[code] OTS logfile created on: 31/07/2011 20:24:45 - Run 1 OTS by OldTimer - Version 3.1.44.0 Folder = C:\Documents and Settings\Usuario\Escritorio Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000403 | Country: España | Language: CAT | Date Format: dd/MM/yyyy 1.015,00 Mb Total Physical Memory | 319,00 Mb Available Physical Memory | 31,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa Drive C: | 74,52 Gb Total Space | 62,59 Gb Free Space | 83,99% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 9,40 Gb Total Space | 8,14 Gb Free Space | 86,60% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: value Current User Name: Usuario Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots (1).exe -> C:\Documents and Settings\Usuario\Escritorio\OTS (1).exe -> [2011/07/31 20:16:43 | 000,645,120 | ---- | M] (OldTimer Tools) chrome.exe -> C:\Archivos de programa\Google\Chrome\Application\chrome.exe -> [2011/07/09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) avastsvc.exe -> C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe -> [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) aawtray.exe -> C:\Archivos de programa\Lavasoft\Ad-Aware\AAWTray.exe -> [2011/06/28 13:19:47 | 001,191,216 | ---- | M] (Lavasoft Limited) aawservice.exe -> C:\Archivos de programa\Lavasoft\Ad-Aware\AAWService.exe -> [2011/06/28 13:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) wzqkpick.exe -> C:\Archivos de programa\WinZip\WZQKPICK.EXE -> [2011/05/27 15:50:00 | 000,610,120 | R--- | M] (WinZip Computing, S.L.) driverscanner.exe -> C:\Archivos de programa\Uniblue\DriverScanner\driverscanner.exe -> [2011/05/16 11:22:26 | 000,326,504 | ---- | M] (Uniblue Systems Limited) applemobiledeviceservice.exe -> C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2011/02/18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) bandoo.exe -> C:\Archivos de programa\Bandoo\Bandoo.exe -> [2010/11/17 13:45:44 | 001,942,416 | ---- | M] (Bandoo Media Inc.) jusched.exe -> C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe -> [2010/05/14 12:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) ssscheduler.exe -> C:\Archivos de programa\McAfee Security Scan\2.0.181\SSScheduler.exe -> [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) seaport.exe -> C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/01/14 18:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) yahooauservice.exe -> C:\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) systemtray.exe -> C:\Archivos de programa\VAD\Laplace Webcam\Tools\SystemTray.exe -> [2008/04/30 15:12:18 | 000,114,688 | ---- | M] () explorer.exe -> C:\WINDOWS\Temp\wze832\explorer.exe -> [2007/06/13 11:23:08 | 001,033,216 | ---- | M] (Microsoft Corporation) etmon.exe -> C:\WINDOWS\etMon.exe -> [2007/02/14 20:30:06 | 000,102,400 | ---- | M] (EMPIA Technology Corporation) [Modules - Safe List] ots (1).exe -> C:\Documents and Settings\Usuario\Escritorio\OTS (1).exe -> [2011/07/31 20:16:43 | 000,645,120 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll -> [2008/06/18 19:37:08 | 001,054,208 | ---- | M] (Microsoft Corporation) serwvdrv.dll -> C:\WINDOWS\system32\serwvdrv.dll -> [2001/08/24 20:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) umdmxfrm.dll -> C:\WINDOWS\system32\umdmxfrm.dll -> [2001/08/24 20:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (wscsvc) wscsvc [Auto | Stopped] -> -> File not found (McSysmon) McAfee SystemGuards [Auto | Stopped] -> -> File not found (McShield) McAfee Real-time Scanner [Unknown | Stopped] -> -> File not found (HidServ) Acceso a dispositivo de interfaz humana [Disabled | Stopped] -> -> File not found (ERSvc) ERSvc [Auto | Stopped] -> -> File not found (avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe -> [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) (Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Archivos de programa\Lavasoft\Ad-Aware\AAWService.exe -> [2011/06/28 13:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) (Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2011/02/18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) (Bandoo Coordinator) Bandoo Coordinator [Auto | Running] -> C:\Archivos de programa\Bandoo\Bandoo.exe -> [2010/11/17 13:45:44 | 001,942,416 | ---- | M] (Bandoo Media Inc.) (McComponentHostService) McAfee Security Scan Component Host Service [On_Demand | Stopped] -> C:\Archivos de programa\McAfee Security Scan\2.0.181\McCHSvc.exe -> [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) (SeaPort) SeaPort [Auto | Running] -> C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/01/14 18:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) (YahooAUService) Yahoo! Updater [Auto | Running] -> C:\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE -> [2008/04/28 22:58:20 | 000,089,136 | ---- | M] (Microsoft Corporation) (NOD32FiXTemDono) Eset Nod32 Boot [Auto | Stopped] -> C:\WINDOWS\System32\regedt32.exe -> [2001/08/24 20:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (aswSnx) aswSnx [File_System | System | Running] -> C:\WINDOWS\System32\drivers\aswSnx.sys -> [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) (aswSP) aswSP [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aswSP.sys -> [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aswTdi.sys -> [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> C:\WINDOWS\System32\drivers\aswmon2.sys -> [2011/07/04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) (aswRdr) aswRdr [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aswRdr.sys -> [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aavmker4.sys -> [2011/07/04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\WINDOWS\System32\drivers\aswFsBlk.sys -> [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) (Lavasoft Kernexplorer) Lavasoft helper driver [Kernel | On_Demand | Running] -> C:\Archivos de programa\Lavasoft\Ad-Aware\kernexplorer.sys -> [2011/02/04 16:27:14 | 000,015,232 | ---- | M] () (Lbd) Lbd [File_System | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\Lbd.sys -> [2010/12/03 11:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) (fssfltr) fssfltr [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -> [2009/08/05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) (AvgTdiX) AVG Free8 Network Redirector [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgtdix.sys -> [2009/04/28 15:42:23 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgldx86.sys -> [2009/04/28 15:42:19 | 000,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> C:\WINDOWS\System32\Drivers\avgmfx86.sys -> [2009/04/28 15:42:18 | 000,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) (sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2008/09/27 17:09:51 | 000,717,296 | ---- | M] () (NwlnkIpx) Protocolo de transferencia compatible con NWLink IPX/SPX/NetBIOS [Kernel | Auto | Stopped] -> C:\WINDOWS\system32\drivers\nwlnkipx.sys -> [2008/04/14 02:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) (usbaudio) Controlador de audio USB (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\USBAUDIO.sys -> [2008/04/13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) (SNPSTD3) USB PC Camera (SNPSTD3) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\snpstd3.sys -> [2008/03/13 15:44:42 | 010,423,936 | ---- | M] (Sonix Co. Ltd.) (FiltUSBET) ET USB Device Lower Filter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\etFilter.sys -> [2008/02/05 13:11:10 | 000,200,960 | ---- | M] (eMPIA Technology Inc.) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.sys -> [2007/11/27 14:06:42 | 004,630,016 | R--- | M] (Realtek Semiconductor Corp.) (RTLE8023xp) Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtenicxp.sys -> [2007/10/23 12:51:04 | 000,103,296 | R--- | M] (Realtek Semiconductor Corporation ) (DCamUSBET) VAD Laplace Webcam [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\etDevice.sys -> [2007/10/12 12:57:04 | 000,475,392 | ---- | M] (eMPIA Technology, Inc.) (ScanUSBET) ET USB Still Image Capture Device [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\etScan.sys -> [2007/09/07 15:43:54 | 000,006,656 | ---- | M] (eMPIA Technology, Inc.) (NwlnkNb) NetBIOS de NWLink [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\nwlnknb.sys -> [2001/08/24 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) (NwlnkSpx) Protocolo SPX/SPXII NWLink [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\nwlnkspx.sys -> [2001/08/24 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: SearchURL\g\\"" -> http://www.google.es/custom?sa=B%FAsqueda+de+Google&client=pub-2788563222908654&forid=1&channel=0360347317&ie=ISO-8859-1&oe=ISO-8859-1&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=es&q=%s -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: SearchURL\g\\"" -> http://www.google.es/custom?sa=B%FAsqueda+de+Google&client=pub-2788563222908654&forid=1&channel=0360347317&ie=ISO-8859-1&oe=ISO-8859-1&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=es&q=%s -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: Main\\"Start Page" -> http://www.busca7.com/ -> HKEY_USERS\S-1-5-19\: SearchURL\g\\"" -> http://www.google.es/custom?sa=B%FAsqueda+de+Google&client=pub-2788563222908654&forid=1&channel=0360347317&ie=ISO-8859-1&oe=ISO-8859-1&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=es&q=%s -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: Main\\"Start Page" -> http://www.busca7.com/ -> HKEY_USERS\S-1-5-20\: SearchURL\g\\"" -> http://www.google.es/custom?sa=B%FAsqueda+de+Google&client=pub-2788563222908654&forid=1&channel=0360347317&ie=ISO-8859-1&oe=ISO-8859-1&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=es&q=%s -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\] > -> -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\: Main\\"SearchDefaultBranded" -> 1 -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\: Main\\"SearchMigratedDefaultName" -> Google -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/custom?q={searchTerms}&client=pub-2788563222908654&forid=1&channel=0360347317&rls=com.busca7:EN:com.busca7&ie={inputEncoding}&oe={outputEncoding}&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1 -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\: Main\\"Start Page" -> http://www.google.es/ -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\: SearchURL\\"" -> http://www.google.com/keyword/%s -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\: SearchURL\g\\"" -> http://www.google.es/custom?sa=B%FAsqueda+de+Google&client=pub-2788563222908654&forid=1&channel=0360347317&ie=ISO-8859-1&oe=ISO-8859-1&cof=GALT%3A3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=es&q=%s -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\: URLSearchHooks\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Archivos de programa\Yahoo!\Companion\Installs\cpn1\yt.dll [Yahoo! Toolbar] -> [2010/03/23 09:45:04 | 000,940,856 | ---- | M] (Yahoo! Inc.) HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Usuario\Datos de programa\Mozilla\FireFox\Profiles\gjfu04m9.default\prefs.js -> browser.search.defaultenginename -> "Web Search" -> browser.search.order.1 -> "Web Search" -> browser.search.selectedEngine -> "Web Search" -> browser.startup.homepage -> "http://bl166w.blu166.mail.live.com/default.aspx?wa=wsignin1.0" -> extensions.enabledItems -> firefox@bandoo.com:5.0 -> extensions.enabledItems -> {7FF99715-3016-4381-84CE-E4E4C9673020}:1.0 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 -> keyword.URL -> "http://www.searchqu.com/web?src=ffb&q=" -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\ARCHIVOS DE PROGRAMA\AVG\AVG8\FIREFOX -> HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8} -> C:\ARCHIVOS DE PROGRAMA\AVG\AVG8\TOOLBARFF -> HKLM\software\mozilla\Mozilla Firefox 5.0\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components -> C:\Archivos de programa\Mozilla Firefox\components [C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\COMPONENTS] -> [2011/06/24 10:26:29 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins -> C:\Archivos de programa\Mozilla Firefox\plugins [C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\PLUGINS] -> [2011/03/24 23:02:03 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\Usuario\Datos de programa\Mozilla\Extensions -> [2008/10/22 13:34:54 | 000,000,000 | ---D | M] -> C:\Documents and Settings\Usuario\Datos de programa\Mozilla\Firefox\Profiles\gjfu04m9.default\extensions -> [2011/06/02 13:25:36 | 000,000,000 | ---D | M] Google Toolbar for Firefox -> C:\Documents and Settings\Usuario\Datos de programa\Mozilla\Firefox\Profiles\gjfu04m9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} -> [2011/06/02 13:25:36 | 000,000,000 | ---D | M] -> C:\Documents and Settings\Usuario\Datos de programa\Mozilla\Firefox\Profiles\gjfu04m9.default\extensions\firefox@bandoo.com -> [2011/01/03 19:15:40 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> MyStart Search.xml -> C:\Documents and Settings\Usuario\Datos de programa\Mozilla\Firefox\Profiles\gjfu04m9.default\searchplugins\MyStart Search.xml -> [2010/02/12 22:40:44 | 000,002,137 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Archivos de programa\Mozilla Firefox\extensions -> [2011/03/24 22:57:04 | 000,000,000 | ---D | M] Java Console -> C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010/10/30 22:14:59 | 000,000,000 | ---D | M] Java Console -> C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} -> [2011/02/01 14:06:12 | 000,000,000 | ---D | M] No name found -> -> File not found Java Quick Starter -> C:\ARCHIVOS DE PROGRAMA\JAVA\JRE6\LIB\DEPLOY\JQS\FF -> [2010/10/30 22:14:41 | 000,000,000 | ---D | M] Bandoo for Firefox -> C:\DOCUMENTS AND SETTINGS\USUARIO\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\GJFU04M9.DEFAULT\EXTENSIONS\FIREFOX@BANDOO.COM -> [2011/01/03 19:15:40 | 000,000,000 | ---D | M] < FireFox Components [Program Folders] > -> FFPlugin.dll -> C:\Documents and Settings\Usuario\Datos de programa\Mozilla\Firefox\Profiles\gjfu04m9.default\extensions\firefox@bandoo.com\components\FFPlugin.dll -> [2010/11/17 13:32:30 | 002,262,016 | ---- | M] () < HOSTS File > ([2011/07/30 23:52:05 | 000,000,027 | ---- | M] - 1 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Archivos de programa\Yahoo!\Companion\Installs\cpn1\yt.dll [&Yahoo! Toolbar Helper] -> [2010/03/23 09:45:04 | 000,940,856 | ---- | M] (Yahoo! Inc.) {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/01/13 01:38:22 | 000,063,128 | ---- | M] (Adobe Systems Incorporated) {5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Archivos de programa\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [Search Helper] -> [2009/01/14 18:49:24 | 000,092,504 | ---- | M] (Microsoft Corp.) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Aplicación auxiliar de inicio de sesión] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [Google Toolbar Notifier BHO] -> [2011/06/07 11:08:38 | 001,007,160 | ---- | M] (Google Inc.) {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Archivos de programa\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll [SingleInstance Class] -> [2010/03/23 09:45:06 | 000,160,056 | ---- | M] (Yahoo! Inc) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Archivos de programa\Yahoo!\Companion\Installs\cpn1\yt.dll [Yahoo! Toolbar] -> [2010/03/23 09:45:04 | 000,940,856 | ---- | M] (Yahoo! Inc.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "AppleSyncNotifier" -> C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleSyncNotifier.exe [C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleSyncNotifier.exe] -> [2011/04/20 12:48:18 | 000,058,656 | ---- | M] (Apple Inc.) "etMonitor" -> C:\WINDOWS\etMon.exe [C:\WINDOWS\etMon.exe] -> [2007/02/14 20:30:06 | 000,102,400 | ---- | M] (EMPIA Technology Corporation) "QuickTime Task" -> C:\Archivos de programa\QuickTime Alternative\qttask.exe ["C:\Archivos de programa\QuickTime Alternative\qttask.exe" -atboottime] -> [2010/11/29 18:38:18 | 000,421,888 | ---- | M] (Apple Inc.) "SunJavaUpdateSched" -> C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe ["C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe"] -> [2010/05/14 12:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) < Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "cleansweep.exe" -> [C:\cleansweep.exe\cleansweep.exe] -> File not found < RunOnce [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "nltide_2" -> [regsvr32 /s /n /i:U shell32] -> File not found < Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "cleansweep.exe" -> [C:\cleansweep.exe\cleansweep.exe] -> File not found < RunOnce [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "nltide_2" -> [regsvr32 /s /n /i:U shell32] -> File not found < Run [HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\] > -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "DriverScanner" -> C:\Archivos de programa\Uniblue\DriverScanner\launcher.exe ["C:\Archivos de programa\Uniblue\DriverScanner\launcher.exe" delay 20000 ] -> [2011/05/16 11:22:26 | 000,338,296 | ---- | M] (Uniblue Systems Limited) "FileHippo.com" -> C:\Archivos de programa\FileHippo.com\UpdateChecker.exe ["C:\Archivos de programa\FileHippo.com\UpdateChecker.exe" /background] -> [2010/08/09 14:47:54 | 000,248,832 | ---- | M] (FileHippo.com) < Administrador Startup Folder > -> C:\Documents and Settings\Administrador\Menú Inicio\Programas\Inicio -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio -> C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Control Center.lnk -> C:\Archivos de programa\VAD\Laplace Webcam\Tools\SystemTray.exe -> [2008/04/30 15:12:18 | 000,114,688 | ---- | M] () C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\McAfee Security Scan Plus.lnk -> C:\Archivos de programa\McAfee Security Scan\2.0.181\SSScheduler.exe -> [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\WinZip Quick Pick.lnk -> C:\Archivos de programa\WinZip\WZQKPICK.EXE -> [2011/05/27 15:50:00 | 000,610,120 | R--- | M] (WinZip Computing, S.L.) < Default User Startup Folder > -> C:\Documents and Settings\Default User\Menú Inicio\Programas\Inicio -> < Usuario Startup Folder > -> C:\Documents and Settings\Usuario\Menú Inicio\Programas\Inicio -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> < Software Policy Settings [HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004] > -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDesktopCleanupWizard" -> [1] -> File not found \\"NoRemoteRecursiveEvents" -> [1] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableStatusMessages" -> [0] -> File not found \\"VerboseStatus" -> [0] -> File not found \\"NoInternetOpenWith" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoSMHelp" -> [1] -> File not found \\"NoSMConfigurePrograms" -> [1] -> File not found \\"NoSMMyPictures" -> [1] -> File not found \\"NoLowDiskSpaceChecks" -> [1] -> File not found \\"NoResolveTrack" -> [1] -> File not found \\"LinkResolveIgnoreLinkInfo" -> [1] -> File not found \\"NoResolveSearch" -> [1] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoSMHelp" -> [1] -> File not found \\"NoSMConfigurePrograms" -> [1] -> File not found \\"NoSMMyPictures" -> [1] -> File not found \\"NoLowDiskSpaceChecks" -> [1] -> File not found \\"NoResolveTrack" -> [1] -> File not found \\"LinkResolveIgnoreLinkInfo" -> [1] -> File not found \\"NoResolveSearch" -> [1] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"NoSMHelp" -> [1] -> File not found \\"NoSMConfigurePrograms" -> [1] -> File not found \\"NoSMMyPictures" -> [1] -> File not found \\"NoLowDiskSpaceChecks" -> [1] -> File not found \\"NoResolveTrack" -> [1] -> File not found \\"LinkResolveIgnoreLinkInfo" -> [1] -> File not found \\"NoResolveSearch" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"NoSMHelp" -> [1] -> File not found \\"NoSMConfigurePrograms" -> [1] -> File not found \\"NoSMMyPictures" -> [1] -> File not found \\"NoLowDiskSpaceChecks" -> [1] -> File not found \\"NoResolveTrack" -> [1] -> File not found \\"LinkResolveIgnoreLinkInfo" -> [1] -> File not found \\"NoResolveSearch" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004] > -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoSMConfigurePrograms" -> [1] -> File not found \\"NoSMMyPictures" -> [1] -> File not found \\"NoLowDiskSpaceChecks" -> [1] -> File not found \\"NoResolveTrack" -> [1] -> File not found \\"LinkResolveIgnoreLinkInfo" -> [1] -> File not found \\"NoResolveSearch" -> [1] -> File not found \\"NoSMHelp" -> [0] -> File not found \\"NoToolbarsOnTaskbar" -> [0] -> File not found \\"NoSetTaskbar" -> [0] -> File not found \\"NoBandCustomize" -> [0] -> File not found \\"NoMovingBands" -> [0] -> File not found \\"NoCloseDragDropBands" -> [0] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004] > -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\] > -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\Software\Microsoft\Internet Explorer\MenuExt\ -> Google Sidewiki... -> C:\Archivos de programa\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll [res://C:\Archivos de programa\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html] -> [2011/06/26 12:45:13 | 002,013,360 | ---- | M] (Google Inc.) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2ef50289-0ea7-482e-a30b-4947a81e44cf}:Exec [HKLM] -> [Button: Trillian] -> File not found {2ef50289-0ea7-482e-a30b-4947a81e44cf}:Exec [HKLM] -> [Menu: Trillian] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\] > -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\] > -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1659004503-115176313-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 80.58.61.250 80.58.61.254 -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> c:\ARCHIV~1\Bandoo\BndHook.dll -> c:\Archivos de programa\Bandoo\BndHook.dll -> [2010/11/17 13:46:20 | 000,069,520 | ---- | M] (Discordia Limited) *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> -> File not found *MultiFile Done* -> -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> XPize_Logon.exe -> C:\WINDOWS\System32\XPize_Logon.exe -> [2008/04/14 09:49:02 | 002,791,424 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> avgrsstarter -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/04/28 15:42:23 | 000,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> Reg Error: Key error. [] -> File not found < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Archivos de programa\Archivos comunes\McAfee\MNA\McNASvc.exe" -> [C:\Archivos de programa\Archivos comunes\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent] -> File not found "C:\Archivos de programa\AVG\AVG8\avgnsx.exe" -> [C:\Archivos de programa\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe] -> File not found "C:\Archivos de programa\AVG\AVG8\avgupd.exe" -> [C:\Archivos de programa\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe] -> File not found "C:\Archivos de programa\Google\Google Earth\client\googleearth.exe" -> C:\Archivos de programa\Google\Google Earth\client\googleearth.exe [C:\Archivos de programa\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth] -> [2011/05/17 11:40:44 | 000,072,704 | ---- | M] (Google) "C:\Archivos de programa\Google\Google Earth\plugin\geplugin.exe" -> C:\Archivos de programa\Google\Google Earth\plugin\geplugin.exe [C:\Archivos de programa\Google\Google Earth\plugin\geplugin.exe:*:Disabled:Google Earth] -> [2011/05/17 11:40:44 | 000,072,704 | ---- | M] (Google) "C:\Archivos de programa\IncrediMail\bin\ImApp.exe" -> [C:\Archivos de programa\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail] -> File not found "C:\Archivos de programa\IncrediMail\bin\ImpCnt.exe" -> [C:\Archivos de programa\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail] -> File not found "C:\Archivos de programa\IncrediMail\bin\IncMail.exe" -> [C:\Archivos de programa\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail] -> File not found "C:\Archivos de programa\Mozilla Firefox\firefox.exe" -> C:\Archivos de programa\Mozilla Firefox\firefox.exe [C:\Archivos de programa\Mozilla Firefox\firefox.exe:*:Enabled:Firefox] -> [2011/06/24 10:26:27 | 000,924,632 | ---- | M] (Mozilla Corporation) "C:\Archivos de programa\Skype\Plugin Manager\skypePM.exe" -> [C:\Archivos de programa\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager] -> File not found "C:\Documents and Settings\Usuario\Configuración local\Datos de programa\CrossLoop\CrossLoopConnect.exe" -> C:\Documents and Settings\Usuario\Configuración local\Datos de programa\CrossLoop\CrossLoopConnect.exe [C:\Documents and Settings\Usuario\Configuración local\Datos de programa\CrossLoop\CrossLoopConnect.exe:*:Enabled:CrossLoop - Simple Secure Screen Sharing] -> [2010/08/17 20:23:34 | 001,183,744 | ---- | M] (CrossLoop) "C:\Documents and Settings\Usuario\Configuración local\Datos de programa\CrossLoop\tvnserver.exe" -> C:\Documents and Settings\Usuario\Configuración local\Datos de programa\CrossLoop\tvnserver.exe [C:\Documents and Settings\Usuario\Configuración local\Datos de programa\CrossLoop\tvnserver.exe:*:Enabled:tvnserver.exe] -> [2010/07/21 09:50:26 | 000,814,080 | ---- | M] (GlavSoft LLC.) "C:\Documents and Settings\Usuario\Configuración local\Datos de programa\CrossLoop\vncviewer.exe" -> C:\Documents and Settings\Usuario\Configuración local\Datos de programa\CrossLoop\vncviewer.exe [C:\Documents and Settings\Usuario\Configuración local\Datos de programa\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe] -> [2009/12/07 02:19:04 | 001,464,264 | ---- | M] (UltraVNC) "C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Google Talk Plugin\googletalkplugin.exe" -> C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Google Talk Plugin\googletalkplugin.exe [C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin] -> [2011/06/27 09:23:56 | 000,161,336 | ---- | M] (Google) "C:\WINDOWS\system32\dpvsetup.exe" -> C:\WINDOWS\System32\dpvsetup.exe [C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test] -> [2008/04/14 09:48:56 | 000,083,456 | ---- | M] (Microsoft Corporation) "E:\Archivos de programa\MSN Messenger\msnmsgr.exe" -> E:\Archivos de programa\MSN Messenger\msnmsgr.exe [E:\Archivos de programa\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger] -> [2007/09/04 23:40:18 | 006,856,704 | ---- | M] (Microsoft Corporation) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Controlador de CD-ROM -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2008/09/27 17:09:42 | 000,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = ComFile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Adobe Reader Speed Launch.lnk -> C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2005/09/24 03:05:26 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^ASRock WiFi-802.11g.lnk -> -> File not found < Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> Alcmtr hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\Alcmtr.exe -> [2005/05/03 12:43:28 | 000,069,632 | R--- | M] (Realtek Semiconductor Corp.) AppleSyncNotifier hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleSyncNotifier.exe -> [2011/04/20 12:48:18 | 000,058,656 | ---- | M] (Apple Inc.) cleansweep.exe hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found ctfmon.exe hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found egui hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found FixCamera hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\FixCamera.exe -> [2007/07/11 16:09:48 | 000,020,480 | ---- | M] () HotKeysCmds hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found IgfxTray hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found iTunesHelper hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Archivos de programa\iTunes\iTunesHelper.exe -> [2011/04/27 01:22:56 | 000,421,160 | ---- | M] (Apple Inc.) LanguageShortcut hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Archivos de programa\CyberLink\PowerDVD\Language\Language.exe -> [2006/09/29 21:58:20 | 000,049,152 | ---- | M] () msnmsgr hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe -> [2009/07/26 17:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) PAV hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found Persistence hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found QuickTime Task hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Archivos de programa\QuickTime Alternative\qttask.exe -> [2010/11/29 18:38:18 | 000,421,888 | ---- | M] (Apple Inc.) RemoteControl hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe -> [2006/09/18 11:08:56 | 000,029,696 | ---- | M] (Cyberlink Corp.) RTHDCPL hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\RTHDCPL.exe -> [2007/11/22 10:40:32 | 016,858,112 | R--- | M] (Realtek Semiconductor Corp.) Skype hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Archivos de programa\Skype\Phone\Skype.exe -> [2011/06/15 15:02:58 | 015,141,768 | R--- | M] (Skype Technologies S.A.) snpstd3 hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\vsnpstd3.exe -> [2007/05/10 13:18:26 | 000,835,584 | ---- | M] () swg hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2009/03/17 18:10:59 | 000,039,408 | ---- | M] (Google Inc.) tsnpstd3 hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\tsnpstd3.exe -> [2007/04/21 09:37:02 | 000,270,336 | ---- | M] () < Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "bootini" -> 0 -> "services" -> 0 -> "startup" -> 2 -> "system.ini" -> 0 -> "win.ini" -> 0 -> < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2008/04/14 09:49:20 | 000,199,680 | ---- | M] (Intel Corporation) "msacm.l3acm" -> C:\WINDOWS\system32\l3codeca.acm [C:\WINDOWS\system32\l3codeca.acm] -> [2008/04/14 09:46:56 | 000,290,816 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008/04/14 09:47:38 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.) "msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2001/08/24 20:00:00 | 000,008,192 | ---- | M] (DSP GROUP, INC.) "MSVideo8" -> C:\WINDOWS\System32\vfwwdm32.dll [VfWWDM32.dll] -> [2008/04/14 05:48:46 | 000,054,784 | ---- | M] (Microsoft Corporation) "vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2008/04/14 09:48:24 | 000,080,384 | ---- | M] (Radius Inc.) "vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2001/08/24 20:00:00 | 000,199,168 | ---- | M] () "vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2001/08/24 20:00:00 | 000,199,168 | ---- | M] () "vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2008/04/14 09:49:20 | 000,848,384 | ---- | M] (Intel Corporation) "vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2008/04/14 09:48:26 | 000,755,200 | ---- | M] (Intel Corporation) "wave1" -> C:\WINDOWS\System32\serwvdrv.dll [serwvdrv.dll] -> [2001/08/24 20:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> 6to4 -> -> File not found HidServ -> -> File not found Ias -> -> File not found Iprip -> -> File not found Irmon -> -> File not found WmdmPmSp -> -> File not found *MultiFile Done* -> -> < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group Lavasoft Ad-Aware Service -> C:\Archivos de programa\Lavasoft\Ad-Aware\AAWService.exe -> [2011/06/28 13:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) PCI Configuration -> Driver Group PEVSystemStart -> Service PNP Filter -> Driver Group Primary disk -> Driver Group procexp90.Sys -> Driver SCSI Class -> Driver Group sermouse.sys -> Driver System Bus Extender -> Driver Group vga.sys -> Driver < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* -> exefile [open] -> "%1" %* -> InternetShortcut [open] -> rundll32.exe ieframe.dll,OpenURL %l -> piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [cmd] -> cmd.exe /k cd "%L" -> [2008/04/14 09:48:54 | 000,517,120 | ---- | M] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> Drive [find] -> %SystemRoot%\Explorer.exe -> < EventViewer Logs - Last 10 Errors > -> Event Information -> Description System [ Error ] 30/07/2011 17:57:17 Computer Name = value | Source = Service Control Manager | ID = 7001 -> Description = El servicio Agente SAP depende del servicio Protocolo de transferencia compatible con NWLink IPX/SPX/NetBIOS, el cual no pudo iniciarse debido al siguiente error: %%87 System [ Error ] 30/07/2011 17:57:17 Computer Name = value | Source = Service Control Manager | ID = 7000 -> Description = El servicio wscsvc no pudo iniciarse debido al siguiente error: %%1083 System [ Error ] 31/07/2011 05:27:05 Computer Name = value | Source = Service Control Manager | ID = 7000 -> Description = El servicio Protocolo de transferencia compatible con NWLink IPX/SPX/NetBIOS no pudo iniciarse debido al siguiente error: %%87 System [ Error ] 31/07/2011 05:27:05 Computer Name = value | Source = Service Control Manager | ID = 7023 -> Description = El servicio Servicio de cliente para NetWare terminó con el error: %%2 System [ Error ] 31/07/2011 05:27:05 Computer Name = value | Source = Service Control Manager | ID = 7000 -> Description = El servicio McAfee Real-time Scanner no pudo iniciarse debido al siguiente error: %%3 System [ Error ] 31/07/2011 05:27:05 Computer Name = value | Source = Service Control Manager | ID = 7000 -> Description = El servicio McAfee SystemGuards no pudo iniciarse debido al siguiente error: %%3 System [ Error ] 31/07/2011 05:27:05 Computer Name = value | Source = Service Control Manager | ID = 7009 -> Description = Intervalo de espera (30000 ms.) para la conexión con el servicio Eset Nod32 Boot. System [ Error ] 31/07/2011 05:27:05 Computer Name = value | Source = Service Control Manager | ID = 7000 -> Description = El servicio Eset Nod32 Boot no pudo iniciarse debido al siguiente error: %%1053 System [ Error ] 31/07/2011 05:27:05 Computer Name = value | Source = Service Control Manager | ID = 7001 -> Description = El servicio Agente SAP depende del servicio Protocolo de transferencia compatible con NWLink IPX/SPX/NetBIOS, el cual no pudo iniciarse debido al siguiente error: %%87 System [ Error ] 31/07/2011 05:27:05 Computer Name = value | Source = Service Control Manager | ID = 7000 -> Description = El servicio wscsvc no pudo iniciarse debido al siguiente error: %%1083 [Files/Folders - Created Within 30 Days] OTS (1).exe -> C:\Documents and Settings\Usuario\Escritorio\OTS (1).exe -> [2011/07/31 20:16:53 | 000,645,120 | ---- | C] (OldTimer Tools) xerox -> C:\Archivos de programa\xerox -> [2011/07/30 23:56:29 | 000,000,000 | ---D | C] srchasst -> C:\WINDOWS\srchasst -> [2011/07/30 23:56:27 | 000,000,000 | ---D | C] oobe -> C:\WINDOWS\System32\oobe -> [2011/07/30 23:56:27 | 000,000,000 | ---D | C] movie maker -> C:\Archivos de programa\movie maker -> [2011/07/30 23:56:27 | 000,000,000 | ---D | C] xircom -> C:\WINDOWS\System32\xircom -> [2011/07/30 23:56:26 | 000,000,000 | ---D | C] msn gaming zone -> C:\Archivos de programa\msn gaming zone -> [2011/07/30 23:56:25 | 000,000,000 | ---D | C] msagent -> C:\WINDOWS\msagent -> [2011/07/30 23:56:25 | 000,000,000 | ---D | C] microsoft frontpage -> C:\Archivos de programa\microsoft frontpage -> [2011/07/30 23:56:24 | 000,000,000 | ---D | C] cmdcons -> C:\cmdcons -> [2011/07/30 23:26:41 | 000,000,000 | RHSD | C] SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2011/07/30 23:22:45 | 000,518,144 | ---- | C] (SteelWerX) SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2011/07/30 23:22:45 | 000,406,528 | ---- | C] (SteelWerX) SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2011/07/30 23:22:45 | 000,212,480 | ---- | C] (SteelWerX) NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2011/07/30 23:22:45 | 000,060,416 | ---- | C] (NirSoft) ERDNT -> C:\WINDOWS\ERDNT -> [2011/07/30 23:22:27 | 000,000,000 | ---D | C] ComboFix -> C:\ComboFix -> [2011/07/30 23:22:23 | 000,000,000 | --SD | C] Qoobox -> C:\Qoobox -> [2011/07/30 23:22:16 | 000,000,000 | ---D | C] ComboFix.exe -> C:\Documents and Settings\Usuario\Escritorio\ComboFix.exe -> [2011/07/30 23:14:35 | 004,158,851 | R--- | C] (Swearware) Uniblue -> C:\Documents and Settings\All Users\Uniblue -> [2011/07/27 02:16:42 | 000,000,000 | ---D | C] Uniblue -> C:\Documents and Settings\Usuario\Datos de programa\Uniblue -> [2011/07/27 01:49:22 | 000,000,000 | ---D | C] Uniblue -> C:\Documents and Settings\All Users\Menú Inicio\Programas\Uniblue -> [2011/07/27 01:48:40 | 000,000,000 | ---D | C] Uniblue -> C:\Archivos de programa\Uniblue -> [2011/07/27 01:48:21 | 000,000,000 | ---D | C] OpenCandy -> C:\Documents and Settings\Usuario\Configuración local\Datos de programa\OpenCandy -> [2011/07/27 01:46:40 | 000,000,000 | ---D | C] OpenCandy -> C:\Documents and Settings\Usuario\Datos de programa\OpenCandy -> [2011/07/27 01:46:34 | 000,000,000 | ---D | C] WinZip -> C:\Documents and Settings\Usuario\Configuración local\Datos de programa\WinZip -> [2011/07/27 01:45:39 | 000,000,000 | ---D | C] WinZip -> C:\Documents and Settings\All Users\Menú Inicio\Programas\WinZip -> [2011/07/27 01:44:25 | 000,000,000 | ---D | C] WinZip -> C:\Documents and Settings\All Users\Datos de programa\WinZip -> [2011/07/27 01:42:07 | 000,000,000 | ---D | C] WinZip -> C:\Archivos de programa\WinZip -> [2011/07/27 01:41:55 | 000,000,000 | ---D | C] FileHippo.com -> C:\Archivos de programa\FileHippo.com -> [2011/07/26 15:43:16 | 000,000,000 | ---D | C] Apple Software Update -> C:\Archivos de programa\Apple Software Update -> [2011/07/21 17:19:07 | 000,000,000 | ---D | C] Google Earth -> C:\Documents and Settings\All Users\Menú Inicio\Programas\Google Earth -> [2011/07/09 15:57:56 | 000,000,000 | ---D | C] Skype -> C:\Documents and Settings\All Users\Menú Inicio\Programas\Skype -> [2011/07/09 10:26:23 | 000,000,000 | ---D | C] fridafables -> C:\fridafables -> [2011/07/04 13:25:02 | 000,000,000 | ---D | C] rsnpstd3.dll -> C:\WINDOWS\System32\rsnpstd3.dll -> [2009/04/18 10:37:36 | 000,163,840 | ---- | C] ( ) vsnpstd3.dll -> C:\WINDOWS\System32\vsnpstd3.dll -> [2009/04/18 10:37:36 | 000,061,440 | ---- | C] ( ) csnpstd3.dll -> C:\WINDOWS\System32\csnpstd3.dll -> [2009/04/18 10:37:36 | 000,053,248 | ---- | C] ( ) csnpstd3.dll -> C:\WINDOWS\csnpstd3.dll -> [2009/04/18 10:37:36 | 000,053,248 | ---- | C] ( ) 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 3 C:\Documents and Settings\Usuario\Configuración local\Datos de programa\*.tmp files -> C:\Documents and Settings\Usuario\Configuración local\Datos de programa\*.tmp -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files/Folders - Modified Within 30 Days] User_Feed_Synchronization-{EE2D1BA0-0873-4BD1-9F03-FEE5404C5978}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{EE2D1BA0-0873-4BD1-9F03-FEE5404C5978}.job -> [2011/07/31 20:30:00 | 000,000,440 | -H-- | M] () OTS (1).exe -> C:\Documents and Settings\Usuario\Escritorio\OTS (1).exe -> [2011/07/31 20:16:43 | 000,645,120 | ---- | M] (OldTimer Tools) GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2011/07/31 19:55:00 | 000,001,042 | ---- | M] () GoogleUpdateTaskUserS-1-5-21-1659004503-115176313-1801674531-1004UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-115176313-1801674531-1004UA.job -> [2011/07/31 19:43:00 | 000,001,140 | ---- | M] () GoogleUpdateTaskUserS-1-5-21-1659004503-115176313-1801674531-1004Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-115176313-1801674531-1004Core.job -> [2011/07/31 12:43:21 | 000,001,088 | ---- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011/07/31 11:26:08 | 000,002,048 | --S- | M] () hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2011/07/30 23:52:05 | 000,000,027 | ---- | M] () boot.ini -> C:\boot.ini -> [2011/07/30 23:26:59 | 000,000,327 | RHS- | M] () ComboFix.exe -> C:\Documents and Settings\Usuario\Escritorio\ComboFix.exe -> [2011/07/30 23:14:35 | 004,158,851 | R--- | M] (Swearware) MBR.dat -> C:\Documents and Settings\Usuario\Escritorio\MBR.dat -> [2011/07/30 10:09:52 | 000,000,512 | ---- | M] () GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2011/07/30 09:55:01 | 000,001,038 | ---- | M] () Acceso directo a OTL.lnk -> C:\Documents and Settings\Usuario\Escritorio\Acceso directo a OTL.lnk -> [2011/07/30 09:01:55 | 000,000,645 | ---- | M] () perfh00A.dat -> C:\WINDOWS\System32\perfh00A.dat -> [2011/07/29 13:20:55 | 000,509,078 | ---- | M] () perfc00A.dat -> C:\WINDOWS\System32\perfc00A.dat -> [2011/07/29 13:20:55 | 000,092,188 | ---- | M] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2011/07/29 13:20:54 | 000,444,842 | ---- | M] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2011/07/29 13:20:54 | 000,072,466 | ---- | M] () d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2011/07/29 13:10:35 | 000,000,664 | ---- | M] () rp_stats.dat -> C:\WINDOWS\System32\rp_stats.dat -> [2011/07/29 10:58:51 | 000,000,064 | ---- | M] () rp_rules.dat -> C:\WINDOWS\System32\rp_rules.dat -> [2011/07/29 10:58:51 | 000,000,044 | ---- | M] () brqikmon.ini -> C:\WINDOWS\brqikmon.ini -> [2011/07/28 23:16:37 | 000,000,443 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011/07/28 13:14:25 | 000,002,206 | ---- | M] () AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2011/07/27 16:44:09 | 000,000,298 | ---- | M] () DriverScanner.job -> C:\WINDOWS\tasks\DriverScanner.job -> [2011/07/27 02:16:58 | 000,000,278 | ---- | M] () results of scan1.zip -> C:\Documents and Settings\Usuario\Escritorio\results of scan1.zip -> [2011/07/27 02:09:29 | 000,015,129 | ---- | M] () results of scan.zipx -> C:\Documents and Settings\Usuario\Escritorio\results of scan.zipx -> [2011/07/27 01:51:31 | 000,010,470 | ---- | M] () DriverScanner.lnk -> C:\Documents and Settings\All Users\Escritorio\DriverScanner.lnk -> [2011/07/27 01:49:02 | 000,000,799 | ---- | M] () WinZip Quick Pick.lnk -> C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\WinZip Quick Pick.lnk -> [2011/07/27 01:44:25 | 000,001,709 | ---- | M] () WinZip.lnk -> C:\Documents and Settings\All Users\Escritorio\WinZip.lnk -> [2011/07/27 01:44:23 | 000,001,781 | ---- | M] () Update Checker.lnk -> C:\Documents and Settings\Usuario\Escritorio\Update Checker.lnk -> [2011/07/26 16:18:57 | 000,001,695 | ---- | M] () CONFIG.NT -> C:\WINDOWS\System32\CONFIG.NT -> [2011/07/26 15:48:49 | 000,002,958 | ---- | M] () fix.inf -> C:\Documents and Settings\Usuario\Escritorio\fix.inf -> [2011/07/26 11:50:48 | 000,000,317 | ---- | M] () gmer.exe -> C:\Documents and Settings\Usuario\Escritorio\gmer.exe -> [2011/07/16 22:21:04 | 000,302,592 | ---- | M] () Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2011/07/12 13:00:53 | 000,000,000 | ---- | M] () SDMsgUpdate (TE).job -> C:\WINDOWS\tasks\SDMsgUpdate (TE).job -> [2011/07/12 12:18:57 | 000,000,476 | ---- | M] () Google Earth.lnk -> C:\Documents and Settings\All Users\Escritorio\Google Earth.lnk -> [2011/07/09 15:57:57 | 000,001,964 | ---- | M] () Skype.lnk -> C:\Documents and Settings\All Users\Escritorio\Skype.lnk -> [2011/07/09 10:26:23 | 000,001,892 | ---- | M] () avastSS.scr -> C:\WINDOWS\avastSS.scr -> [2011/07/04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) aswBoot.exe -> C:\WINDOWS\System32\aswBoot.exe -> [2011/07/04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) aswSnx.sys -> C:\WINDOWS\System32\drivers\aswSnx.sys -> [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) aswSP.sys -> C:\WINDOWS\System32\drivers\aswSP.sys -> [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) aswTdi.sys -> C:\WINDOWS\System32\drivers\aswTdi.sys -> [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) aswmon2.sys -> C:\WINDOWS\System32\drivers\aswmon2.sys -> [2011/07/04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) aswmon.sys -> C:\WINDOWS\System32\drivers\aswmon.sys -> [2011/07/04 13:35:09 | 000,096,344 | ---- | M] (AVAST Software) aswRdr.sys -> C:\WINDOWS\System32\drivers\aswRdr.sys -> [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) aavmker4.sys -> C:\WINDOWS\System32\drivers\aavmker4.sys -> [2011/07/04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) aswFsBlk.sys -> C:\WINDOWS\System32\drivers\aswFsBlk.sys -> [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) 5 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 5 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 3 C:\Documents and Settings\Usuario\Configuración local\Datos de programa\*.tmp files -> C:\Documents and Settings\Usuario\Configuración local\Datos de programa\*.tmp -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files - No Company Name] Boot.bak -> C:\Boot.bak -> [2011/07/30 23:26:58 | 000,000,211 | ---- | C] () cmldr -> C:\cmldr -> [2011/07/30 23:26:55 | 000,260,272 | RHS- | C] () PEV.exe -> C:\WINDOWS\PEV.exe -> [2011/07/30 23:22:45 | 000,256,000 | ---- | C] () MBR.exe -> C:\WINDOWS\MBR.exe -> [2011/07/30 23:22:45 | 000,208,896 | ---- | C] () sed.exe -> C:\WINDOWS\sed.exe -> [2011/07/30 23:22:45 | 000,098,816 | ---- | C] () grep.exe -> C:\WINDOWS\grep.exe -> [2011/07/30 23:22:45 | 000,080,412 | ---- | C] () zip.exe -> C:\WINDOWS\zip.exe -> [2011/07/30 23:22:45 | 000,068,096 | ---- | C] () MBR.dat -> C:\Documents and Settings\Usuario\Escritorio\MBR.dat -> [2011/07/30 10:09:52 | 000,000,512 | ---- | C] () Acceso directo a OTL.lnk -> C:\Documents and Settings\Usuario\Escritorio\Acceso directo a OTL.lnk -> [2011/07/30 09:01:55 | 000,000,645 | ---- | C] () results of scan1.zip -> C:\Documents and Settings\Usuario\Escritorio\results of scan1.zip -> [2011/07/27 02:09:29 | 000,015,129 | ---- | C] () results of scan.zipx -> C:\Documents and Settings\Usuario\Escritorio\results of scan.zipx -> [2011/07/27 01:51:30 | 000,010,470 | ---- | C] () DriverScanner.job -> C:\WINDOWS\tasks\DriverScanner.job -> [2011/07/27 01:49:32 | 000,000,278 | ---- | C] () DriverScanner.lnk -> C:\Documents and Settings\All Users\Escritorio\DriverScanner.lnk -> [2011/07/27 01:49:02 | 000,000,799 | ---- | C] () WinZip Quick Pick.lnk -> C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\WinZip Quick Pick.lnk -> [2011/07/27 01:44:25 | 000,001,709 | ---- | C] () WinZip.lnk -> C:\Documents and Settings\All Users\Escritorio\WinZip.lnk -> [2011/07/27 01:44:21 | 000,001,781 | ---- | C] () gmer.exe -> C:\Documents and Settings\Usuario\Escritorio\gmer.exe -> [2011/07/26 21:10:20 | 000,302,592 | ---- | C] () Update Checker.lnk -> C:\Documents and Settings\Usuario\Menú Inicio\Programas\Update Checker.lnk -> [2011/07/26 15:43:17 | 000,001,701 | ---- | C] () Update Checker.lnk -> C:\Documents and Settings\Usuario\Escritorio\Update Checker.lnk -> [2011/07/26 15:43:17 | 000,001,695 | ---- | C] () fix.inf -> C:\Documents and Settings\Usuario\Escritorio\fix.inf -> [2011/07/26 11:50:48 | 000,000,317 | ---- | C] () AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2011/07/21 17:21:27 | 000,000,298 | ---- | C] () Apple Software Update.lnk -> C:\Documents and Settings\All Users\Menú Inicio\Programas\Apple Software Update.lnk -> [2011/07/21 17:19:21 | 000,001,830 | ---- | C] () Google Earth.lnk -> C:\Documents and Settings\All Users\Escritorio\Google Earth.lnk -> [2011/07/09 15:57:57 | 000,001,964 | ---- | C] () Skype.lnk -> C:\Documents and Settings\All Users\Escritorio\Skype.lnk -> [2011/07/09 10:26:23 | 000,001,892 | ---- | C] () rp_stats.dat -> C:\WINDOWS\System32\rp_stats.dat -> [2011/04/21 21:44:37 | 000,000,064 | ---- | C] () rp_rules.dat -> C:\WINDOWS\System32\rp_rules.dat -> [2011/04/21 21:44:37 | 000,000,044 | ---- | C] () lsdelete.exe -> C:\WINDOWS\System32\lsdelete.exe -> [2010/12/22 18:38:21 | 000,016,432 | ---- | C] () etRunDLL.dll -> C:\WINDOWS\etRunDLL.dll -> [2010/11/18 19:05:44 | 000,053,248 | ---- | C] () brwmark.ini -> C:\WINDOWS\brwmark.ini -> [2010/05/21 14:13:32 | 000,000,447 | ---- | C] () brqikmon.ini -> C:\WINDOWS\brqikmon.ini -> [2010/05/21 14:13:20 | 000,000,443 | ---- | C] () brss01a.ini -> C:\WINDOWS\System32\brss01a.ini -> [2010/05/21 14:13:20 | 000,000,030 | ---- | C] () mlfcache.dat -> C:\WINDOWS\System32\mlfcache.dat -> [2010/04/13 13:03:15 | 000,035,484 | -H-- | C] () RENT2008.INI -> C:\WINDOWS\RENT2008.INI -> [2009/06/02 19:50:59 | 000,000,451 | ---- | C] () FixCamera.exe -> C:\WINDOWS\FixCamera.exe -> [2009/04/18 10:37:47 | 000,020,480 | ---- | C] () snpstd3.ini -> C:\WINDOWS\snpstd3.ini -> [2009/04/18 10:37:45 | 000,015,498 | ---- | C] () tsnpstd3.exe -> C:\WINDOWS\tsnpstd3.exe -> [2009/04/18 10:37:43 | 000,270,336 | ---- | C] () vsnpstd3.exe -> C:\WINDOWS\vsnpstd3.exe -> [2009/04/18 10:37:42 | 000,835,584 | ---- | C] () denoise.sys -> C:\WINDOWS\System32\drivers\denoise.sys -> [2009/04/18 10:37:42 | 000,003,968 | ---- | C] () EReg077.dat -> C:\WINDOWS\EReg077.dat -> [2009/03/07 23:25:53 | 000,000,282 | ---- | C] () QTW.INI -> C:\WINDOWS\QTW.INI -> [2009/03/07 23:08:39 | 000,000,306 | ---- | C] () bw6uinst.exe -> C:\WINDOWS\bw6uinst.exe -> [2009/03/07 23:06:37 | 000,125,392 | ---- | C] () ezsidmv.dat -> C:\WINDOWS\System32\ezsidmv.dat -> [2008/10/23 16:50:01 | 000,000,056 | -H-- | C] () nsreg.dat -> C:\WINDOWS\nsreg.dat -> [2008/10/22 13:34:56 | 000,000,000 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Usuario\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/10/21 21:24:23 | 000,011,264 | ---- | C] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2008/10/21 11:59:33 | 000,000,069 | ---- | C] () ChCfg.exe -> C:\WINDOWS\System32\ChCfg.exe -> [2008/09/27 18:45:53 | 000,049,152 | R--- | C] () ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2008/09/27 18:02:17 | 000,004,205 | ---- | C] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2008/09/27 17:59:12 | 000,189,792 | ---- | C] () igfxCoIn_v4764.dll -> C:\WINDOWS\System32\igfxCoIn_v4764.dll -> [2008/09/27 17:49:06 | 000,204,800 | R--- | C] () Ascd_tmp.ini -> C:\WINDOWS\Ascd_tmp.ini -> [2008/09/27 17:44:50 | 000,005,532 | ---- | C] () ASUSHWIO.SYS -> C:\WINDOWS\System32\drivers\ASUSHWIO.SYS -> [2008/09/27 17:44:48 | 000,010,288 | ---- | C] () d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2008/09/27 17:39:56 | 000,000,664 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2008/09/27 17:25:06 | 000,000,379 | ---- | C] () OgaCheckControl.dll -> C:\WINDOWS\System32\OgaCheckControl.dll -> [2008/09/27 17:23:58 | 000,676,224 | ---- | C] () unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2008/09/27 17:22:55 | 000,164,352 | ---- | C] () FontCache3.0.0.0.dat -> C:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat -> [2008/09/27 17:18:21 | 000,064,200 | ---- | C] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2008/09/27 17:10:27 | 000,002,048 | --S- | C] () emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2008/09/27 17:07:21 | 000,021,900 | ---- | C] () oeminfo.ini -> C:\WINDOWS\System32\oeminfo.ini -> [2008/06/18 02:47:50 | 000,000,601 | ---- | C] () cmdow.exe -> C:\WINDOWS\System32\cmdow.exe -> [2008/05/29 05:02:24 | 000,031,232 | ---- | C] () sleep.exe -> C:\WINDOWS\System32\sleep.exe -> [2008/05/29 05:02:24 | 000,026,013 | ---- | C] () hidcon.exe -> C:\WINDOWS\System32\hidcon.exe -> [2008/05/29 05:02:24 | 000,002,048 | ---- | C] () OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2008/04/28 22:58:50 | 000,005,827 | ---- | C] () Dcache.bin -> C:\WINDOWS\System32\Dcache.bin -> [2008/04/14 10:04:38 | 000,001,804 | ---- | C] () secupd.dat -> C:\WINDOWS\System32\secupd.dat -> [2006/12/31 09:57:08 | 000,004,569 | ---- | C] () oembios.dat -> C:\WINDOWS\System32\oembios.dat -> [2001/10/06 21:58:36 | 000,004,463 | ---- | C] () oembios.bin -> C:\WINDOWS\System32\oembios.bin -> [2001/10/06 21:58:34 | 013,107,200 | ---- | C] () mlang.dat -> C:\WINDOWS\System32\mlang.dat -> [2001/08/24 20:00:00 | 000,673,088 | ---- | C] () perfh00A.dat -> C:\WINDOWS\System32\perfh00A.dat -> [2001/08/24 20:00:00 | 000,509,078 | ---- | C] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2001/08/24 20:00:00 | 000,444,842 | ---- | C] () perfi00A.dat -> C:\WINDOWS\System32\perfi00A.dat -> [2001/08/24 20:00:00 | 000,317,534 | ---- | C] () perfi009.dat -> C:\WINDOWS\System32\perfi009.dat -> [2001/08/24 20:00:00 | 000,272,128 | ---- | C] () dssec.dat -> C:\WINDOWS\System32\dssec.dat -> [2001/08/24 20:00:00 | 000,218,003 | ---- | C] () perfc00A.dat -> C:\WINDOWS\System32\perfc00A.dat -> [2001/08/24 20:00:00 | 000,092,188 | ---- | C] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2001/08/24 20:00:00 | 000,072,466 | ---- | C] () mib.bin -> C:\WINDOWS\System32\mib.bin -> [2001/08/24 20:00:00 | 000,046,258 | ---- | C] () perfd00A.dat -> C:\WINDOWS\System32\perfd00A.dat -> [2001/08/24 20:00:00 | 000,036,284 | ---- | C] () perfd009.dat -> C:\WINDOWS\System32\perfd009.dat -> [2001/08/24 20:00:00 | 000,028,626 | ---- | C] () noise.dat -> C:\WINDOWS\System32\noise.dat -> [2001/08/24 20:00:00 | 000,000,741 | ---- | C] () [File - Lop Check] Alwil Software -> C:\Documents and Settings\All Users\Datos de programa\Alwil Software -> [2010/07/28 16:30:53 | 000,000,000 | ---D | M] Bandoo -> C:\Documents and Settings\All Users\Datos de programa\Bandoo -> [2010/04/07 16:34:16 | 000,000,000 | ---D | M] ESET -> C:\Documents and Settings\All Users\Datos de programa\ESET -> [2008/09/27 17:26:32 | 000,000,000 | ---D | M] IM -> C:\Documents and Settings\All Users\Datos de programa\IM -> [2010/02/12 22:55:54 | 000,000,000 | ---D | M] IncrediMail -> C:\Documents and Settings\All Users\Datos de programa\IncrediMail -> [2010/02/12 22:54:47 | 000,000,000 | ---D | M] TEMP -> C:\Documents and Settings\All Users\Datos de programa\TEMP -> [2009/04/10 13:30:18 | 000,000,000 | ---D | M] WinZip -> C:\Documents and Settings\All Users\Datos de programa\WinZip -> [2011/07/27 01:45:30 | 000,000,000 | ---D | M] {2162CCC0-3A5F-4887-B51F-CE5F195B3620} -> C:\Documents and Settings\All Users\Datos de programa\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} -> [2010/12/22 16:01:42 | 000,000,000 | -H-D | M] {429CAD59-35B1-4DBC-BB6D-1DB246563521} -> C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521} -> [2010/05/15 16:33:48 | 000,000,000 | ---D | M] {755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Datos de programa\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2010/03/23 02:03:59 | 000,000,000 | ---D | M] AVGTOOLBAR -> C:\Documents and Settings\Usuario\Datos de programa\AVGTOOLBAR -> [2009/04/28 16:45:52 | 000,000,000 | ---D | M] Bandoo -> C:\Documents and Settings\Usuario\Datos de programa\Bandoo -> [2010/03/20 19:23:56 | 000,000,000 | ---D | M] Facebook -> C:\Documents and Settings\Usuario\Datos de programa\Facebook -> [2010/03/09 01:08:18 | 000,000,000 | ---D | M] OpenCandy -> C:\Documents and Settings\Usuario\Datos de programa\OpenCandy -> [2011/07/27 01:46:34 | 000,000,000 | ---D | M] TightVNC -> C:\Documents and Settings\Usuario\Datos de programa\TightVNC -> [2011/01/06 22:36:29 | 000,000,000 | ---D | M] Uniblue -> C:\Documents and Settings\Usuario\Datos de programa\Uniblue -> [2011/07/27 01:49:22 | 000,000,000 | ---D | M] Windows Live Writer -> C:\Documents and Settings\Usuario\Datos de programa\Windows Live Writer -> [2010/02/27 17:44:04 | 000,000,000 | ---D | M] Ad-Aware Update (Weekly).job -> C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job -> [2011/07/12 13:00:53 | 000,000,000 | ---- | M] () DriverScanner.job -> C:\WINDOWS\Tasks\DriverScanner.job -> [2011/07/27 02:16:58 | 000,000,278 | ---- | M] () SDMsgUpdate (TE).job -> C:\WINDOWS\Tasks\SDMsgUpdate (TE).job -> [2011/07/12 12:18:57 | 000,000,476 | ---- | M] () User_Feed_Synchronization-{EE2D1BA0-0873-4BD1-9F03-FEE5404C5978}.job -> C:\WINDOWS\Tasks\User_Feed_Synchronization-{EE2D1BA0-0873-4BD1-9F03-FEE5404C5978}.job -> [2011/07/31 20:30:00 | 000,000,440 | -H-- | M] () [Custom Scans] < %USERPROFILE%\..|smtmp;true;true;true /FP > < %SYSTEMDRIVE%\*.exe > < MD5 Scans Start> < %systemdrive%\EXPLORER.EXE /md5 /s > explorer.exe : MD5=7522F548A84ABAD8FA516DE5AB3931EF -> C:\WINDOWS\XPize Darkside\Backup\explorer.exe -> [2008/04/14 09:48:58 | 001,036,288 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=97BD6515465659FF8F3B7BE375B2EA87 -> C:\Documents and Settings\Usuario\Mis documentos\Downloads\explorer.exe -> [2007/06/13 11:23:08 | 001,033,216 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=97BD6515465659FF8F3B7BE375B2EA87 -> C:\WINDOWS\Temp\wzca6d\explorer.exe -> [2007/06/13 11:23:08 | 001,033,216 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=97BD6515465659FF8F3B7BE375B2EA87 -> C:\WINDOWS\Temp\wze832\explorer.exe -> [2007/06/13 11:23:08 | 001,033,216 | ---- | M] (Microsoft Corporation) < %systemdrive%\SVCHOST.EXE /md5 /s > svchost.exe : MD5=4F2340F0BD5B6365C38E74DD391919A8 -> C:\WINDOWS\system32\svchost.exe -> [2008/04/14 09:49:14 | 000,014,336 | ---- | M] (Microsoft Corporation) < %systemdrive%\USERINIT.EXE /md5 /s > userinit.exe : MD5=F5B8745B9A90EAF17E30C0574E049AA3 -> C:\WINDOWS\system32\userinit.exe -> [2008/04/14 09:49:16 | 000,026,624 | ---- | M] (Microsoft Corporation) < %systemdrive%\VOLSNAP.INF /md5 /s > volsnap.inf : MD5=EB426E6A5CAEBB798FABCBEEBF3A32BB -> C:\WINDOWS\inf\volsnap.inf -> [2001/08/24 20:00:00 | 000,002,232 | ---- | M] () < %systemdrive%\VOLSNAP.PNF /md5 /s > volsnap.PNF : MD5=51CE75294B620AA6D623FE3EAC8AE675 -> C:\WINDOWS\inf\volsnap.PNF -> [2008/09/27 17:13:31 | 000,005,004 | ---- | M] () < %systemdrive%\VOLSNAP.SYS /md5 /s > volsnap.sys : MD5=C41FFDC191E6C832E2E53C967EAE0A16 -> C:\WINDOWS\system32\drivers\volsnap.sys -> [2008/04/14 09:21:18 | 000,053,248 | ---- | M] (Microsoft Corporation) < %systemdrive%\WINLOGON.EXE /md5 /s > winlogon.exe : MD5=213C80D912880BBF04453D09FFCCB28C -> C:\WINDOWS\system32\winlogon.exe -> [2008/04/14 09:49:16 | 000,510,976 | ---- | M] (Microsoft Corporation) < MD5 Scans End> < %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\ShowIconsCommand -> C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS] -> [2011/07/09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\HideIconsCommand -> C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS] -> [2011/07/09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\ReinstallCommand -> C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER] -> [2011/07/09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\ -> C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE"] -> [2011/07/09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand -> C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS] -> [2011/06/24 10:26:15 | 000,714,928 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand -> C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS] -> [2011/06/24 10:26:15 | 000,714,928 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand -> C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL] -> [2011/06/24 10:26:15 | 000,714,928 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\ -> C:\Archivos de programa\Mozilla Firefox\firefox.exe [C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\FIREFOX.EXE] -> [2011/06/24 10:26:27 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\ -> C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\FIREFOX.EXE ["C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES] -> [2011/06/24 10:26:27 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\ -> C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\FIREFOX.EXE ["C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE] -> [2011/06/24 10:26:27 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand -> C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS] -> [2011/07/09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand -> C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS] -> [2011/07/09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand -> C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER] -> [2011/07/09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\ -> C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\ARCHIVOS DE PROGRAMA\GOOGLE\CHROME\APPLICATION\CHROME.EXE"] -> [2011/07/09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL] -> [2009/03/08 04:32:54 | 000,173,056 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE] -> [2009/03/08 04:32:54 | 000,173,056 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW] -> [2009/03/08 04:32:54 | 000,173,056 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\ -> C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE ["C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF] -> [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\ -> C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE ["C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE"] -> [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand -> C:\ARCHIVOS DE PROGRAMA\SAFARI\SAFARI.EXE ["C:\ARCHIVOS DE PROGRAMA\SAFARI\SAFARI.EXE" /REINSTALL] -> [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand -> C:\ARCHIVOS DE PROGRAMA\SAFARI\SAFARI.EXE ["C:\ARCHIVOS DE PROGRAMA\SAFARI\SAFARI.EXE" /HIDEICONS] -> [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand -> C:\ARCHIVOS DE PROGRAMA\SAFARI\SAFARI.EXE ["C:\ARCHIVOS DE PROGRAMA\SAFARI\SAFARI.EXE" /SHOWICONS] -> [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command -> -> HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\ -> C:\ARCHIVOS DE PROGRAMA\SAFARI\SAFARI.EXE ["C:\ARCHIVOS DE PROGRAMA\SAFARI\SAFARI.EXE"] -> [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.) Restore point Set: OTS Restore Point (0) [Alternate Data Streams] @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:DFC5A2B2 < End of report > [/code]