Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

OTL Log - Slow Computer

Started by kliq , Sep 14 2012 07:32 AM

  • Please log in to reply

#1
kliq
Posted 14 September 2012 - 07:32 AM

kliq

    New Member

  • Member
  • Pip
  • 1 posts
Hello,

My pc is acting particularly slow lately and I dont know how else to fix it. There are no google redirects or obvious malware visible when I use it, but I am not 100% it is not infected. So I am attaching the OTL log and perhaps someone can help me identify why the pc is so slow and if it is infected or not.

Many thanks in advance.


OTL logfile created on: 14/09/2012 08:47:08 a.m. - Run 1
OTL by OldTimer - Version 3.2.61.4 Folder = C:\Documents and Settings\Alberto Cristo\Mis documentos\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000200A | Country: Venezuela | Language: ESV | Date Format: dd/MM/yyyy

1014,42 Mb Total Physical Memory | 509,96 Mb Available Physical Memory | 50,27% Memory free
2,38 Gb Paging File | 1,62 Gb Available in Paging File | 67,79% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 74,52 Gb Total Space | 37,39 Gb Free Space | 50,17% Space Free | Partition Type: NTFS

Computer Name: ALBERTO | User Name: Alberto Cristo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/14 08:44:48 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Alberto Cristo\Mis documentos\Downloads\OTL.exe
PRC - [2012/08/29 22:28:46 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe
PRC - [2012/04/04 18:17:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/02/26 23:45:42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012/02/10 10:58:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2012/01/17 10:37:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Archivos comunes\Java\Java Update\jucheck.exe
PRC - [2012/01/17 10:37:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe
PRC - [2011/11/25 14:51:44 | 000,459,832 | ---- | M] (Sony Corporation) -- C:\Archivos de programa\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2011/11/25 14:50:42 | 000,688,184 | ---- | M] (Sony Corporation) -- C:\Archivos de programa\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2011/11/02 02:00:44 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Archivos de programa\Archivos comunes\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/01/15 08:19:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2008/12/12 17:36:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 17:36:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/11/09 16:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 21:48:57 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/20 19:53:22 | 000,083,240 | ---- | M] (Cyberlink Corp.) -- C:\Archivos de programa\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2008/03/13 16:19:56 | 000,472,320 | ---- | M] (ESET) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2008/03/13 16:18:30 | 001,443,072 | ---- | M] (ESET) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2006/10/26 13:10:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\mdm.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/29 22:28:45 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll
MOD - [2012/08/29 22:28:44 | 012,237,336 | ---- | M] () -- C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
MOD - [2012/08/29 22:28:42 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\Application\21.0.1180.89\pdf.dll
MOD - [2012/08/29 22:27:15 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\Application\21.0.1180.89\avutil-51.dll
MOD - [2012/08/29 22:27:13 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\Application\21.0.1180.89\avformat-54.dll
MOD - [2012/08/29 22:27:12 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Archivos de programa\Yahoo!\Messenger\yui.dll
MOD - [2012/02/20 20:59:04 | 000,087,912 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 20:58:42 | 001,242,472 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\libxml2.dll
MOD - [2008/12/12 17:41:26 | 000,148,480 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\CAntiVirusCOM.dll
MOD - [2008/12/12 17:41:26 | 000,097,280 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\CFirewallCOM.dll
MOD - [2008/04/13 21:48:25 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Services (SafeList) ==========

SRV - [2012/08/13 11:39:46 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Archivos de programa\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/04 18:17:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/02/26 23:45:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2012/02/10 10:58:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 10:58:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/11/25 14:51:44 | 000,459,832 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Archivos de programa\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2011/07/20 04:48:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010/09/29 12:35:45 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/01/15 08:19:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/12/12 17:36:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/11/09 16:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/03/13 16:25:26 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2008/03/13 16:19:56 | 000,472,320 | ---- | M] (ESET) [Auto | Running] -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2007/06/27 17:34:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/10/26 13:33:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/26 13:10:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\FXDrv32.sys -- (FXDrv32)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2008/12/12 17:35:20 | 000,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 17:35:18 | 000,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/03/13 16:22:18 | 000,033,800 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2008/03/13 16:14:36 | 000,029,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2008/03/13 16:13:42 | 000,040,456 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2007/08/10 01:22:44 | 004,603,904 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007/07/11 23:19:16 | 000,096,384 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/12/21 09:46:34 | 000,470,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/08/03 17:01:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2001/08/17 16:21:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.ve/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://latam.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2A 8C 34 FB 37 FC CA 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://go.microsoft..../?LinkId=69157"
FF - prefs.js..extensions.enabledItems: [email protected]:4.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Archivos de programa\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Archivos de programa\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Archivos de programa\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Archivos de programa\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Archivos de programa\Archivos comunes\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Alberto Cristo\Datos de programa\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Alberto Cristo\Datos de programa\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Archivos de programa\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/16 09:15:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2010/11/01 20:58:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2012/05/27 21:04:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Archivos de programa\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/16 09:15:06 | 000,000,000 | ---D | M]

[2009/12/18 18:39:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alberto Cristo\Datos de programa\Mozilla\Extensions
[2012/08/13 11:40:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alberto Cristo\Datos de programa\Mozilla\Firefox\Profiles\okvmuzbr.default\extensions
[2010/11/07 08:27:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Alberto Cristo\Datos de programa\Mozilla\Firefox\Profiles\okvmuzbr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/08/13 11:40:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Alberto Cristo\Datos de programa\Mozilla\Firefox\Profiles\okvmuzbr.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/07/06 13:40:03 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2010/04/16 19:51:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/16 09:15:06 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\ARCHIVOS DE PROGRAMA\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2010/11/01 20:58:17 | 000,003,996 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\drae.xml
[2010/11/01 20:58:17 | 000,000,751 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\eBay-es.xml
[2010/11/01 20:58:17 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\wikipedia-es.xml
[2010/11/01 20:58:17 | 000,000,798 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\yahoo-es.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Alberto Cristo\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Alberto Cristo\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Alberto Cristo\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Alberto Cristo\Configuraci\u00F3n local\Datos de programa\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Archivos de programa\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Archivos de programa\Windows Media Player\npdsplay.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Alberto Cristo\Datos de programa\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Alberto Cristo\Datos de programa\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Archivos de programa\Google\Picasa3\npPicasa3.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Archivos de programa\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Archivos de programa\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Alberto Cristo\Configuraci\u00F3n local\Datos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Archivos de programa\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Splendid = C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd\3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Webmail Ad Blocker = C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp\2.32_0\
CHR - Extension: Adblock Plus (Beta) = C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: B\u00FAsqueda de Google = C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/09/22 11:17:59 | 000,000,839 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Barra Yahoo!) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [nmctxth] C:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Archivos de programa\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Archivos de programa\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RemoteControl8] C:\Archivos de programa\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Archivos de programa\Archivos comunes\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Archivos de programa\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\Alberto Cristo\Menú Inicio\Programas\Inicio\Dropbox.lnk = C:\Documents and Settings\Alberto Cristo\Datos de programa\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\McAfee Security Scan Plus.lnk = C:\Archivos de programa\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre6\bin\npjpi160_20.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.192.12 10.1.192.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27BCD611-74F7-4ED5-BF71-2694818E58F8}: DhcpNameServer = 10.1.192.12 10.1.192.13
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/29 12:25:54 | 000,000,000 | ---D | M] - C:\AUTO2011 -- [ NTFS ]
O32 - AutoRun File - [2009/09/21 17:08:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{06465fc0-a793-11de-9d45-001558be39db}\Shell - "" = Autorun
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/14 06:59:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alberto Cristo\Menú Inicio\Programas\CyberLink PowerDVD 8
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/14 08:58:03 | 000,001,164 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1965331169-682003330-1003UA.job
[2012/09/14 08:58:03 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1965331169-682003330-1003Core.job
[2012/09/14 08:55:03 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/09/14 06:59:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/14 06:59:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/13 20:40:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/09/13 20:38:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/09/13 14:00:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/09/13 10:10:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/09/12 13:02:03 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/09/02 12:50:17 | 000,023,420 | ---- | M] () -- C:\Documents and Settings\Alberto Cristo\Escritorio\cangrejito.jpg
[2012/08/27 18:08:16 | 000,498,543 | ---- | M] () -- C:\Documents and Settings\Alberto Cristo\Escritorio\calique chiquito.jpg
[2012/08/16 06:54:38 | 000,352,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/15 22:23:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/02 12:50:26 | 000,023,420 | ---- | C] () -- C:\Documents and Settings\Alberto Cristo\Escritorio\cangrejito.jpg
[2012/08/27 18:08:25 | 000,498,543 | ---- | C] () -- C:\Documents and Settings\Alberto Cristo\Escritorio\calique chiquito.jpg
[2012/08/15 22:16:36 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/05/18 17:17:57 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/02/24 18:23:26 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/21 12:00:31 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/26 08:25:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/01/10 18:45:50 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

========== LOP Check ==========

[2010/09/29 18:38:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alberto Cristo\Datos de programa\Autodesk
[2012/09/14 06:59:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alberto Cristo\Datos de programa\Dropbox
[2012/05/27 21:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alberto Cristo\Datos de programa\Oracle
[2012/06/10 07:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alberto Cristo\Datos de programa\Research In Motion
[2012/09/14 08:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alberto Cristo\Datos de programa\uTorrent
[2010/09/29 12:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Autodesk
[2009/09/22 11:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ESET
[2010/12/13 20:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\MSScanAppDataDir
[2012/06/10 07:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Research In Motion
[2010/12/13 20:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\SSScanAppDataDir
[2012/05/04 12:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/09/13 10:10:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012/09/13 20:40:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012/09/13 20:38:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2012/09/13 14:00:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job

========== Purity Check ==========



< End of report >



OTL Extras logfile created on: 14/09/2012 08:47:08 a.m. - Run 1
OTL by OldTimer - Version 3.2.61.4 Folder = C:\Documents and Settings\Alberto Cristo\Mis documentos\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000200A | Country: Venezuela | Language: ESV | Date Format: dd/MM/yyyy

1014,42 Mb Total Physical Memory | 509,96 Mb Available Physical Memory | 50,27% Memory free
2,38 Gb Paging File | 1,62 Gb Available in Paging File | 67,79% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 74,52 Gb Total Space | 37,39 Gb Free Space | 50,17% Space Free | Partition Type: NTFS

Computer Name: ALBERTO | User Name: Alberto Cristo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service
"4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
"4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
"4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
"4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Archivos de programa\CyberLink\PowerDVD8\PowerDVD8.exe" = C:\Archivos de programa\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0 -- (CyberLink Corp.)
"C:\Archivos de programa\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Archivos de programa\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Archivos de programa\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Archivos de programa\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Archivos de programa\HP\Digital Imaging\bin\hposid01.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Archivos de programa\HP\Digital Imaging\bin\hpoews01.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Archivos de programa\HP\HP Software Update\HPWUCli.exe" = C:\Archivos de programa\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Archivos de programa\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Archivos de programa\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Archivos de programa\CyberLink\PowerDVD8\PowerDVD8.exe" = C:\Archivos de programa\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0 -- (CyberLink Corp.)
"D:\CDS\Nero\Installation\SetupX.exe" = D:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup
"C:\Archivos de programa\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Archivos de programa\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Archivos de programa\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Archivos de programa\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Archivos de programa\Skype\Plugin Manager\skypePM.exe" = C:\Archivos de programa\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Archivos de programa\HP\Digital Imaging\bin\hposid01.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Archivos de programa\HP\Digital Imaging\bin\hpoews01.exe" = C:\Archivos de programa\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Archivos de programa\HP\HP Software Update\HPWUCli.exe" = C:\Archivos de programa\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Archivos de programa\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Archivos de programa\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Alberto Cristo\Configuración local\Datos de programa\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Archivos de programa\HP\HP Deskjet 2000 J210 series\Bin\USBSetup.exe" = C:\Archivos de programa\HP\HP Deskjet 2000 J210 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Configuración de dispositivo HP -- (Hewlett-Packard Co.)
"C:\Documents and Settings\Alberto Cristo\Datos de programa\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Alberto Cristo\Datos de programa\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Archivos de programa\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Archivos de programa\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion)
"C:\Archivos de programa\uTorrent\uTorrent.exe" = C:\Archivos de programa\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe" = C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\nmsrvc.exe" = C:\Archivos de programa\Archivos comunes\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service -- (Cisco Systems, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Herramienta de carga de Windows Live
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 4
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2CD0168D-FBBC-4667-8810-105CB6EC6348}" = HP Deskjet D1600 Printer Driver Software 13.0 Rel .6
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38A0481D-544D-4C01-BB32-39332391D012}" = Windows Live Call
"{3FB43B7E-EB12-4515-B6B6-2C63B506CC3C}" = Estudio de mejora de productos de HP Deskjet 2000 J210 series
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52040558-EE65-4BB1-AEE4-7BEABCB71AF2}" = HP Deskjet 2000 J210 series Ayuda
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5727583F-3530-45FD-B09E-7E1CB6C135AD}" = DJ_SF_06_D1600_SW_Min
"{5783F2D7-9001-040A-0002-0060B0CE6BBA}" = AutoCAD 2011 - Español
"{5783F2D7-9001-040A-1002-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - Español
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7391ABC8-0EA4-3798-ACE3-96B8C8D84EA8}" = Google Talk Plugin
"{7593234B-2AEB-4FC9-B02D-C9B30D86084C}" = Windows Live Asistente para el inicio de sesión
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{8F94D5AC-C1C6-432D-8924-2F5EEBC28446}" = Windows Live Essentials
"{90120000-0010-0C0A-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Spanish) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_PROPLUS_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_PROPLUS_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_PROPLUS_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_PROPLUS_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007
"{90120000-0044-0C0A-0000-0000000FF1CE}_PROPLUS_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_PROPLUS_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{AC76BA86-7AD7-1034-7B44-A94000000001}" = Adobe Reader 9.4.2 - Español
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BEC001F9-0451-4396-92D7-E1A4E7854BF3}" = Windows Live Mail
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D9152126-5B03-4451-BDE9-77D503FE134D}" = Software básico del dispositivo HP Deskjet 2000 J210 series
"{DA94A899-F439-44D1-90B6-DB02A7341170}" = BlackBerry Desktop Software 7.0
"{DB3B70EE-881B-4FF3-8602-E9FF599D328B}" = ESET NOD32 Antivirus
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EAE8CF06-28CA-4213-839C-A32817A47E00}" = D1600
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF3E420F-2DCF-4C24-8E37-896801901034}" = Nero 7 Essentials
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2FFEEAA-0B48-4342-9B67-12ABB0B58F24}" = Windows Live Messenger
"{FBDBC490-089D-4476-BF72-1F7A6368200A}" = Pure Networks Platform
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoCAD 2011 - Español" = AutoCAD 2011 - Español
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.0
"CCleaner" = CCleaner
"Eset-NOD32: Fix Dasumo v3.2 hasta el 2038" = Eset-NOD32: Fix Dasumo v3.2 hasta el 2038
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photo Creations" = HP Photo Creations
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"ie8" = Windows Internet Explorer 8
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.3.4
"Linksys EasyLink Advisor" = Linksys EasyLink Advisor
"Marsu-Fix" = Marsu-Fix
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.13)" = Mozilla Firefox (3.5.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Picasa 3" = Picasa 3
"PROPLUS" = Microsoft Office Professional Plus 2007
"uTorrent" = µTorrent
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Reproductor de Windows Media 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Barra Yahoo!
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 08/05/2012 09:26:36 p.m. | Computer Name = ALBERTO | Source = crypt32 | ID = 131080
Description = Error en la recuperación de actualización automática del número de
secuencia de la lista raíz de terceros de: <http://www.download....uthrootseq.txt>
con el error: The server name or address could not be resolved

Error - 09/05/2012 07:01:49 a.m. | Computer Name = ALBERTO | Source = crypt32 | ID = 131080
Description = Error en la recuperación de actualización automática del número de
secuencia de la lista raíz de terceros de: <http://www.download....uthrootseq.txt>
con el error: The server name or address could not be resolved

Error - 09/05/2012 12:24:34 p.m. | Computer Name = ALBERTO | Source = Application Hang | ID = 1002
Description = Aplicación que no responde: firefox.exe, versión 1.9.1.3909, módulo
que no responde hungapp, versión 0.0.0.0, dirección que no responde 0x00000000.

Error - 16/05/2012 11:33:04 p.m. | Computer Name = ALBERTO | Source = crypt32 | ID = 131080
Description = Error en la recuperación de actualización automática del número de
secuencia de la lista raíz de terceros de: <http://www.download....uthrootseq.txt>
con el error: The server name or address could not be resolved

Error - 17/05/2012 08:13:48 a.m. | Computer Name = ALBERTO | Source = crypt32 | ID = 131080
Description = Error en la recuperación de actualización automática del número de
secuencia de la lista raíz de terceros de: <http://www.download....uthrootseq.txt>
con el error: The server name or address could not be resolved

Error - 18/05/2012 05:23:20 p.m. | Computer Name = ALBERTO | Source = crypt32 | ID = 131080
Description = Error en la recuperación de actualización automática del número de
secuencia de la lista raíz de terceros de: <http://www.download....uthrootseq.txt>
con el error: The server name or address could not be resolved

Error - 18/05/2012 05:42:18 p.m. | Computer Name = ALBERTO | Source = crypt32 | ID = 131080
Description = Error en la recuperación de actualización automática del número de
secuencia de la lista raíz de terceros de: <http://www.download....uthrootseq.txt>
con el error: The server name or address could not be resolved

Error - 19/05/2012 10:03:26 a.m. | Computer Name = ALBERTO | Source = crypt32 | ID = 131080
Description = Error en la recuperación de actualización automática del número de
secuencia de la lista raíz de terceros de: <http://www.download....uthrootseq.txt>
con el error: The server name or address could not be resolved

Error - 20/05/2012 07:53:02 a.m. | Computer Name = ALBERTO | Source = crypt32 | ID = 131080
Description = Error en la recuperación de actualización automática del número de
secuencia de la lista raíz de terceros de: <http://www.download....uthrootseq.txt>
con el error: The server name or address could not be resolved

Error - 20/05/2012 10:43:18 a.m. | Computer Name = ALBERTO | Source = crypt32 | ID = 131080
Description = Error en la recuperación de actualización automática del número de
secuencia de la lista raíz de terceros de: <http://www.download....uthrootseq.txt>
con el error: The server name or address could not be resolved

[ System Events ]
Error - 11/09/2012 10:00:33 a.m. | Computer Name = ALBERTO | Source = Service Control Manager | ID = 7009
Description = Intervalo de espera (30000 ms.) para la conexión con el servicio Nod32
AV.

Error - 11/09/2012 10:00:33 a.m. | Computer Name = ALBERTO | Source = Service Control Manager | ID = 7000
Description = El servicio Nod32 AV no pudo iniciarse debido al siguiente error:
%%1053

Error - 12/09/2012 08:12:24 a.m. | Computer Name = ALBERTO | Source = Dhcp | ID = 1002
Description = La concesión de la dirección IP 192.168.1.101 para la tarjeta de red
con la dirección de red 0014788F3FE9 ha sido denegada por el servidor DHCP 192.168.1.1
(el servidor DHCP envió un mensaje DHCPNACK).

Error - 12/09/2012 08:12:50 a.m. | Computer Name = ALBERTO | Source = Service Control Manager | ID = 7009
Description = Intervalo de espera (30000 ms.) para la conexión con el servicio Nod32
AV.

Error - 12/09/2012 08:12:50 a.m. | Computer Name = ALBERTO | Source = Service Control Manager | ID = 7000
Description = El servicio Nod32 AV no pudo iniciarse debido al siguiente error:
%%1053

Error - 12/09/2012 04:12:49 p.m. | Computer Name = ALBERTO | Source = Service Control Manager | ID = 7034
Description = El servicio Pure Networks Platform Service se terminó de manera inesperada.
Esto ha sucedido 1 veces.

Error - 14/09/2012 07:29:46 a.m. | Computer Name = ALBERTO | Source = Service Control Manager | ID = 7009
Description = Intervalo de espera (30000 ms.) para la conexión con el servicio Nod32
AV.

Error - 14/09/2012 07:29:46 a.m. | Computer Name = ALBERTO | Source = Service Control Manager | ID = 7000
Description = El servicio Nod32 AV no pudo iniciarse debido al siguiente error:
%%1053

Error - 14/09/2012 07:30:30 a.m. | Computer Name = ALBERTO | Source = Service Control Manager | ID = 7009
Description = Intervalo de espera (30000 ms.) para la conexión con el servicio Servicio
de puerta de enlace de capa de aplicación.

Error - 14/09/2012 07:30:30 a.m. | Computer Name = ALBERTO | Source = Service Control Manager | ID = 7000
Description = El servicio Servicio de puerta de enlace de capa de aplicación no
pudo iniciarse debido al siguiente error: %%1053


< End of report >
  • 0

Advertisements

#2
RKinner
Posted 14 September 2012 - 11:13 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 20
Java™ 7 Update 4
Java™ 6 Update 3
JavaFX 2.1

After your PC is clean:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo or ask toolbar or other foistware.



Also uninstall:
McAfee Security Scan Plus
Skype Toolbars
Bing Bar
Adobe Reader 9.4.2 - Español After your PC is clean: Download the latest version of Adobe Reader from Adobe.com. Do not let it install the yahoo or ask toolbar or other foistware.
µTorrent
Barra Yahoo!



Copy the text in the code box by highlighting and Ctrl + c


:OTL
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
[2012/08/13 11:40:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Alberto Cristo\Datos de programa\Mozilla\Firefox\Profiles\okvmuzbr.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/04/16 19:51:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Barra Yahoo!) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)

:files
at /c
C:\WINDOWS\tasks\At*.job
C:\Windows\assembly\GAC\Desktop.ini

:reg
[HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
""="%systemroot%\system32\wbem\wbemess.dll"


:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

then Double on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.


Download aswMBR.exe ( 511KB ) to your desktop.
Double click aswMBR.exe
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Double click on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe and to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.


Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.


Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
%systemroot%\assembly\GAC\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP