.png
[2006/01/03 07:52:40 | 000,000,552 | ---- | C] () -- C:\Users\Leonell-\AppData\Local\d3d8caps.dat
[2006/01/01 19:50:21 | 000,014,560 | ---- | C] () -- C:\Users\Leonell-\AppData\Local\d3d9caps.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:88050731
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:BE76DBCF
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:EBC2DB92
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:BF3D62E7
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:A6CD15C3
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:7E95B6FD
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:4B7BEAFF

< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 29 August 2012 - 10:50 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi you do have some dodgy toolbars, so I will remove those first and then take a fresh look

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

THEN

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O33 - MountPoints2\{182efd4b-7a88-11da-93d2-001b245aa4ee}\Shell\AutoRun\command - "" = qhbfqx.exe
O33 - MountPoints2\{182efd4b-7a88-11da-93d2-001b245aa4ee}\Shell\open\Command - "" = qhbfqx.exe
O33 - MountPoints2\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\Shell\AutoRun\command - "" = I:\gbyqce.exe
O33 - MountPoints2\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\Shell\explore\Command - "" = I:\gbyqce.exe
O33 - MountPoints2\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\Shell\open\Command - "" = I:\gbyqce.exe
O33 - MountPoints2\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\Shell\AutoRun\command - "" = G:\pa39xth.cmd
O33 - MountPoints2\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\Shell\explore\Command - "" = G:\pa39xth.cmd
O33 - MountPoints2\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\Shell\open\Command - "" = G:\pa39xth.cmd
O33 - MountPoints2\{2f2d275a-7b38-11da-aad4-001b245aa4ee}\Shell\AutoRun\command - "" = yveqsh93.exe
O33 - MountPoints2\{2f2d275a-7b38-11da-aad4-001b245aa4ee}\Shell\open\Command - "" = yveqsh93.exe
O33 - MountPoints2\{5767b9c6-493f-11dd-9091-001b245aa4ee}\Shell\AutoRun\command - "" = pa39xth.cmd
O33 - MountPoints2\{5767b9c6-493f-11dd-9091-001b245aa4ee}\Shell\explore\Command - "" = pa39xth.cmd
O33 - MountPoints2\{5767b9c6-493f-11dd-9091-001b245aa4ee}\Shell\open\Command - "" = pa39xth.cmd
O33 - MountPoints2\{84014d08-c49f-11dc-a60b-001b245aa4ee}\Shell\Auto\command - "" = fun.xls.exe
O33 - MountPoints2\{84014d08-c49f-11dc-a60b-001b245aa4ee}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe
O33 - MountPoints2\{8b3b6862-6cfb-11e0-8129-111111111111}\Shell - "" = AutoRun
O33 - MountPoints2\{8b3b6862-6cfb-11e0-8129-111111111111}\Shell\AutoRun\command - "" = H:\PcOptions.exe
O33 - MountPoints2\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\Shell\AutoRun\command - "" = I:\fooool.exe
O33 - MountPoints2\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\Shell\explore\Command - "" = I:\fooool.exe
O33 - MountPoints2\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\Shell\open\Command - "" = I:\fooool.exe
O33 - MountPoints2\{aab949e0-6d66-11e0-a18c-0c0c0c0c0c45}\Shell - "" = AutoRun
O33 - MountPoints2\{aab949e0-6d66-11e0-a18c-0c0c0c0c0c45}\Shell\AutoRun\command - "" = H:\PcOptions.exe
O33 - MountPoints2\{b11c1440-5a8b-11e0-ab6e-111111111111}\Shell - "" = AutoRun
O33 - MountPoints2\{b11c1440-5a8b-11e0-ab6e-111111111111}\Shell\AutoRun\command - "" = H:\PcOptions.exe
O33 - MountPoints2\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\Shell\AutoRun\command - "" = I:\fooool.exe
O33 - MountPoints2\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\Shell\explore\Command - "" = I:\fooool.exe
O33 - MountPoints2\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\Shell\open\Command - "" = I:\fooool.exe
O33 - MountPoints2\{bd2bcf2e-7a72-11da-b49e-0c0c0c0c0c45}\Shell - "" = AutoRun
O33 - MountPoints2\{bd2bcf2e-7a72-11da-b49e-0c0c0c0c0c45}\Shell\AutoRun\command - "" = H:\PcOptions.exe
O33 - MountPoints2\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\Shell\AutoRun\command - "" = I:\gbyqce.exe
O33 - MountPoints2\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\Shell\explore\Command - "" = I:\gbyqce.exe
O33 - MountPoints2\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\Shell\open\Command - "" = I:\gbyqce.exe
O33 - MountPoints2\{bdc92876-7a72-11da-b504-001b245aa4ee}\Shell\AutoRun\command - "" = I:\fooool.exe
O33 - MountPoints2\{bdc92876-7a72-11da-b504-001b245aa4ee}\Shell\explore\Command - "" = I:\fooool.exe
O33 - MountPoints2\{bdc92876-7a72-11da-b504-001b245aa4ee}\Shell\open\Command - "" = I:\fooool.exe
O33 - MountPoints2\{d9113d6b-1326-11de-9d6c-001b245aa4ee}\Shell\Auto\command - "" = fun.xls.exe
O33 - MountPoints2\{d9113d6b-1326-11de-9d6c-001b245aa4ee}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe
O33 - MountPoints2\{d9113d7c-1326-11de-9d6c-001b245aa4ee}\Shell\Auto\command - "" = fun.xls.exe
O33 - MountPoints2\{d9113d7c-1326-11de-9d6c-001b245aa4ee}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe
O33 - MountPoints2\{fcbc00b9-1389-11de-928e-001b245aa4ee}\Shell\Auto\command - "" = 
O33 - MountPoints2\{fcbc00b9-1389-11de-928e-001b245aa4ee}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
Deo808
Posted 29 August 2012 - 12:44 PM

Deo808

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
First of all, thank you very much for replying.

Seemingly the annoying pop ups are gone!, at least they haven't come up so far.
I guess it is fixed, so thanks for your time and help again.

Here are the logs
(I got the log after rebooting but forgot to save it, so when it rebooted again for the second program I lost the original adwcleaner log, I repeated step 1 with adwcleaner and this was the log I finally got)

# AdwCleaner v1.801 - Logfile created 08/28/2012 at 11:17:26
# Updated 14/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 1 (32 bits)
# User : Leonell- - LEONELL-1
# Boot Mode : Normal
# Running from : C:\Users\Leonell-\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6001.18000

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (es-AR)

Profile name : default
File : C:\Users\Leonell-\AppData\Roaming\Mozilla\Firefox\Profiles\idrxjxk4.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [13264 octets] - [28/08/2012 10:44:10]
AdwCleaner[S1].txt - [323 octets] - [28/08/2012 10:44:52]
AdwCleaner[S2].txt - [13836 octets] - [28/08/2012 10:45:21]
AdwCleaner[S3].txt - [1563 octets] - [28/08/2012 11:17:26]

########## EOF - C:\AdwCleaner[S3].txt - [1691 octets] ##########









All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{182efd4b-7a88-11da-93d2-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{182efd4b-7a88-11da-93d2-001b245aa4ee}\ not found.
File qhbfqx.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{182efd4b-7a88-11da-93d2-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{182efd4b-7a88-11da-93d2-001b245aa4ee}\ not found.
File qhbfqx.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\ not found.
File I:\gbyqce.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\ not found.
File I:\gbyqce.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1bf148ac-7a73-11da-be8f-001b245aa4ee}\ not found.
File I:\gbyqce.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\ not found.
File G:\pa39xth.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\ not found.
File G:\pa39xth.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23a96897-2f2d-11dd-8a76-001b245aa4ee}\ not found.
File G:\pa39xth.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f2d275a-7b38-11da-aad4-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2f2d275a-7b38-11da-aad4-001b245aa4ee}\ not found.
File yveqsh93.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f2d275a-7b38-11da-aad4-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2f2d275a-7b38-11da-aad4-001b245aa4ee}\ not found.
File yveqsh93.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5767b9c6-493f-11dd-9091-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5767b9c6-493f-11dd-9091-001b245aa4ee}\ not found.
File pa39xth.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5767b9c6-493f-11dd-9091-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5767b9c6-493f-11dd-9091-001b245aa4ee}\ not found.
File pa39xth.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5767b9c6-493f-11dd-9091-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5767b9c6-493f-11dd-9091-001b245aa4ee}\ not found.
File pa39xth.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84014d08-c49f-11dc-a60b-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84014d08-c49f-11dc-a60b-001b245aa4ee}\ not found.
File fun.xls.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84014d08-c49f-11dc-a60b-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84014d08-c49f-11dc-a60b-001b245aa4ee}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b3b6862-6cfb-11e0-8129-111111111111}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8b3b6862-6cfb-11e0-8129-111111111111}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b3b6862-6cfb-11e0-8129-111111111111}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8b3b6862-6cfb-11e0-8129-111111111111}\ not found.
File H:\PcOptions.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\ not found.
File I:\fooool.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\ not found.
File I:\fooool.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{921dd6dc-7acd-11da-87fc-001b245aa4ee}\ not found.
File I:\fooool.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aab949e0-6d66-11e0-a18c-0c0c0c0c0c45}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aab949e0-6d66-11e0-a18c-0c0c0c0c0c45}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aab949e0-6d66-11e0-a18c-0c0c0c0c0c45}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aab949e0-6d66-11e0-a18c-0c0c0c0c0c45}\ not found.
File H:\PcOptions.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b11c1440-5a8b-11e0-ab6e-111111111111}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b11c1440-5a8b-11e0-ab6e-111111111111}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b11c1440-5a8b-11e0-ab6e-111111111111}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b11c1440-5a8b-11e0-ab6e-111111111111}\ not found.
File H:\PcOptions.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\ not found.
File I:\fooool.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\ not found.
File I:\fooool.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd24ab2c-7a72-11da-a7b5-001b245aa4ee}\ not found.
File I:\fooool.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd2bcf2e-7a72-11da-b49e-0c0c0c0c0c45}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd2bcf2e-7a72-11da-b49e-0c0c0c0c0c45}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd2bcf2e-7a72-11da-b49e-0c0c0c0c0c45}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd2bcf2e-7a72-11da-b49e-0c0c0c0c0c45}\ not found.
File H:\PcOptions.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\ not found.
File I:\gbyqce.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\ not found.
File I:\gbyqce.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdc9285e-7a72-11da-8c8e-001b245aa4ee}\ not found.
File I:\gbyqce.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdc92876-7a72-11da-b504-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdc92876-7a72-11da-b504-001b245aa4ee}\ not found.
File I:\fooool.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdc92876-7a72-11da-b504-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdc92876-7a72-11da-b504-001b245aa4ee}\ not found.
File I:\fooool.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdc92876-7a72-11da-b504-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdc92876-7a72-11da-b504-001b245aa4ee}\ not found.
File I:\fooool.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9113d6b-1326-11de-9d6c-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9113d6b-1326-11de-9d6c-001b245aa4ee}\ not found.
File fun.xls.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9113d6b-1326-11de-9d6c-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9113d6b-1326-11de-9d6c-001b245aa4ee}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9113d7c-1326-11de-9d6c-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9113d7c-1326-11de-9d6c-001b245aa4ee}\ not found.
File fun.xls.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9113d7c-1326-11de-9d6c-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9113d7c-1326-11de-9d6c-001b245aa4ee}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcbc00b9-1389-11de-928e-001b245aa4ee}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fcbc00b9-1389-11de-928e-001b245aa4ee}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcbc00b9-1389-11de-928e-001b245aa4ee}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fcbc00b9-1389-11de-928e-001b245aa4ee}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: ADMINI~1

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Leonell-
->Temp folder emptied: 348810 bytes
->Temporary Internet Files folder emptied: 2329363 bytes
->Java cache emptied: 7932153 bytes
->FireFox cache emptied: 41496396 bytes
->Google Chrome cache emptied: 247110320 bytes
->Apple Safari cache emptied: 6327296 bytes
->Flash cache emptied: 8163 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 40960 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1724217035 bytes
RecycleBin emptied: 118991236 bytes

Total Files Cleaned = 2.049,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.59.1 log created on 08282012_110406

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#4
Essexboy
Posted 29 August 2012 - 12:59 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You had some bad toolbars

Could you run a fresh OTL quickscan please .. Selecting all users so that I can check for remnants
  • 0

#5
Deo808
Posted 29 August 2012 - 04:55 PM

Deo808

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Sure,

Btw, Anything I should keep in mind to prevent this from happening again?



OTL logfile created on: 28/08/2012 01:52:38 p.m. - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Leonell-\Descargas\Descargas Chrome
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

1,44 Gb Total Physical Memory | 0,48 Gb Available Physical Memory | 33,34% Memory free
3,55 Gb Paging File | 2,14 Gb Available in Paging File | 60,16% Paging File free
Paging file location(s): C:\pagefile.sys 2203 2203 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104,39 Gb Total Space | 6,87 Gb Free Space | 6,58% Space Free | Partition Type: NTFS
Drive D: | 7,40 Gb Total Space | 0,90 Gb Free Space | 12,22% Space Free | Partition Type: NTFS

Computer Name: LEONELL-1 | User Name: Leonell- | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/28 08:36:27 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Leonell-\Descargas\Descargas Chrome\OTL.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgidsagent.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/11 20:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe
PRC - [2011/02/15 13:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) -- C:\Archivos de programa\Prey\platform\windows\cronsvc.exe
PRC - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Archivos de programa\Nero\Update\NASvc.exe
PRC - [2009/09/30 10:12:14 | 000,091,392 | ---- | M] () -- C:\Archivos de programa\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2009/09/30 10:12:10 | 000,273,664 | ---- | M] (Motorola) -- C:\Archivos de programa\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2009/06/03 09:34:50 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Archivos de programa\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/10/29 03:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 04:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe
PRC - [2008/01/19 04:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnscfg.exe
PRC - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/17 19:28:55 | 000,442,392 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
MOD - [2012/08/17 19:28:54 | 012,236,824 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
MOD - [2012/08/17 19:28:52 | 003,997,720 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
MOD - [2012/08/17 19:27:36 | 000,526,872 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\libglesv2.dll
MOD - [2012/08/17 19:27:35 | 000,104,984 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\libegl.dll
MOD - [2012/08/17 19:27:23 | 000,144,424 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MOD - [2012/08/17 19:27:22 | 000,266,792 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MOD - [2012/08/17 19:27:21 | 002,480,680 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012/08/10 17:33:55 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Archivos de programa\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Archivos de programa\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/18 00:04:30 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/08/11 20:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/02/15 13:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) [Auto | Running] -- C:\Archivos de programa\Prey\platform\windows\cronsvc.exe -- (CronService)
SRV - [2010/10/19 15:10:34 | 000,659,456 | R--- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Archivos de programa\epson\MyEpson Portal\mepService.exe -- (MyEpson Portal Service)
SRV - [2010/08/02 18:17:16 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Archivos de programa\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/09/30 10:12:14 | 000,091,392 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/06/03 09:34:50 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Archivos de programa\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/19 04:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 04:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007/03/05 05:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Archivos de programa\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2006/10/27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006/10/26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Motousbnet.sys -- (Motousbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motmodem.sys -- (motmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgpfl.sys -- (motccgpfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgp.sys -- (motccgp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\ElbyVCD.sys -- (ElbyVCD)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | Boot | Stopped] -- -- (BTHidMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motfilt.sys -- (BTCFilterService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (BT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\blueletaudio.sys -- (BlueletAudio)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (avrfzrct)
DRV - File not found [Kernel | System | Stopped] -- -- (ASPI32)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a96wfnwm)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/04/11 12:40:28 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2012/04/06 15:15:10 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/07/22 13:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 18:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/09/27 10:20:34 | 000,035,363 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\windrvNT.sys -- (windrvNT)
DRV - [2010/09/15 18:55:11 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010/09/15 18:53:36 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010/09/15 18:53:36 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/07/04 16:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Archivos de programa\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/06/24 23:01:12 | 000,108,416 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smhwser.sys -- (smhwser)
DRV - [2010/06/24 23:01:12 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smhwdev.sys -- (smhwdev)
DRV - [2010/06/24 23:01:12 | 000,025,728 | R--- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smhwadb.sys -- (androidusb)
DRV - [2010/04/29 10:06:58 | 000,254,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMUVC.sys -- (VMUVC)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/06/24 06:08:00 | 007,542,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/18 10:42:12 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/03/20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009/03/20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2008/07/01 11:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vvftUVC.sys -- (vvftUVC)
DRV - [2008/03/15 05:11:11 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008/03/03 05:10:44 | 000,182,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/11/02 14:51:28 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007/10/25 18:31:08 | 000,616,064 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/10 06:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/05/03 18:29:10 | 001,065,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/05/02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007/05/02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007/05/02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2007/02/21 21:24:48 | 000,159,232 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/02/15 13:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/12/22 02:28:56 | 000,100,648 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/11/30 06:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/01 18:45:14 | 000,219,264 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BTCamDrv.sys -- (BTCAMDRV)
DRV - [2006/06/28 05:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2003/01/10 10:56:34 | 000,030,921 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SQCaptur.sys -- (DCamUSBSQTECH)
DRV - [1998/03/10 19:28:24 | 000,014,848 | ---- | M] (MARX Data Security GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MARXDEV3.SYS -- (MarxDev3)
DRV - [1998/03/10 19:28:22 | 000,014,848 | ---- | M] (MARX Data Security GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MARXDEV2.SYS -- (MarxDev2)
DRV - [1998/03/10 19:28:22 | 000,014,848 | ---- | M] (MARX Data Security GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MARXDEV1.SYS -- (MarxDev1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}


IE - HKU\.DEFAULT\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: avg@toolbar:8.0.0.40
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1865
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\users\leonell-\downloads\real player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\users\leonell-\downloads\real player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\users\leonell-\downloads\real player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Leonell-\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Leonell-\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Leonell-\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/07/01 10:49:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/08 17:23:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/21 01:03:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/06/24 11:15:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/24 13:03:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/14 10:04:43 | 000,000,000 | ---D | M]

[2008/07/08 20:57:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Extensions
[2012/08/28 10:45:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions
[2010/06/25 21:02:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/03/12 23:14:52 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/03/30 07:23:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/08/06 08:28:22 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Leonell-\AppData\Roaming\mozilla\Firefox\Profiles\idrxjxk4.default\extensions\[email protected]
[2012/08/28 10:45:39 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2011/12/08 22:38:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Archivos de programa\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/05/06 18:26:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012/07/13 04:15:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/04/24 13:03:52 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\distribution\extensions
[2012/06/24 11:15:30 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/05/06 18:26:21 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012/07/13 04:15:44 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
[2012/01/20 22:40:46 | 000,013,642 | ---- | M] () (No name found) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IDRXJXK4.DEFAULT\EXTENSIONS\{A3A5C777-F583-4FEF-9380-AB4ADD1BC2A8}.XPI
[2012/01/19 20:45:27 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IDRXJXK4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IDRXJXK4.DEFAULT\EXTENSIONS\[email protected]
[2012/04/24 13:06:34 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IDRXJXK4.DEFAULT\EXTENSIONS\[email protected]
[2011/12/11 14:47:02 | 000,007,129 | ---- | M] () (No name found) -- C:\USERS\LEONELL-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IDRXJXK4.DEFAULT\EXTENSIONS\[email protected]
[2012/04/18 00:05:51 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/23 23:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2007/03/09 20:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012/04/18 00:59:16 | 000,004,080 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
[2012/04/18 00:59:16 | 000,002,470 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolibre-ar.xml
[2012/04/18 00:59:16 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
[2012/04/18 00:59:16 | 000,000,824 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-ar.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Leonell-\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U33 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.5 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: AVG Safe Search = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\
CHR - Extension: AVG Do Not Track = C:\Users\Leonell-\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\

O1 HOSTS File: ([2012/08/28 11:04:09 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Aplicación auxiliar de vínculos de Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Archivos de programa\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Archivos de programa\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Archivos de programa\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Archivos de programa\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Archivos de programa\Emulador java\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O2 - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Archivos de programa\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Archivos de programa\Emulador java\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\..\Toolbar\ShellBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Archivos de programa\Emulador java\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\..\Toolbar\WebBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Archivos de programa\Emulador java\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
O4 - HKLM..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1397375062-2753414827-256561568-1000..\Run: [Facebook Update] "C:\Users\Leonell-\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKU\S-1-5-21-1397375062-2753414827-256561568-1000..\Run: [SpybotSD TeaTimer] C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download with &Media Finder - Reg Error: Value error. File not found
O8 - Extra context menu item: Enviar a &Bluetooth - C:\Archivos de programa\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Leonell-\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Leonell-\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Link to &MidpX - C:\Archivos de programa\Emulador java\MidpX\JadInvoker\Extent\jad_wrap.htm ()
O9 - Extra 'Tools' menuitem : Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Archivos de programa\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.42.4.204 200.49.130.41
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D48D2919-0E87-4CDE-8800-559FA448CAB6}: DhcpNameServer = 200.42.4.204 200.49.130.41
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC017067-2835-4784-8D91-6AC4F8EEF608}: DhcpNameServer = 190.7.31.226 190.7.31.228
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Archivos de programa\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1397375062-2753414827-256561568-1000 Winlogon: Shell - (EXPLORER.EXE) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - File not found
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/30 23:47:43 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/28 11:04:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/24 20:29:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/08/24 12:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAce
[2012/08/24 12:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinAce
[2012/08/24 05:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2012/08/23 09:20:46 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\Desktop\Nueva carpeta
[2012/08/23 06:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/08/23 06:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/08/23 06:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/08/16 00:13:24 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\Application Data\Documents\Data files backup
[2012/08/12 12:36:47 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\Bethesda Softworks
[2012/08/11 21:03:56 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\Help
[2012/08/11 21:03:56 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Local\Help
[2012/08/11 20:58:11 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftsrch.dll
[2012/08/11 20:58:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx041e.dll
[2012/08/11 20:58:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx0411.dll
[2012/08/11 20:58:10 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\winhlp32.exe
[2012/08/10 17:33:10 | 009,826,504 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2012/08/08 15:14:59 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eJay FreePlayer
[2012/08/08 15:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eJay FreePlayer
[2012/08/08 15:14:56 | 000,163,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmaudsdk.dll
[2012/08/08 15:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\eJay FreePlayer
[2012/08/08 14:56:07 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnalogX
[2012/08/08 14:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\AnalogX
[2012/08/08 14:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\GoldWave
[2012/08/08 14:40:33 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\Opera
[2012/08/08 14:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2012/08/08 14:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVibesHOME7DEMO
[2012/08/08 14:12:38 | 000,000,000 | ---D | C] -- C:\Program Files\MixVibesHOME7DEMO
[2012/08/08 13:48:17 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\VUPlayer
[2012/08/08 13:47:48 | 000,000,000 | ---D | C] -- C:\Program Files\VUPlayer
[2012/08/06 21:36:51 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Local\Macromedia
[2012/08/06 15:48:17 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\Textures
[2012/08/06 15:48:17 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\Better_Heads_Extras
[2012/08/06 11:45:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morrowind Script Extender
[2012/08/06 11:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\MWScriptExtender
[2012/08/06 08:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012/08/06 07:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morrowind Mod Manager
[2012/08/05 10:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Mender
[2012/08/05 10:00:36 | 000,000,000 | ---D | C] -- C:\Users\Leonell-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Mender
[2012/08/05 10:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\Image Mender

========== Files - Modified Within 30 Days ==========

[2012/08/28 14:04:20 | 000,000,029 | ---- | M] () -- C:\Windows\System32\TempWmicBatchFile.bat
[2012/08/28 13:49:02 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1397375062-2753414827-256561568-1000UA.job
[2012/08/28 13:32:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/28 13:28:01 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/28 13:20:16 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/28 13:20:16 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/28 13:11:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1397375062-2753414827-256561568-1000UA.job
[2012/08/28 11:22:13 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012/08/28 11:21:18 | 000,048,104 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/08/28 11:20:36 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/08/28 11:20:24 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/28 11:20:23 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/08/28 11:20:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/28 11:18:11 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/08/28 11:04:09 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/08/28 09:14:35 | 105,217,374 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/08/27 16:11:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1397375062-2753414827-256561568-1000Core.job
[2012/08/27 12:40:22 | 000,710,636 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2012/08/27 12:40:22 | 000,627,494 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/27 12:40:22 | 000,149,132 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2012/08/27 12:40:22 | 000,116,318 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/26 17:56:15 | 000,477,774 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/08/24 06:49:30 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1397375062-2753414827-256561568-1000Core.job
[2012/08/23 09:17:25 | 000,209,408 | ---- | M] () -- C:\Users\Leonell-\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/23 06:51:44 | 000,001,063 | ---- | M] () -- C:\Users\Leonell-\Desktop\Spybot - Search & Destroy.lnk
[2012/08/20 22:53:16 | 195,127,374 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/16 00:17:20 | 000,000,949 | ---- | M] () -- C:\Users\Leonell-\Desktop\Morrowind Enhanced.exe.lnk
[2012/08/14 19:33:10 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk
[2012/08/13 09:08:34 | 000,042,091 | ---- | M] () -- C:\Users\Leonell-\Application Data\Documents\llñlñl.nrj
[2012/08/10 17:33:47 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/10 17:33:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/08/10 17:33:13 | 009,826,504 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2012/08/08 03:20:58 | 000,002,344 | ---- | M] () -- C:\Users\Leonell-\Desktop\traderdaniel.ESP
[2012/08/05 10:00:47 | 000,000,804 | ---- | M] () -- C:\Users\Leonell-\Desktop\Image Mender.lnk
[2012/08/04 22:50:44 | 005,622,596 | ---- | M] () -- C:\Users\Leonell-\Untitled.mp3
[2012/08/03 14:37:30 | 009,099,694 | ---- | M] () -- C:\Users\Leonell-\Untitled.wav

========== Files Created - No Company Name ==========

[2012/08/23 06:51:44 | 000,001,063 | ---- | C] () -- C:\Users\Leonell-\Desktop\Spybot - Search & Destroy.lnk
[2012/08/20 22:51:53 | 195,127,374 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/08/16 00:17:00 | 000,000,949 | ---- | C] () -- C:\Users\Leonell-\Desktop\Morrowind Enhanced.exe.lnk
[2012/08/14 19:33:10 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk
[2012/08/13 09:08:34 | 000,042,091 | ---- | C] () -- C:\Users\Leonell-\Application Data\Documents\llñlñl.nrj
[2012/08/08 14:26:31 | 000,000,824 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2012/08/08 03:20:57 | 000,002,344 | ---- | C] () -- C:\Users\Leonell-\Desktop\traderdaniel.ESP
[2012/08/05 10:00:47 | 000,000,804 | ---- | C] () -- C:\Users\Leonell-\Desktop\Image Mender.lnk
[2012/08/03 14:37:07 | 009,099,694 | ---- | C] () -- C:\Users\Leonell-\Untitled.wav
[2012/08/03 14:36:22 | 005,622,596 | ---- | C] () -- C:\Users\Leonell-\Untitled.mp3
[2012/05/13 23:16:43 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat
[2012/04/06 21:34:35 | 005,702,115 | ---- | C] () -- C:\Users\Leonell-\idea.mp3
[2011/11/02 15:46:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/06/10 13:20:53 | 000,000,027 | ---- | C] () -- C:\ProgramData\droidcam-settings
[2011/02/10 23:45:42 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011/02/10 23:45:41 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011/02/10 23:45:41 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011/02/10 23:45:41 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011/02/10 23:45:41 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011/02/10 23:45:41 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011/02/10 23:45:41 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011/02/10 23:45:41 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011/02/10 23:45:41 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011/02/10 23:45:41 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011/02/10 23:45:41 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011/02/10 23:45:41 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011/02/10 23:45:41 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011/02/10 23:45:41 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011/02/10 23:45:41 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011/02/10 23:45:41 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011/02/10 23:37:55 | 000,000,088 | ---- | C] () -- C:\Windows\TX220.ini
[2010/09/27 10:20:34 | 000,053,248 | ---- | C] () -- C:\Windows\System32\suppdll.dll
[2010/09/27 10:20:34 | 000,035,363 | ---- | C] () -- C:\Windows\System32\windrvNT.sys
[2010/06/25 04:28:09 | 000,048,104 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/06/25 04:28:09 | 000,048,104 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/06/22 20:49:02 | 000,000,000 | ---- | C] () -- C:\Users\Leonell-\AppData\Local\prvlcl.dat
[2009/03/18 03:55:04 | 000,000,282 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/07/07 05:59:54 | 000,633,344 | ---- | C] () -- C:\Program Files\00WebCam.002
[2007/10/11 15:53:15 | 000,000,000 | ---- | C] () -- C:\Users\Leonell-\AppData\Roaming\wklnhst.dat
[2007/10/02 11:34:23 | 000,209,408 | ---- | C] () -- C:\Users\Leonell-\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/02 10:16:41 | 000,013,166 | ---- | C] () -- C:\Users\Leonell-\AppData\Roaming\nvModes.001
[2007/10/02 10:16:36 | 000,013,166 | ---- | C] () -- C:\Users\Leonell-\AppData\Roaming\nvModes.dat
[2007/10/02 01:54:02 | 000,022,280 | ---- | C] () -- C:\Users\Leonell-\AppData\Roaming\UserTile.png
[2006/01/03 07:52:40 | 000,000,552 | ---- | C] () -- C:\Users\Leonell-\AppData\Local\d3d8caps.dat
[2006/01/01 19:50:21 | 000,014,560 | ---- | C] () -- C:\Users\Leonell-\AppData\Local\d3d9caps.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:88050731
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:BE76DBCF
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:EBC2DB92
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:BF3D62E7
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:A6CD15C3
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:7E95B6FD
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:4B7BEAFF

< End of report >
  • 0

#6
Essexboy
Posted 30 August 2012 - 07:10 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The main thing to watch out for is when you install a programme from the net, always use custom install rather than just click install. Then deselect all additions that they offer, especially toolbars

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    IE - HKU\S-1-5-21-1397375062-2753414827-256561568-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
    O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
    O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O2 - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#7
Deo808
Posted 30 August 2012 - 10:11 AM

Deo808

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Wow, you're the best!
Ok I'm doing all you asked

It works great now.

Thanks again Essexboy
  • 0

#8
Essexboy
Posted 31 August 2012 - 02:26 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP