[RESOLVED] Generic.Bot.H, RiskWare.Tool.CK, Malware.Trace - Page 3
Page 3 of 4 FirstFirst 1234 LastLast
Results 31 to 45 of 48

Thread: [RESOLVED] Generic.Bot.H, RiskWare.Tool.CK, Malware.Trace

  1. #31
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    The Other OTL Works!

    Here the Logs:

    OTL logfile created on: 29/09/2010 09:22:58 a.m. - Run 1
    OTL by OldTimer - Version 3.2.1.2 Folder = C:\Documents and Settings\Fernando Pliego\Escritorio
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 38.00% Memory free
    4.00 Gb Paging File | 3.00 Gb Available in Paging File | 73.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2558 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
    Drive C: | 148.96 Gb Total Space | 27.62 Gb Free Space | 18.54% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    Drive G: | 54.75 Mb Total Space | 46.47 Mb Free Space | 84.88% Space Free | Partition Type: FAT
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
    Drive R: | 465.76 Gb Total Space | 329.02 Gb Free Space | 70.64% Space Free | Partition Type: NTFS

    Computer Name: SERVIDORAV
    Current User Name: Fernando Pliego
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 14 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010/09/29 09:21:23 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fernando Pliego\Escritorio\lichtinsdunkel.exe
    PRC - [2010/09/24 18:02:20 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Fernando Pliego\Configuración local\Datos de programa\Google\Update\1.2.183.29\GoogleCrashHandler.exe
    PRC - [2010/09/21 00:40:50 | 000,977,976 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Fernando Pliego\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe
    PRC - [2010/07/19 11:38:14 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe
    PRC - [2010/07/19 11:38:13 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe
    PRC - [2010/07/19 11:38:11 | 001,881,368 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection\Smc.exe
    PRC - [2010/07/19 11:38:11 | 001,831,024 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection\Rtvscan.exe
    PRC - [2010/07/19 11:38:11 | 001,459,528 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection\SmcGui.exe
    PRC - [2010/05/18 19:05:54 | 003,150,336 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Archivos de programa\Cobian Backup 10\cbInterface.exe
    PRC - [2010/05/18 19:05:52 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Archivos de programa\Cobian Backup 10\cbService.exe
    PRC - [2010/05/18 14:40:18 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) -- C:\Archivos de programa\Cobian Backup 10\cbVSCService.exe
    PRC - [2010/04/21 20:21:46 | 000,234,864 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection Manager\tomcat\bin\SemSvc.exe
    PRC - [2010/03/23 10:57:48 | 015,889,248 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Microsoft Office\Office14\OUTLOOK.EXE
    PRC - [2010/02/17 10:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Symantec\LiveUpdate\LuComServer_3_3.EXE
    PRC - [2010/02/17 10:53:18 | 001,422,712 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Symantec\LiveUpdate\LUALL.EXE
    PRC - [2010/02/17 10:53:18 | 000,484,728 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Symantec\LiveUpdate\LuCallbackProxy.exe
    PRC - [2010/02/02 12:35:30 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
    PRC - [2010/01/09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    PRC - [2009/11/09 21:57:54 | 000,099,896 | R--- | M] (HP) -- C:\WINDOWS\system32\HPSIsvc.exe
    PRC - [2009/06/24 10:57:04 | 000,136,704 | ---- | M] (HP) -- C:\Archivos de programa\HP\HPLaserJetService\HPLaserJetService.exe
    PRC - [2009/06/17 06:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Archivos de programa\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    PRC - [2009/06/11 11:17:26 | 000,139,264 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection Manager\jdk\bin\java.exe
    PRC - [2009/05/21 12:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Archivos de programa\Dell Support Center\bin\sprtcmd.exe
    PRC - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    PRC - [2009/03/30 03:25:26 | 043,010,392 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Archivos de programa\Dell Support Center\bin\sprtsvc.exe
    PRC - [2008/07/20 16:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2008/07/20 16:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    PRC - [2008/07/10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe
    PRC - [2008/05/14 12:31:04 | 000,083,248 | R--- | M] (iAnywhere Solutions, Inc.) -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection Manager\ASA\win32\dbsrv9.exe
    PRC - [2008/04/14 02:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2008/04/14 02:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
    PRC - [2006/08/09 15:40:58 | 001,642,589 | ---- | M] (VMware, Inc.) -- C:\Archivos de programa\VMware\VMware Server\vmserverdWin32.exe
    PRC - [2006/08/09 15:40:56 | 000,151,643 | ---- | M] (VMware, Inc.) -- C:\Archivos de programa\VMware\VMware Server\vmware-authd.exe
    PRC - [2006/08/09 15:40:56 | 000,135,168 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe
    PRC - [2006/08/09 15:40:56 | 000,106,496 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe
    PRC - [2006/08/09 12:48:40 | 000,262,144 | ---- | M] (VMware, Inc.) -- C:\Archivos de programa\Archivos comunes\VMware\VMware Virtual Image Editing\vmount2.exe
    PRC - [2004/10/04 14:50:20 | 000,917,611 | ---- | M] (Dell Inc.) -- C:\Archivos de programa\Tarjeta inalámbrica Dell\PRISMCFG.exe
    PRC - [2004/10/04 14:10:16 | 000,327,769 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMSVR.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/09/29 09:21:23 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fernando Pliego\Escritorio\lichtinsdunkel.exe


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- -- (TuneUp.UtilitiesSvc)
    SRV - File not found [On_Demand | Stopped] -- -- (TuneUp.Defrag)
    SRV - File not found [Disabled | Stopped] -- -- (Macro Expert)
    SRV - [2010/08/13 20:16:27 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2010/07/19 11:38:14 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
    SRV - [2010/07/19 11:38:14 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
    SRV - [2010/07/19 11:38:11 | 001,881,368 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
    SRV - [2010/07/19 11:38:11 | 001,831,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
    SRV - [2010/07/19 11:38:11 | 000,349,512 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
    SRV - [2010/05/18 19:05:52 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) [Auto | Running] -- C:\Archivos de programa\Cobian Backup 10\cbService.exe -- (CobianBackup10)
    SRV - [2010/05/18 14:40:18 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Archivos de programa\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
    SRV - [2010/05/07 11:01:04 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
    SRV - [2010/04/21 20:21:46 | 000,234,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection Manager\tomcat\bin\SemSvc.exe -- (semsrv)
    SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
    SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
    SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2010/02/17 10:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Archivos de programa\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
    SRV - [2010/02/02 12:35:30 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
    SRV - [2010/01/26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
    SRV - [2010/01/09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
    SRV - [2010/01/09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
    SRV - [2009/12/18 18:45:49 | 000,079,360 | ---- | M] (SolidWorks) [Disabled | Stopped] -- C:\Archivos de programa\Archivos comunes\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
    SRV - [2009/11/09 21:57:54 | 000,099,896 | R--- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPSIsvc.exe -- (HPSIService)
    SRV - [2009/07/22 22:08:48 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)
    SRV - [2009/06/24 10:57:04 | 000,136,704 | ---- | M] (HP) [Auto | Running] -- C:\Archivos de programa\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
    SRV - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
    SRV - [2009/03/30 03:25:26 | 043,010,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
    SRV - [2009/03/30 03:23:32 | 000,254,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
    SRV - [2009/03/30 03:23:24 | 000,366,936 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)
    SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Archivos de programa\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
    SRV - [2008/07/20 16:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
    SRV - [2008/07/10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
    SRV - [2008/05/14 12:31:04 | 000,083,248 | R--- | M] (iAnywhere Solutions, Inc.) [Auto | Running] -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection Manager\ASA\win32\dbsrv9.exe -- (ASANYs_sem5)
    SRV - [2008/04/14 02:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
    SRV - [2008/04/14 02:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
    SRV - [2007/07/11 08:33:28 | 000,069,632 | R--- | M] (MicroVision Development, Inc.) [Disabled | Stopped] -- C:\Archivos de programa\Archivos comunes\SureThing Shared\stllssvr.exe -- (stllssvr)
    SRV - [2006/08/09 15:40:58 | 001,642,589 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Archivos de programa\VMware\VMware Server\vmserverdWin32.exe -- (vmserverdWin32)
    SRV - [2006/08/09 15:40:56 | 000,151,643 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Archivos de programa\VMware\VMware Server\vmware-authd.exe -- (VMAuthdService)
    SRV - [2006/08/09 15:40:56 | 000,135,168 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
    SRV - [2006/08/09 15:40:56 | 000,106,496 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
    SRV - [2006/08/09 12:48:40 | 000,262,144 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2)
    SRV - [2005/09/23 08:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)
    SRV - [2004/10/04 14:12:50 | 000,057,344 | ---- | M] (Conexant Systems, Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\PRISMSVC.exe -- (PRISMSVC)
    SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)

  2. #32
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USSMB/22
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USSMB/22

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/enterprise/s...onse/index.jsp
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

    FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Archivos de programa\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/04/28 09:11:42 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Archivos de programa\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/04/28 09:11:44 | 000,000,000 | ---D | M]

    [2010/07/14 14:18:57 | 000,000,000 | ---D | M] -- C:\Archivos de programa\Mozilla Firefox\extensions
    [2010/06/29 12:37:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npdeployJava1.dll

    O1 HOSTS File: ([2010/09/28 12:15:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Archivos de programa\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O4 - HKLM..\Run: [BCSSync] C:\Archivos de programa\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [ccApp] C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe (Symantec Corporation)
    O4 - HKLM..\Run: [Cobian Backup 10 Interface] C:\Archivos de programa\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)
    O4 - HKLM..\Run: [dellsupportcenter] C:\Archivos de programa\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKLM..\Run: [IAAnotif] C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    O4 - HKLM..\Run: [SwitchBoard] C:\Archivos de programa\Archivos comunes\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [VirtualCloneDrive] C:\Archivos de programa\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
    O4 - HKCU..\Run: [OfficeSyncProcess] C:\Archivos de programa\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
    O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Utilidad de la tarjeta USB 2.0 WLAN inalámbrica.lnk = C:\Archivos de programa\Tarjeta inalámbrica Dell\PRISMCFG.exe (Dell Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Append to existing PDF - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert link target to existing PDF - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to Adobe PDF - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O9 - Extra Button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O16 - DPF: {00000035-9593-4264-8B29-930B3E4EDCCD} https://www.rooms.hp.com/vRoom_Cab/WebHPVCInstall35.cab (HPVirtualRooms35 Class)
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.0.cab (DLM Control)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1239810178203 (WUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} http://download.microsoft.com/downlo...-US/msorun.cab (IEAnimBehaviorFactory Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
    O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Archivos de programa\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/02/02 11:12:05 | 000,000,028 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2008/09/07 14:11:38 | 000,001,050 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT ]
    O32 - AutoRun File - [2008/09/07 14:11:38 | 000,001,050 | ---- | M] () - G:\AUTOEXEC.UP -- [ FAT ]
    O32 - AutoRun File - [2010/06/02 17:37:18 | 000,000,000 | R--D | M] - R:\autorun.inf -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/05/28 13:58:49 | 000,000,000 | ---D | M]
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
    NetSvcs: WmdmPmSp - File not found

    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
    Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
    Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point (55745656140070912)

  3. #33
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    ========== Files/Folders - Created Within 14 Days ==========

    [2010/09/29 09:21:22 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fernando Pliego\Escritorio\lichtinsdunkel.exe
    [2010/09/29 09:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Datos de programa\VMware
    [2010/09/28 19:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Datos de programa\VMware
    [2010/09/28 19:07:13 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fernando Pliego\Escritorio\TFC.exe
    [2010/09/28 18:56:34 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Trend Micro
    [2010/09/28 18:15:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2010/09/28 12:06:52 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2010/09/28 12:00:41 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2010/09/28 12:00:41 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2010/09/28 12:00:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2010/09/28 12:00:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2010/09/28 12:00:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2010/09/28 11:58:25 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2010/09/27 13:29:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Malwarebytes
    [2010/09/27 13:29:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2010/09/27 13:29:16 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2010/09/27 13:29:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
    [2010/09/27 13:29:15 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
    [2010/09/27 13:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fernando Pliego\Mis documentos\IMPORTANTES
    [2010/09/27 13:00:12 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Fernando Pliego\Escritorio\mbam-setup-1.46.exe
    [2010/09/24 18:02:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fernando Pliego\Configuraci&#243;n local\Datos de programa\Temp
    [2010/09/03 13:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Configuraci&#243;n local\Datos de programa\Google
    [2010/08/13 20:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Configuraci&#243;n local\Datos de programa\Adobe
    [2010/08/06 19:13:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Datos de programa\Microsoft
    [2010/06/30 13:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Configuraci&#243;n local\Datos de programa\Adobe
    [2010/06/30 09:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Configuraci&#243;n local\Datos de programa\Microsoft
    [2010/06/28 19:07:37 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Datos de programa\Microsoft
    [2010/06/03 09:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Configuraci&#243;n local\Datos de programa\Safe mirror
    [2010/06/02 16:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Configuraci&#243;n local\Datos de programa\Microsoft
    [2010/01/18 10:26:11 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
    [2009/12/21 18:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Configuraci&#243;n local\Datos de programa\ICS
    [2009/12/14 13:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Datos de programa\TuneUp Software
    [2009/07/08 03:12:20 | 001,162,744 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\mfc90u.dll
    [2009/07/08 03:12:20 | 001,156,600 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\mfc90.dll
    [2009/07/08 03:12:20 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\msvcr90.dll
    [2009/07/08 03:12:20 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\msvcp90.dll
    [2009/07/08 03:12:20 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\msvcm90.dll
    [2009/07/08 03:12:20 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\mfcm90u.dll
    [2009/07/08 03:12:20 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\mfcm90.dll
    [2009/04/07 20:15:00 | 000,254,083 | ---- | C] (AhnLab, Inc.) -- C:\Archivos de programa\aossdk.dll
    [2009/03/25 10:52:00 | 000,417,937 | ---- | C] (AhnLab, Inc.) -- C:\Archivos de programa\suipre.dll
    [2009/03/25 10:52:00 | 000,248,568 | ---- | C] (AhnLab, Inc.) -- C:\Archivos de programa\ASPLnchr.exe
    [2009/03/25 10:52:00 | 000,131,201 | ---- | C] (AhnLab, Inc.) -- C:\Archivos de programa\v3hunt.dll
    [2009/03/25 10:52:00 | 000,087,536 | ---- | C] (AhnLab, Inc.) -- C:\Archivos de programa\bz32ex.dll
    [2006/12/02 06:22:52 | 000,479,232 | R--- | C] (Microsoft Corporation) -- C:\Archivos de programa\msvcm80.dll
    [2006/12/01 22:03:36 | 000,626,688 | R--- | C] (Microsoft Corporation) -- C:\Archivos de programa\msvcr80.dll
    [2006/12/01 22:03:36 | 000,548,864 | R--- | C] (Microsoft Corporation) -- C:\Archivos de programa\msvcp80.dll
    [2005/02/01 12:55:40 | 000,233,555 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Archivos de programa\npkcrypt.dll
    [2005/02/01 12:55:40 | 000,053,248 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Archivos de programa\npkpdb.dll
    [2005/02/01 12:55:40 | 000,037,009 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Archivos de programa\npkcusb.sys
    [2005/02/01 12:55:40 | 000,021,442 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Archivos de programa\npkcrypt.sys
    [2004/12/28 10:35:26 | 000,401,462 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\msvcp60.dll
    [2004/11/15 11:52:02 | 000,278,619 | ---- | C] ((C) INCA ) -- C:\Archivos de programa\NPSCAN.DES
    [2003/06/17 11:33:26 | 000,126,976 | ---- | C] (INCA Internet, Inc) -- C:\Archivos de programa\NPX.DLL
    [2003/05/20 14:04:26 | 000,081,920 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Archivos de programa\npkeysdk.dll
    [2003/04/23 11:37:50 | 000,164,864 | ---- | C] (INCA Internet co., Ltd.) -- C:\Archivos de programa\NPUPDATE0.DLL
    [2003/04/23 11:37:50 | 000,055,296 | ---- | C] (INCA Internet Co., Ltd) -- C:\Archivos de programa\NPCIPHER.DLL
    [2002/10/01 20:11:48 | 000,230,455 | ---- | C] (RAD Game Tools, Inc.) -- C:\Archivos de programa\granny2.dll
    [2002/06/21 21:39:12 | 000,031,744 | ---- | C] (incainternet) -- C:\Archivos de programa\NPPSK.DLL
    [2002/06/18 10:11:22 | 000,163,088 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\dbghelp.dll
    [2001/04/15 08:20:00 | 000,156,672 | ---- | C] ((c) 1999-2002 INCA Internet co., Ltd.) -- C:\Archivos de programa\npupdate.dll
    [2001/03/21 06:35:26 | 000,372,736 | ---- | C] (Intel Corporation) -- C:\Archivos de programa\ijl15.dll
    [1 C:\Archivos de programa\*.tmp files -> C:\Archivos de programa\*.tmp -> ]

    ========== Files - Modified Within 14 Days ==========

    [2010/09/29 09:21:23 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fernando Pliego\Escritorio\lichtinsdunkel.exe
    [2010/09/29 09:13:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/09/29 09:09:52 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2010/09/29 09:09:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/09/28 19:21:32 | 016,515,072 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\NTUSER.DAT
    [2010/09/28 19:21:32 | 000,000,304 | -HS- | M] () -- C:\Documents and Settings\Fernando Pliego\ntuser.ini
    [2010/09/28 19:09:26 | 001,692,418 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
    [2010/09/28 19:09:26 | 000,733,806 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
    [2010/09/28 19:09:26 | 000,630,366 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2010/09/28 19:09:26 | 000,170,532 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
    [2010/09/28 19:09:26 | 000,131,000 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2010/09/28 19:07:34 | 000,869,051 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\SecurityCheck.exe
    [2010/09/28 19:07:20 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fernando Pliego\Escritorio\TFC.exe
    [2010/09/28 18:56:38 | 000,002,511 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\HiJackThis.lnk
    [2010/09/28 17:20:04 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
    [2010/09/28 12:15:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2010/09/28 12:06:56 | 000,000,327 | RHS- | M] () -- C:\boot.ini
    [2010/09/28 11:57:47 | 003,855,377 | R--- | M] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\ComboFix.exe
    [2010/09/28 11:08:58 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\Acceso directo a Informacion Sistemas SEP 2010.doc.lnk
    [2010/09/27 18:34:40 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\MBRCheck.exe
    [2010/09/27 18:09:52 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
    [2010/09/27 13:27:33 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\Acceso directo a Base de datos mantenimiento.accdb.lnk
    [2010/09/27 13:00:38 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\dds.scr
    [2010/09/27 13:00:27 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Fernando Pliego\Escritorio\mbam-setup-1.46.exe
    [2010/09/27 13:00:27 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\1u6ft198.exe
    [2010/09/27 09:17:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\null
    [2010/09/16 17:21:41 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\Configuraci&#243;n local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/09/16 09:27:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [1 C:\Archivos de programa\*.tmp files -> C:\Archivos de programa\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/09/28 19:07:05 | 000,869,051 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\SecurityCheck.exe
    [2010/09/28 18:56:34 | 000,002,511 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\HiJackThis.lnk
    [2010/09/28 12:06:56 | 000,000,210 | ---- | C] () -- C:\Boot.bak
    [2010/09/28 12:06:54 | 000,260,272 | RHS- | C] () -- C:\cmldr
    [2010/09/28 12:00:41 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2010/09/28 12:00:41 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2010/09/28 12:00:41 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2010/09/28 12:00:40 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2010/09/28 12:00:40 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2010/09/28 11:57:32 | 003,855,377 | R--- | C] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\ComboFix.exe
    [2010/09/28 11:08:58 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\Acceso directo a Informacion Sistemas SEP 2010.doc.lnk
    [2010/09/27 18:34:40 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\MBRCheck.exe
    [2010/09/27 13:27:33 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\Acceso directo a Base de datos mantenimiento.accdb.lnk
    [2010/09/27 13:00:36 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\dds.scr
    [2010/09/27 13:00:26 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Escritorio\1u6ft198.exe
    [2010/09/16 09:12:19 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
    [2010/09/09 19:20:56 | 001,346,512 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuraci&#243;n local\Datos de programa\FontCache3.0.0.0.dat
    [2010/09/03 16:59:07 | 000,000,462 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Rim.Desktop.Exception.log
    [2010/09/03 16:57:13 | 000,001,714 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Rim.Desktop.HttpServerSetup.log
    [2010/08/06 19:13:45 | 000,052,736 | R--- | C] () -- C:\WINDOWS\System32\HP1100SMs.dll
    [2010/08/06 19:13:44 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\HP1100LM.DLL
    [2010/08/06 19:07:55 | 000,284,160 | ---- | C] () -- C:\WINDOWS\System32\mvhlewsi.DLL
    [2010/07/07 10:29:42 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
    [2010/06/28 11:34:42 | 000,001,198 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\sanct.log
    [2010/06/28 11:24:55 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
    [2010/06/17 18:32:37 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Adobe PNG Format CS5 Prefs
    [2010/03/18 21:25:15 | 001,285,208 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuraci&#243;n local\Datos de programa\WPFFontCache_v0400-S-1-5-21-3205821269-3646787584-291108452-1005-0.dat
    [2010/03/18 21:24:54 | 000,394,018 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuraci&#243;n local\Datos de programa\WPFFontCache_v0400-System.dat
    [2010/02/16 14:35:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
    [2010/02/03 17:05:58 | 000,000,318 | ---- | C] () -- C:\WINDOWS\WpePro_0delay.INI
    [2010/02/02 11:11:02 | 000,303,176 | ---- | C] () -- C:\WINDOWS\System32\TTFI6ES.dll
    [2010/02/02 11:10:48 | 000,018,120 | ---- | C] () -- C:\WINDOWS\Saesuger.ini
    [2010/02/02 11:10:48 | 000,006,359 | ---- | C] () -- C:\WINDOWS\Saewin.ini
    [2010/01/27 12:56:45 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
    [2010/01/12 06:35:44 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
    [2010/01/08 13:03:02 | 000,000,133 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
    [2009/12/21 12:32:47 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Fernando Pliego\NTUSER.DAT_tureg_new.LOG
    [2009/12/18 18:52:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
    [2009/12/14 12:56:41 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\p2smcube.dll
    [2009/12/14 12:56:41 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\p2molap.dll
    [2009/12/14 12:56:41 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\p2solap.dll
    [2009/12/14 12:56:41 | 000,100,352 | ---- | C] () -- C:\WINDOWS\System32\pg32conv.dll
    [2009/12/14 12:39:42 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
    [2009/09/16 18:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
    [2009/09/13 00:42:34 | 000,010,200 | ---- | C] () -- C:\Archivos de programa\dinput.dll
    [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
    [2009/07/08 03:12:20 | 000,000,548 | ---- | C] () -- C:\Archivos de programa\Microsoft.VC90.MFC.manifest
    [2009/07/08 03:12:20 | 000,000,524 | ---- | C] () -- C:\Archivos de programa\Microsoft.VC90.CRT.manifest
    [2009/06/15 13:21:27 | 000,000,722 | ---- | C] () -- C:\Documents and Settings\All Users\Datos de programa\hpzinstall.log
    [2009/06/10 10:14:58 | 000,016,603 | ---- | C] () -- C:\Archivos de programa\patch5.txt
    [2009/05/25 11:38:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SUF80Design.INI
    [2009/05/15 12:49:04 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\.recently-used.xbel
    [2009/04/23 09:44:11 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Configuraci&#243;n local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/04/21 18:08:12 | 000,019,577 | ---- | C] () -- C:\Archivos de programa\patch2.txt
    [2009/04/17 10:13:42 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\CoPrism.dll
    [2009/04/16 10:16:00 | 000,061,186 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
    [2009/04/16 10:16:00 | 000,015,241 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
    [2009/04/16 10:15:58 | 000,017,947 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
    [2009/04/15 11:22:16 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
    [2009/04/15 10:08:34 | 000,000,905 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2009/04/14 11:27:17 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\Configuraci&#243;n local\Datos de programa\fusioncache.dat
    [2009/04/14 11:27:16 | 016,515,072 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\NTUSER.DAT
    [2009/04/14 11:27:16 | 012,058,624 | ---- | C] () -- C:\Documents and Settings\Fernando Pliego\NTUSER.DAT_tureg_old
    [2009/04/14 11:27:16 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Fernando Pliego\ntuser.dat.LOG
    [2009/04/14 11:27:16 | 000,000,304 | -HS- | C] () -- C:\Documents and Settings\Fernando Pliego\ntuser.ini
    [2009/04/14 11:27:08 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
    [2009/04/14 11:27:08 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
    [2009/04/07 20:14:40 | 000,000,005 | R--- | C] () -- C:\Archivos de programa\patch_allow.txt
    [2009/04/07 16:17:54 | 000,046,009 | ---- | C] () -- C:\Archivos de programa\IFUD97D.inf
    [2009/04/07 16:08:42 | 000,046,205 | ---- | C] () -- C:\Archivos de programa\IFU6AE3.inf
    [2009/04/07 03:57:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4977.dll
    [2009/04/07 03:56:19 | 000,001,433 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2009/04/07 00:27:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2009/04/07 00:14:02 | 000,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2009/04/01 10:48:16 | 000,053,478 | ---- | C] () -- C:\WINDOWS\mvtcpui.ini
    [2008/06/20 14:50:13 | 000,003,656 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2008/06/20 09:39:00 | 000,016,684 | ---- | C] () -- C:\WINDOWS\System32\netvbl32.dll
    [2008/05/26 21:23:18 | 000,016,892 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
    [2008/05/26 21:23:16 | 000,023,640 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
    [2008/05/26 21:23:14 | 000,016,164 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
    [2008/02/07 11:05:18 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
    [2007/08/21 21:46:34 | 000,059,160 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
    [2006/12/01 22:03:36 | 000,001,869 | R--- | C] () -- C:\Archivos de programa\Microsoft.VC80.CRT.manifest
    [2006/08/09 16:14:16 | 000,851,968 | R--- | C] () -- C:\WINDOWS\System32\libeay32.dll
    [2006/08/09 16:14:16 | 000,159,744 | R--- | C] () -- C:\WINDOWS\System32\ssleay32.dll
    [2005/06/21 06:58:06 | 000,188,416 | ---- | C] () -- C:\Archivos de programa\lua.exe
    [2005/03/28 15:24:52 | 000,000,051 | ---- | C] () -- C:\Archivos de programa\patch4.txt
    [2005/02/01 12:55:40 | 000,018,562 | ---- | C] () -- C:\Archivos de programa\npkcrypt.vxd
    [2004/11/17 07:29:44 | 000,041,844 | ---- | C] () -- C:\Archivos de programa\IFU7A.inf
    [2003/04/23 11:37:50 | 000,000,898 | ---- | C] () -- C:\Archivos de programa\FORMAT.CFG
    [2003/03/26 10:44:04 | 000,009,774 | ---- | C] () -- C:\Archivos de programa\tipOfTheDay.txt
    [2002/10/01 20:11:48 | 000,358,963 | ---- | C] () -- C:\Archivos de programa\binkw32.dll
    [2002/07/06 09:16:02 | 000,125,952 | ---- | C] () -- C:\Archivos de programa\Mp3dec.asi
    [2002/07/06 09:16:02 | 000,062,976 | ---- | C] () -- C:\Archivos de programa\Mssfast.m3d
    [2002/06/21 21:39:06 | 000,061,952 | ---- | C] () -- C:\Archivos de programa\NPCHK.DLL
    [2001/03/31 08:41:26 | 000,346,624 | ---- | C] () -- C:\Archivos de programa\Mss32.dll
    [1998/06/11 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL

  4. #34
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    ========== LOP Check ==========

    [2010/03/24 12:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Alwil Software
    [2009/04/17 12:08:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Datos de programa\CanonBJ
    [2010/04/10 09:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\DAEMON Tools Lite
    [2010/06/29 13:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Embarcadero
    [2010/05/26 18:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Grasssoft
    [2009/05/25 11:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\IndigoRose
    [2010/03/03 15:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Installations
    [2010/01/13 14:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Messenger Plus!
    [2010/05/19 09:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Nitro PDF
    [2010/03/03 15:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Nokia
    [2010/04/28 09:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\OviInstallerCache
    [2010/03/03 15:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PC Suite
    [2010/06/29 11:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PreEmptive Solutions
    [2009/04/22 10:57:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Prism
    [2010/07/01 16:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\regid.1986-12.com.adobe
    [2010/09/03 16:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Research In Motion
    [2010/05/11 13:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Sony
    [2010/08/26 10:05:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Stardock
    [2009/04/07 00:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\SupportSoft
    [2010/06/08 12:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
    [2010/06/04 10:57:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TuneUp Software
    [2009/12/14 11:13:53 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Datos de programa\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
    [2010/06/08 11:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\3M
    [2010/08/24 12:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Azureus
    [2009/12/26 15:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Charles
    [2010/06/02 10:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2010/06/29 13:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\CodeGear
    [2010/04/10 09:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\DAEMON Tools Lite
    [2010/08/24 12:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\DAEMON Tools Pro
    [2010/05/19 09:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Downloaded Installations
    [2010/07/08 10:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\FileZilla
    [2010/06/08 13:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\GetRightToGo
    [2009/12/26 11:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Grasssoft
    [2009/05/15 12:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\gtk-2.0
    [2010/07/22 11:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\IM
    [2009/04/21 12:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\ImgBurn
    [2009/05/25 11:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\IndigoRose
    [2010/08/24 12:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\J River
    [2010/08/24 12:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\MessengerDiscovery 2
    [2010/08/13 15:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Nitro PDF
    [2010/09/06 12:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Nokia
    [2010/04/28 09:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Nokia Ovi Suite
    [2010/03/03 15:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\PC Suite
    [2010/09/03 16:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Research In Motion
    [2009/11/11 18:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\SmartDraw
    [2010/08/24 12:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Sony
    [2010/08/24 12:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Subversion
    [2010/06/14 16:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\TeamViewer
    [2009/12/14 12:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\TuneUp Software
    [2010/01/13 10:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\VSRevoGroup
    [2009/04/07 00:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Windows Desktop Search
    [2009/04/15 10:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Windows Search
    [2010/05/21 14:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Xilisoft

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2010/07/22 13:20:09 | 000,001,024 | ---- | M] () -- C:\.rnd
    [2010/07/14 13:22:48 | 000,066,548 | ---- | M] () -- C:\aaw7boot.log
    [2010/02/02 11:12:05 | 000,000,028 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2010/09/13 13:55:28 | 000,000,210 | ---- | M] () -- C:\Boot.bak
    [2010/09/28 12:06:56 | 000,000,327 | RHS- | M] () -- C:\boot.ini
    [2008/04/14 02:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
    [2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
    [2010/09/28 17:21:54 | 000,027,737 | ---- | M] () -- C:\ComboFix.txt
    [2008/06/20 14:53:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2009/04/07 03:58:21 | 000,005,936 | RH-- | M] () -- C:\dell.sdr
    [2010/01/08 13:01:58 | 000,000,000 | ---- | M] () -- C:\EBSSetupLog.txt
    [2009/04/24 12:49:00 | 001,257,472 | ---- | M] () -- C:\etiquetaspeinado.mdb
    [2008/06/20 14:53:34 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
    [2008/06/20 14:53:34 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
    [2008/04/14 02:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
    [2008/04/14 02:00:00 | 000,251,168 | RHS- | M] () -- C:\ntldr
    [2010/09/29 09:09:34 | 2682,257,408 | -HS- | M] () -- C:\pagefile.sys
    [2009/04/24 12:48:19 | 000,262,144 | ---- | M] (Laptop) -- C:\PEINADO.exe
    [2010/05/21 12:44:09 | 003,932,184 | ---- | M] () -- C:\snp2sxp-001.raw
    [2010/08/20 09:25:04 | 000,000,000 | ---- | M] () -- C:\to8.1

    < %systemroot%\Fonts\*.com >
    [2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
    [2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
    [2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
    [2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2010/05/28 13:58:54 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    [2009/10/23 11:18:14 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HP1100PP.dll
    [2004/12/14 12:26:34 | 000,049,152 | R--- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL
    [2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
    [2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >
    [2009/07/10 13:55:22 | 000,307,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >
    [2009/08/31 12:03:31 | 000,001,722 | -H-- | M] () -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Microsoft\LastFlashConfig.WFC

    < %PROGRAMFILES%\*.* >
    [2009/04/07 20:15:00 | 000,254,083 | ---- | M] (AhnLab, Inc.) -- C:\Archivos de programa\aossdk.dll
    [2009/03/25 10:52:00 | 000,248,568 | ---- | M] (AhnLab, Inc.) -- C:\Archivos de programa\ASPLnchr.exe
    [2002/10/01 20:11:48 | 000,358,963 | ---- | M] () -- C:\Archivos de programa\binkw32.dll
    [2009/03/25 10:52:00 | 000,087,536 | ---- | M] (AhnLab, Inc.) -- C:\Archivos de programa\bz32ex.dll
    [2002/06/18 10:11:22 | 000,163,088 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\dbghelp.dll
    [2009/09/13 00:42:34 | 000,010,200 | ---- | M] () -- C:\Archivos de programa\dinput.dll
    [2003/04/23 11:37:50 | 000,000,898 | ---- | M] () -- C:\Archivos de programa\FORMAT.CFG
    [2002/10/01 20:11:48 | 000,230,455 | ---- | M] (RAD Game Tools, Inc.) -- C:\Archivos de programa\granny2.dll
    [2009/04/07 16:08:42 | 000,046,205 | ---- | M] () -- C:\Archivos de programa\IFU6AE3.inf
    [2004/11/17 07:29:44 | 000,041,844 | ---- | M] () -- C:\Archivos de programa\IFU7A.inf
    [2009/04/07 16:17:54 | 000,046,009 | ---- | M] () -- C:\Archivos de programa\IFUD97D.inf
    [2001/03/21 06:35:26 | 000,372,736 | ---- | M] (Intel Corporation) -- C:\Archivos de programa\ijl15.dll
    [2005/06/21 06:58:06 | 000,188,416 | ---- | M] () -- C:\Archivos de programa\lua.exe
    [2009/07/08 03:12:20 | 001,156,600 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\mfc90.dll
    [2009/07/08 03:12:20 | 001,162,744 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\mfc90u.dll
    [2009/07/08 03:12:20 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\mfcm90.dll
    [2009/07/08 03:12:20 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\mfcm90u.dll
    [2006/12/01 22:03:36 | 000,001,869 | R--- | M] () -- C:\Archivos de programa\Microsoft.VC80.CRT.manifest
    [2009/07/08 03:12:20 | 000,000,524 | ---- | M] () -- C:\Archivos de programa\Microsoft.VC90.CRT.manifest
    [2009/07/08 03:12:20 | 000,000,548 | ---- | M] () -- C:\Archivos de programa\Microsoft.VC90.MFC.manifest
    [2002/07/06 09:16:02 | 000,125,952 | ---- | M] () -- C:\Archivos de programa\Mp3dec.asi
    [2001/03/31 08:41:26 | 000,346,624 | ---- | M] () -- C:\Archivos de programa\Mss32.dll
    [2002/07/06 09:16:02 | 000,062,976 | ---- | M] () -- C:\Archivos de programa\Mssfast.m3d
    [2006/12/02 06:22:52 | 000,479,232 | R--- | M] (Microsoft Corporation) -- C:\Archivos de programa\msvcm80.dll
    [2009/07/08 03:12:20 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\msvcm90.dll
    [2004/12/28 10:35:26 | 000,401,462 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\msvcp60.dll
    [2006/12/01 22:03:36 | 000,548,864 | R--- | M] (Microsoft Corporation) -- C:\Archivos de programa\msvcp80.dll
    [2009/07/08 03:12:20 | 000,568,832 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\msvcp90.dll
    [2006/12/01 22:03:36 | 000,626,688 | R--- | M] (Microsoft Corporation) -- C:\Archivos de programa\msvcr80.dll
    [2009/07/08 03:12:20 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\msvcr90.dll
    [2002/06/21 21:39:06 | 000,061,952 | ---- | M] () -- C:\Archivos de programa\NPCHK.DLL
    [2003/04/23 11:37:50 | 000,055,296 | ---- | M] (INCA Internet Co., Ltd) -- C:\Archivos de programa\NPCIPHER.DLL
    [2005/02/01 12:55:40 | 000,233,555 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Archivos de programa\npkcrypt.dll
    [2005/02/01 12:55:40 | 000,021,442 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Archivos de programa\npkcrypt.sys
    [2005/02/01 12:55:40 | 000,018,562 | ---- | M] () -- C:\Archivos de programa\npkcrypt.vxd
    [2005/02/01 12:55:40 | 000,037,009 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Archivos de programa\npkcusb.sys
    [2003/05/20 14:04:26 | 000,081,920 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Archivos de programa\npkeysdk.dll
    [2005/02/01 12:55:40 | 000,053,248 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Archivos de programa\npkpdb.dll
    [2002/06/21 21:39:12 | 000,031,744 | ---- | M] (incainternet) -- C:\Archivos de programa\NPPSK.DLL
    [2004/11/15 11:52:02 | 000,278,619 | ---- | M] ((C) INCA ) -- C:\Archivos de programa\NPSCAN.DES
    [2001/04/15 08:20:00 | 000,156,672 | ---- | M] ((c) 1999-2002 INCA Internet co., Ltd.) -- C:\Archivos de programa\npupdate.dll
    [2003/04/23 11:37:50 | 000,164,864 | ---- | M] (INCA Internet co., Ltd.) -- C:\Archivos de programa\NPUPDATE0.DLL
    [2003/06/17 11:33:26 | 000,126,976 | ---- | M] (INCA Internet, Inc) -- C:\Archivos de programa\NPX.DLL
    [2009/04/21 18:08:12 | 000,019,577 | ---- | M] () -- C:\Archivos de programa\patch2.txt
    [2005/03/28 15:24:52 | 000,000,051 | ---- | M] () -- C:\Archivos de programa\patch4.txt
    [2009/06/10 10:14:58 | 000,016,603 | ---- | M] () -- C:\Archivos de programa\patch5.txt
    [2009/04/07 20:14:40 | 000,000,005 | R--- | M] () -- C:\Archivos de programa\patch_allow.txt
    [2009/03/25 10:52:00 | 000,417,937 | ---- | M] (AhnLab, Inc.) -- C:\Archivos de programa\suipre.dll
    [2003/03/26 10:44:04 | 000,009,774 | ---- | M] () -- C:\Archivos de programa\tipOfTheDay.txt
    [2009/03/25 10:52:00 | 000,131,201 | ---- | M] (AhnLab, Inc.) -- C:\Archivos de programa\v3hunt.dll
    [1 C:\Archivos de programa\*.tmp files -> C:\Archivos de programa\*.tmp -> ]

    < %APPDATA%\Update\*.* >

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >
    [2010/05/28 05:20:59 | 003,420,160 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2010/05/28 12:30:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\config\sam.sav
    [2010/05/28 12:30:50 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
    [2010/05/28 08:42:34 | 065,236,992 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2010/05/28 08:42:34 | 009,175,040 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2009/04/14 11:27:25 | 000,000,132 | -HS- | M] () -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Microsoft\Internet Explorer\Quick Launch\desktop.ini
    [2008/06/20 14:57:24 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\Datos de programa\Microsoft\Internet Explorer\Quick Launch\Mostrar escritorio.scf

    < %USERPROFILE%\Desktop\*.exe >

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >

    < %systemroot%\ADDINS\*.* >
    [2008/04/14 07:00:00 | 000,000,807 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox*.exe >

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

  5. #35
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    < &#37;USERPROFILE%\Favorites\*.url /x >

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >

    < %systemroot%\system32\drivers\*.rmv >

    < dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

    < dir /b "%systemroot%\*.exe" | find /i " " /c >

    < %PROGRAMFILES%\Microsoft\*.* >

    < %systemroot%\System32\Wbem\proquota.exe >

    < %PROGRAMFILES%\Mozilla Firefox\*.dat >

    < %USERPROFILE%\Cookies\*.txt /x >
    [2010/09/29 09:21:00 | 000,196,608 | ---- | M] () -- C:\Documents and Settings\Fernando Pliego\Cookies\index.dat

    < %SystemRoot%\system32\fonts\*.* >

    < %systemroot%\system32\winlog\*.* >

    < %systemroot%\system32\Language\*.* >

    < %systemroot%\system32\Settings\*.* >

    < %systemroot%\system32\*.quo >

    < %SYSTEMROOT%\AppPatch\*.exe >

    < %SYSTEMROOT%\inf\*.exe >
    [2007/06/29 12:04:56 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe
    [1 C:\WINDOWS\inf\*.tmp files -> C:\WINDOWS\inf\*.tmp -> ]

    < %SYSTEMROOT%\Installer\*.exe >

    < %systemroot%\system32\config\*.bak2 >

    < %systemroot%\system32\Computers\*.* >

    < %SystemRoot%\system32\Sound\*.* >

    < %SystemRoot%\system32\SpecialImg\*.* >

    < %SystemRoot%\system32\code\*.* >

    < %SystemRoot%\system32\draft\*.* >

    < %SystemRoot%\system32\MSSSys\*.* >

    < %ProgramFiles%\Javascript\*.* >

    < %systemroot%\pchealth\helpctr\System\*.exe /s >

    < %systemroot%\Web\*.exe >

    < %systemroot%\system32\msn\*.* >

    < %systemroot%\system32\*.tro >

    < %AppData%\Microsoft\Installer\msupdates\*.* >

    < %ProgramFiles%\Messenger\*.* >
    [2008/04/14 07:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Messenger\custsat.dll
    [2007/04/03 06:37:24 | 000,004,821 | ---- | M] () -- C:\Archivos de programa\Messenger\logowin.gif
    [2007/04/03 06:37:24 | 000,007,047 | ---- | M] () -- C:\Archivos de programa\Messenger\lvback.gif
    [2008/05/02 09:01:55 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Messenger\msgsc.dll
    [2008/04/14 06:00:30 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Messenger\msgslang.dll
    [2008/04/14 14:49:06 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Messenger\msmsgs.exe
    [2007/04/03 06:37:24 | 000,002,882 | ---- | M] () -- C:\Archivos de programa\Messenger\newalert.wav
    [2007/04/03 06:37:24 | 000,006,156 | ---- | M] () -- C:\Archivos de programa\Messenger\newemail.wav
    [2007/04/03 06:37:26 | 000,006,160 | ---- | M] () -- C:\Archivos de programa\Messenger\online.wav
    [2007/04/03 06:37:28 | 000,004,454 | ---- | M] () -- C:\Archivos de programa\Messenger\type.wav
    [2007/01/24 18:38:00 | 000,126,477 | ---- | M] () -- C:\Archivos de programa\Messenger\xpmsgr.chm

    < %systemroot%\system32\systhem32\*.* >

    < %systemroot%\system\*.exe >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-16 14:27:29


    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 828 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:35E5AF34
    @Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:6866BFC2
    @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:16E59159
    < End of report >

  6. #36
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138

    EXTRAS

    OTL Extras logfile created on: 29/09/2010 09:22:58 a.m. - Run 1
    OTL by OldTimer - Version 3.2.1.2 Folder = C:\Documents and Settings\Fernando Pliego\Escritorio
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 38.00% Memory free
    4.00 Gb Paging File | 3.00 Gb Available in Paging File | 73.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2558 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
    Drive C: | 148.96 Gb Total Space | 27.62 Gb Free Space | 18.54% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    Drive G: | 54.75 Mb Total Space | 46.47 Mb Free Space | 84.88% Space Free | Partition Type: FAT
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
    Drive R: | 465.76 Gb Total Space | 329.02 Gb Free Space | 70.64% Space Free | Partition Type: NTFS

    Computer Name: SERVIDORAV
    Current User Name: Fernando Pliego
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 14 Days
    Output = Standard
    Quick Scan

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- "C:\Archivos de programa\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Archivos de programa\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "3389:TCP" = 3389:TCP:*isabled:@xpsp2res.dll,-22009
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "3389:TCP" = 3389:TCP:*isabled:@xpsp2res.dll,-22009
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Archivos de programa\Windows Live\Sync\WindowsLiveSync.exe" = C:\Archivos de programa\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Archivos de programa\Java\jre6\bin\javaw.exe" = C:\Archivos de programa\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
    "C:\Archivos de programa\Windows Live\Sync\WindowsLiveSync.exe" = C:\Archivos de programa\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
    "C:\Archivos de programa\Look@LAN\LookAtHost.exe" = C:\Archivos de programa\Look@LAN\LookAtHost.exe:*:Enabled:Look@HOST -- (Carlo Medas)
    "C:\Archivos de programa\Look@LAN\LookAtLan.exe" = C:\Archivos de programa\Look@LAN\LookAtLan.exe:*:Enabled:Look@LAN -- (Carlo Medas)

  7. #37
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
    "{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
    "{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
    "{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
    "{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
    "{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppP1100P1560P1600SeriesLaserJetService
    "{0F02451C-9373-4EF4-B3E7-D7A25CF4752E}" = BlackBerry v4.2.2 para el dispositivo inalámbrico de la serie 8830
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
    "{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
    "{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
    "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
    "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
    "{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
    "{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
    "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
    "{1A772F15-B3FE-381A-BD29-82A78096B720}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4418
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Herramienta de carga de Windows Live
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{25F6A201-C40C-4669-936D-473877CFEB4C}" = GalerÃ*a fotográfica de Windows Live
    "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
    "{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
    "{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
    "{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
    "{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
    "{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
    "{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
    "{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{38A0481D-544D-4C01-BB32-39332391D012}" = Windows Live Call
    "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3BB19A2B-B9C5-3872-8FDF-3047CC9F9841}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
    "{3C1AE512-3C37-44FA-BA42-ABB721EC5B1D}" = Symantec Endpoint Protection
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3F6FF1E6-4364-402C-B915-FA1A40016DFA}" = Windows Live Toolbar
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
    "{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
    "{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
    "{49058C21-E4F6-4A99-B715-D62715E0A2A2}" = Vegas Pro 9.0
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
    "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
    "{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
    "{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
    "{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
    "{522C39C5-F781-49E5-AE1D-FE8A16B1A61A}" = Subversion
    "{5668914A-431C-4910-94E7-F6673615B538}" = Windows Presentation Foundation Language Pack (ESN)
    "{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
    "{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
    "{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
    "{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
    "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
    "{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
    "{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
    "{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
    "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
    "{6D85245E-D324-4EE4-87FD-9FBF4EC3F6B1}" = Symantec Endpoint Protection Manager
    "{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
    "{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
    "{72CBC468-82F9-48F8-B5B0-3300387E41AA}" = Nokia Ovi Suite Software Updater
    "{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
    "{7593234B-2AEB-4FC9-B02D-C9B30D86084C}" = Windows Live Asistente para el inicio de sesión
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
    "{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
    "{79166E9D-4D2B-405A-B8F5-B43E0C795FF2}" = Local Cooling Setup
    "{83169D43-4660-4347-BC95-E9D6E6BE65CE}" = Microsoft .NET Framework 1.1 Spanish Language Pack
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
    "{853F464A-B2B8-404E-BA3E-B98FF6862C41}" = hppusgP1100P1560P1600Series
    "{85AC0FFA-643D-3103-9310-7086ECB0C36C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN
    "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
    "{88253B77-33C9-4A9D-9E4C-4579E39D9158}" = Diagnostics Utility
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
    "{8F94D5AC-C1C6-432D-8924-2F5EEBC28446}" = Windows Live Essentials
    "{90140000-0010-0C0A-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Spanish) 14
    "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{90140000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2010
    "{90140000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2010
    "{90140000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2010
    "{90140000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2010
    "{90140000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2010
    "{90140000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2010
    "{90140000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2010
    "{90140000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2010
    "{90140000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2010
    "{90140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
    "{90140000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2010
    "{90140000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2010
    "{90140000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2010
    "{90140000-00B4-0C0A-0000-0000000FF1CE}" = Microsoft Office Project MUI (Spanish) 2010
    "{90140000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2010
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92E4A65F-7007-3357-A69A-167F71A337BD}" = Microsoft .NET Framework 3.5 Language Pack SP1 - esn
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95120000-0122-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{953D4586-9A16-495E-BA1F-EE5AA66604DB}" = Windows Live Sync
    "{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}" = USB 2.0 WLAN inalámbrica
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
    "{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
    "{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
    "{AC76BA86-1033-F400-7761-000000000004}_932" = Adobe Acrobat 9.3.2 - CPSID_53951
    "{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
    "{AC76BA86-7AD7-1034-7B44-A93000000001}" = Adobe Reader 9.3.3 - Español
    "{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
    "{AEEB3643-71DE-414d-9E3F-1159177FE211}" = Office Animation Runtime
    "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
    "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
    "{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
    "{B8583CB3-8ABE-407E-8BC6-F9A83EAC9133}" = Windows Live Writer
    "{B8AA4C60-2436-11D5-9687-0010B55C4F65}" = ASPEL - SAE 3.0
    "{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
    "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
    "{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN
    "{BEC001F9-0451-4396-92D7-E1A4E7854BF3}" = Windows Live Mail
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
    "{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
    "{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
    "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
    "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CFC9F871-7C40-40B6-BE4A-B98A5B309716}" = Adobe Flash Professional CS5
    "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
    "{D043E0F8-5EFA-4102-A863-08F39D9DF2F4}" = Nokia Software Updater
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
    "{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
    "{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
    "{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
    "{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
    "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
    "{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
    "{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
    "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
    "{EBDFE185-7DDD-4687-9EBA-1B24FF7FF496}" = Microsoft .NET Framework 3.0 Spanish Language Pack
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F2FFEEAA-0B48-4342-9B67-12ABB0B58F24}" = Windows Live Messenger
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
    "{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
    "{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
    "{FEE84D71-7FF0-46C1-AED4-1BD821D53A9F}" = VMware Server
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "05B59228C7E1C21DFBE89260F879BD95880548D8" = Paquete de controladores de Windows - Nokia Modem (10/05/2009 4.2)
    "504244733D18C8F63FF584AEB290E3904E791693" = Paquete de controladores de Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
    "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Paquete de controladores de Windows - Nokia Modem (06/01/2009 7.01.0.4)
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "CNXT_MODEM_PCI_HSF" = Conexant D850 PCI V.92 Modem
    "CobBackup10" = Cobian Backup 10
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Crystal32 Fix" = Crystal32 Fix
    "Defraggler" = Defraggler
    "FTDICOMM" = FTDI USB Serial Converter Drivers
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie8" = Windows Internet Explorer 8
    "ImgBurn" = ImgBurn
    "InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
    "LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
    "Look@LAN_1.0" = Look@LAN 2.50 Build 35
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Messenger Plus! Live" = Messenger Plus! Live
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.0 Spanish Language Pack" = Paquete de idioma para español de Microsoft .NET Framework 3.0
    "Microsoft .NET Framework 3.5 Language Pack SP1 - esn" = Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
    "Microsoft SQL Server 10" = Microsoft SQL Server 2008
    "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
    "Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
    "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
    "Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
    "Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
    "Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
    "Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
    "Netnotep_is1" = Network Notepad 4.6.6
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "Nokia Ovi Suite" = Nokia Ovi Suite
    "Nokia PC Suite" = Nokia PC Suite
    "Office14.PRJPRO" = Microsoft Project Professional 2010
    "Office14.PROPLUS" = Microsoft Office Professional Plus 2010
    "Quick Batch File Compiler_is1" = Quick Batch File Compiler 3.2.8.0
    "Revo Uninstaller" = Revo Uninstaller 1.89
    "Setup Factory 8.0 Trial" = Setup Factory 8.0 Trial
    "ST6UNST #1" = Etiquetas de peinado PMM v1.1
    "SystemRequirementsLab" = System Requirements Lab
    "TeamViewer 5" = TeamViewer 5
    "The KMPlayer" = The KMPlayer (remove only)
    "VirtualCloneDrive" = VirtualCloneDrive
    "Visual Basic 6.0 Edición profesional (esp)" = Microsoft Visual Basic 6.0 Edición profesional (Español)
    "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    "WebPost" = Asistente para la publicación en Web 1.53 de Microsoft
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Reproductor de Windows Media 11
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "WinRAR archiver" = WinRAR archiver
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate 6
    "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
    "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "CursorFX Plus" = CursorFX Plus
    "Google Chrome" = Google Chrome

  8. #38
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 28/09/2010 07:18:06 p.m. | Computer Name = SERVIDORAV | Source = crypt32 | ID = 131080
    Description = Error en la recuperación de actualización automática del número de
    secuencia de la lista raÃ*z de terceros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
    con el error: The server name or address could not be resolved

    Error - 28/09/2010 07:19:09 p.m. | Computer Name = SERVIDORAV | Source = Application Error | ID = 1000
    Description = Aplicación con errores: otl.exe, versión: 3.2.14.1, módulo con error:
    kernel32.dll, versión 5.1.2600.5781, dirección de error 0x00012afb.

    Error - 28/09/2010 07:24:04 p.m. | Computer Name = SERVIDORAV | Source = Application Error | ID = 1000
    Description = Aplicación con errores: otl.exe, versión: 3.2.14.1, módulo con error:
    kernel32.dll, versión 5.1.2600.5781, dirección de error 0x00012afb.

    Error - 28/09/2010 07:33:02 p.m. | Computer Name = SERVIDORAV | Source = Application Error | ID = 1000
    Description = Aplicación con errores: otl (1).exe, versión: 3.2.14.1, módulo con
    error: kernel32.dll, versión 5.1.2600.5781, dirección de error 0x00012afb.

    Error - 28/09/2010 07:46:33 p.m. | Computer Name = SERVIDORAV | Source = Application Error | ID = 1000
    Description = Aplicación con errores: otl.exe, versión: 3.2.14.1, módulo con error:
    kernel32.dll, versión 5.1.2600.5781, dirección de error 0x00012afb.

    Error - 28/09/2010 07:47:12 p.m. | Computer Name = SERVIDORAV | Source = Application Error | ID = 1000
    Description = Aplicación con errores: otl.exe, versión: 3.2.14.1, módulo con error:
    kernel32.dll, versión 5.1.2600.5781, dirección de error 0x00012afb.

    Error - 28/09/2010 07:47:25 p.m. | Computer Name = SERVIDORAV | Source = Application Error | ID = 1000
    Description = Aplicación con errores: otl.exe, versión: 3.2.14.1, módulo con error:
    kernel32.dll, versión 5.1.2600.5781, dirección de error 0x00012afb.

    Error - 28/09/2010 07:57:16 p.m. | Computer Name = SERVIDORAV | Source = Application Error | ID = 1000
    Description = Aplicación con errores: otl.exe, versión: 3.2.14.1, módulo con error:
    kernel32.dll, versión 5.1.2600.5781, dirección de error 0x00012afb.

    Error - 28/09/2010 08:03:09 p.m. | Computer Name = SERVIDORAV | Source = Application Error | ID = 1000
    Description = Aplicación con errores: otl.exe, versión: 3.2.14.1, módulo con error:
    kernel32.dll, versión 5.1.2600.5781, dirección de error 0x00012afb.

    Error - 28/09/2010 08:15:42 p.m. | Computer Name = SERVIDORAV | Source = Application Error | ID = 1000
    Description = Aplicación con errores: broni.exe, versión: 3.2.14.1, módulo con error:
    kernel32.dll, versión 5.1.2600.5781, dirección de error 0x00012afb.

    [ Cobian Backup Boletus VSC Service Events ]
    Error - 03/06/2010 10:31:42 a.m. | Computer Name = SERVIDORAV | Source = Cobian Backup Boletus VSC Service | ID = 0
    Description = The provider returned an unexpected error code.

    Error - 25/06/2010 03:00:20 a.m. | Computer Name = SERVIDORAV | Source = Cobian Backup Boletus VSC Service | ID = 0
    Description = The provider returned an unexpected error code.

    Error - 02/08/2010 07:43:52 p.m. | Computer Name = SERVIDORAV | Source = Cobian Backup Boletus VSC Service | ID = 0
    Description = The provider returned an unexpected error code.

    Error - 03/08/2010 03:03:13 p.m. | Computer Name = SERVIDORAV | Source = Cobian Backup Boletus VSC Service | ID = 0
    Description = The provider returned an unexpected error code.

    Error - 04/08/2010 03:11:43 p.m. | Computer Name = SERVIDORAV | Source = Cobian Backup Boletus VSC Service | ID = 0
    Description = The provider returned an unexpected error code.

    Error - 05/08/2010 03:07:36 p.m. | Computer Name = SERVIDORAV | Source = Cobian Backup Boletus VSC Service | ID = 0
    Description = The provider returned an unexpected error code.

    Error - 06/08/2010 03:05:24 p.m. | Computer Name = SERVIDORAV | Source = Cobian Backup Boletus VSC Service | ID = 0
    Description = The provider returned an unexpected error code.

    Error - 07/08/2010 03:01:16 p.m. | Computer Name = SERVIDORAV | Source = Cobian Backup Boletus VSC Service | ID = 0
    Description = The provider returned an unexpected error code.

    [ System Events ]
    Error - 28/09/2010 08:09:28 p.m. | Computer Name = SERVIDORAV | Source = Service Control Manager | ID = 7034
    Description = El servicio Intel(R) Matrix Storage Event Monitor se terminó de manera
    inesperada. Esto ha sucedido 1 veces.

    Error - 28/09/2010 08:12:11 p.m. | Computer Name = SERVIDORAV | Source = Service Control Manager | ID = 7000
    Description = El servicio adfs no pudo iniciarse debido al siguiente error: %%2

    Error - 28/09/2010 08:12:11 p.m. | Computer Name = SERVIDORAV | Source = Service Control Manager | ID = 7023
    Description = El servicio HID Input Service terminó con el error: %%126

    Error - 28/09/2010 08:12:11 p.m. | Computer Name = SERVIDORAV | Source = Service Control Manager | ID = 7000
    Description = El servicio TuneUp Utilities Service no pudo iniciarse debido al siguiente
    error: %%3

    Error - 28/09/2010 08:12:21 p.m. | Computer Name = SERVIDORAV | Source = DCOM | ID = 10005
    Description = DCOM ha obtenido un error "%1058" al intentar iniciar el servicio
    MDM con argumentos "" para ejecutar el servidor: {0C0A3666-30C9-11D0-8F20-00805F2CD064}

    Error - 29/09/2010 10:10:36 a.m. | Computer Name = SERVIDORAV | Source = Service Control Manager | ID = 7000
    Description = El servicio adfs no pudo iniciarse debido al siguiente error: %%2

    Error - 29/09/2010 10:10:36 a.m. | Computer Name = SERVIDORAV | Source = Service Control Manager | ID = 7023
    Description = El servicio HID Input Service terminó con el error: %%126

    Error - 29/09/2010 10:10:36 a.m. | Computer Name = SERVIDORAV | Source = Service Control Manager | ID = 7000
    Description = El servicio TuneUp Utilities Service no pudo iniciarse debido al siguiente
    error: %%3

    Error - 29/09/2010 10:13:33 a.m. | Computer Name = SERVIDORAV | Source = DCOM | ID = 10005
    Description = DCOM ha obtenido un error "%1058" al intentar iniciar el servicio
    MDM con argumentos "" para ejecutar el servidor: {0C0A3666-30C9-11D0-8F20-00805F2CD064}

    Error - 29/09/2010 10:21:38 a.m. | Computer Name = SERVIDORAV | Source = DCOM | ID = 10005
    Description = DCOM ha obtenido un error "%1058" al intentar iniciar el servicio
    MDM con argumentos "" para ejecutar el servidor: {0C0A3666-30C9-11D0-8F20-00805F2CD064}


    < End of report >

  9. #39
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    JavaRa 1.16 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Wed Sep 29 09:51:00 2010

    Found and removed: C:\Documents and Settings\Fernando Pliego\Datos de programa\Sun\Java\jre1.6.0_11

    Found and removed: C:\Documents and Settings\Fernando Pliego\Datos de programa\Sun\Java\jre1.6.0_13

    Found and removed: C:\Documents and Settings\Fernando Pliego\Datos de programa\Sun\Java\jre1.6.0_15

    Found and removed: C:\Documents and Settings\Fernando Pliego\Datos de programa\Sun\Java\jre1.6.0_20

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

    Found and removed: Software\JavaSoft\Java2D\1.5.0_15

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

    JavaRa 1.16 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Wed Sep 29 09:51:54 2010

    ------------------------------------

    Finished reporting.



    JavaRa 1.16 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Wed Sep 29 09:52:06 2010

    ------------------------------------

    Finished reporting.

  10. #40
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138

  11. #41
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    yeeeiiii !!!

    Thats all ^_^

    The only left thing to check is the OTL log

    Thx Broni C:

  12. #42
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Did you update Java, because OTL log still shows ver. 20?

    ===============================================================

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      [1 C:\Archivos de programa\*.tmp files -> C:\Archivos de programa\*.tmp -> ]
      @Alternate Data Stream - 828 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:35E5AF34
      @Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:6866BFC2
      @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:16E59159
      
      
      :Services
      
      :Reg
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring" =-
      
      :Files
      
      :Commands
      [purity]
      [emptytemp]
      [emptyflash]
      [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.


    =================================================================

    Your computer is clean

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

    Run OTL

    • Under the Custom Scans/Fixes box at the bottom, paste in the following:


    Code:
    :OTL
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post resulting log.


    2. Now, we'll remove all tools, we used during our cleaning process

    Clean up with OTL:

    • Double-click OTL.exe to start the program.
    • Close all other programs apart from OTL as this step will require a reboot
    • On the OTL main screen, press the CLEANUP button
    • Say Yes to the prompt and then allow the program to reboot your computer.


    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

    3. Make sure, Windows Updates are current.

    4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    7. Run Temporary File Cleaner (TFC) weekly.

    8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    10. Run defrag at your convenience.

    11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    12. Please, let me know, how is your computer doing.

  13. #43
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    Yeah, I updated.
    In Add/Remove Programs i have the Java(TM) 6 Update 21

    I have a big problem with the manager of the antivirus, it doesnt connect to the network :/

    The best thing is call to the technician of Norton to check this issue

  14. #44
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    All processes killed
    ========== OTL ==========
    Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
    Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
    C:\Archivos de programa\_if10E.tmp deleted successfully.
    ADS C:\Documents and Settings\All Users\Datos de programa\TEMP:35E5AF34 deleted successfully.
    ADS C:\Documents and Settings\All Users\Datos de programa\TEMP:6866BFC2 deleted successfully.
    ADS C:\Documents and Settings\All Users\Datos de programa\TEMP:16E59159 deleted successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring deleted successfully.
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrador
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Administrador.DF2T5PJ1
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Fernando Pliego
    ->Temp folder emptied: 3213473 bytes
    ->Temporary Internet Files folder emptied: 15053819 bytes
    ->Java cache emptied: 2027 bytes
    ->Google Chrome cache emptied: 39817778 bytes
    ->Flash cache emptied: 615 bytes

    User: Invitado
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Google Chrome cache emptied: 0 bytes

    User: LocalService.NT AUTHORITY
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService.NT AUTHORITY
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    &#37;systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 8867626 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 64.00 mb


    [EMPTYFLASH]

    User: Administrador

    User: Administrador.DF2T5PJ1
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Fernando Pliego
    ->Flash cache emptied: 0 bytes

    User: Invitado

    User: LocalService

    User: LocalService.NT AUTHORITY

    User: NetworkService

    User: NetworkService.NT AUTHORITY

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.1.2 log created on 09292010_170227

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\asat0000.tmp scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\temp\hlktmp scheduled to be moved on reboot.
    C:\WINDOWS\temp\Perflib_Perfdata_994.dat moved successfully.
    C:\WINDOWS\temp\vminst.log moved successfully.
    C:\WINDOWS\temp\vmware-serverd.log moved successfully.

    Registry entries deleted on Reboot...

  15. #45
    Join Date
    Apr 2010
    Location
    Mexico DF
    Posts
    138
    All processes killed
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrador
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Administrador.DF2T5PJ1
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Fernando Pliego
    ->Temp folder emptied: 588343 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->Google Chrome cache emptied: 6539176 bytes
    ->Flash cache emptied: 0 bytes

    User: Invitado
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Google Chrome cache emptied: 0 bytes

    User: LocalService.NT AUTHORITY
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService.NT AUTHORITY
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    &#37;systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 9258828 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 16.00 mb


    [EMPTYFLASH]

    User: Administrador

    User: Administrador.DF2T5PJ1
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Fernando Pliego
    ->Flash cache emptied: 0 bytes

    User: Invitado

    User: LocalService

    User: LocalService.NT AUTHORITY

    User: NetworkService

    User: NetworkService.NT AUTHORITY

    Total Flash Files Cleaned = 0.00 mb

    Restore points cleared and new OTL Restore Point set!

    OTL by OldTimer - Version 3.2.1.2 log created on 09292010_171138

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\hlktmp scheduled to be moved on reboot.

    Registry entries deleted on Reboot...

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •