-
OTL 1st part
OTL logfile created on: 17/09/2010 09:09:32 a.m. - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Bruno\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 62.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 98.19 Gb Free Space | 65.92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7.45 Gb Total Space | 4.56 Gb Free Space | 61.13% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive R: | 149.05 Gb Total Space | 67.22 Gb Free Space | 45.10% Space Free | Partition Type: NTFS
Computer Name: INGENIERIA05
Current User Name: Bruno
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/09/17 09:05:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bruno\Desktop\OTL.exe
PRC - [2010/09/17 07:00:21 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Users\Bruno\AppData\Local\Temp\SolidWorksLicTemp.0001
PRC - [2010/07/19 11:37:26 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010/07/19 11:37:24 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Common Files\Symantec Shared\ccApp.exe
PRC - [2010/07/19 11:37:22 | 001,831,024 | ---- | M] (Symantec Corporation) -- C:\Archivos de programa\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010/07/13 10:53:20 | 003,152,384 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Archivos de programa\Cobian Backup 10\cbInterface.exe
PRC - [2010/07/13 10:53:18 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Archivos de programa\Cobian Backup 10\cbService.exe
PRC - [2010/07/13 10:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) -- C:\Archivos de programa\Cobian Backup 10\cbVSCService.exe
PRC - [2010/04/10 15:20:01 | 000,079,360 | ---- | M] (SolidWorks) -- C:\Archivos de programa\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
PRC - [2010/01/09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2009/11/09 21:57:54 | 000,099,896 | R--- | M] (HP) -- C:\Windows\System32\HPSIsvc.exe
PRC - [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/08/18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/13 20:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 20:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe
PRC - [2009/07/13 20:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009/06/24 10:57:04 | 000,136,704 | ---- | M] (HP) -- C:\Archivos de programa\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2008/09/09 06:01:34 | 000,841,000 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Archivos de programa\SolidWorks Corp\SolidWorks\swScheduler\swBOEngine.exe
PRC - [2004/12/14 02:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Archivos de programa\Adobe\Acrobat 7.0\Distillr\acrotray.exe
========== Modules (SafeList) ==========
MOD - [2010/09/17 09:05:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bruno\Desktop\OTL.exe
MOD - [2010/07/19 11:37:28 | 000,353,608 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\sysfer.dll
MOD - [2009/07/13 20:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 20:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 20:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 20:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 20:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 20:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 20:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 20:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 20:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 20:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/07/19 11:37:26 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/07/19 11:37:26 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010/07/19 11:37:22 | 001,881,368 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/07/19 11:37:22 | 001,831,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010/07/19 11:37:22 | 000,349,512 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/07/13 10:53:18 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) [Auto | Running] -- C:\Archivos de programa\Cobian Backup 10\cbService.exe -- (CobianBackup10)
SRV - [2010/07/13 10:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Archivos de programa\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
SRV - [2010/04/12 16:43:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/04/10 15:20:01 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Running] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/02/17 10:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010/01/09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/11/09 21:57:54 | 000,099,896 | R--- | M] (HP) [Auto | Running] -- C:\Windows\System32\HPSIsvc.exe -- (HPSIService)
SRV - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/13 20:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 20:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 20:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 20:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 20:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 20:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 20:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 20:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 20:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 20:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 20:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 20:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 20:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 20:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalador de ActiveX (AxInstSV)
SRV - [2009/07/13 20:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 20:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/06/24 10:57:04 | 000,136,704 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2008/09/09 06:01:32 | 000,079,144 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2005/09/23 07:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)
-
OTL 2nd part
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Bruno\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/09/02 13:06:08 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100916.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/02 13:06:08 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Archivos de programa\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/09/02 13:06:08 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100916.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/07/19 18:33:17 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Archivos de programa\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/07/19 18:04:07 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/19 11:37:26 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/07/19 11:37:26 | 000,283,184 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/07/19 11:37:26 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/07/19 11:37:26 | 000,043,336 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2010/07/19 11:37:24 | 000,097,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SYSTEM32\Drivers\SysPlant.sys -- (SysPlant)
DRV - [2010/07/19 11:37:24 | 000,067,472 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2010/07/19 11:37:16 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Archivos de programa\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2010/07/19 11:37:16 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/07/19 11:37:16 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2010/06/02 19:59:06 | 000,161,920 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wpshelper.sys -- (WpsHelper)
DRV - [2010/04/10 15:23:11 | 000,734,208 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/12/11 02:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/08/19 09:04:54 | 000,189,440 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2009/08/18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/13 20:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 20:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 20:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 20:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 20:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 20:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 20:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 20:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 20:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 20:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 20:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 20:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 20:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 20:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 20:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 20:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 20:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 20:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 20:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 20:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 20:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 20:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 20:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 20:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 20:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 20:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 20:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 20:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 20:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 20:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 20:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 20:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 20:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 20:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 19:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 19:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 19:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 19:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 18:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 18:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 18:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 18:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 18:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 18:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 18:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 18:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 18:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 18:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 18:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 18:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 18:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 18:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 18:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 17:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 17:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 17:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 17:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 17:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 17:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2009/07/13 17:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (VST_DPV)
DRV - [2009/07/13 17:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2009/07/13 17:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 17:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 17:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2007/03/30 14:41:54 | 012,033,024 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2sxp.sys -- (SNP2STD)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-mx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 88 7D EA 12 28 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
-
OTL 3th part
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7
FF - prefs.js..extensions.enabledItems: {BB080420-8088-F650-3D47-13799CCD6159}:1.33
FF - prefs.js..network.proxy.http: "206.64.92.16"
FF - prefs.js..network.proxy.http_port: 8000
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/09 14:41:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/09 14:41:08 | 000,000,000 | ---D | M]
[2010/07/20 08:55:30 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\mozilla\Extensions
[2010/09/15 11:30:01 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\mozilla\Firefox\Profiles\wudjiduz.default\extensions
[2010/08/24 16:49:45 | 000,000,000 | ---D | M] (Multiproxy Switch) -- C:\Users\Bruno\AppData\Roaming\mozilla\Firefox\Profiles\wudjiduz.default\extensions\{BB080420-8088-F650-3D47-13799CCD6159}
[2010/07/29 12:41:16 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Bruno\AppData\Roaming\mozilla\Firefox\Profiles\wudjiduz.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/07/20 08:55:09 | 000,000,000 | ---D | M] -- C:\Archivos de programa\Mozilla Firefox\extensions
[2010/06/26 02:47:12 | 000,003,996 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\drae.xml
[2010/06/26 02:47:12 | 000,000,751 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\eBay-es.xml
[2010/06/26 02:47:12 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\wikipedia-es.xml
[2010/06/26 02:47:12 | 000,001,102 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\yahoo-es.xml
O1 HOSTS File: ([2010/09/16 17:50:26 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Cobian Backup 10 Interface] C:\Program Files\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - Startup: C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Motor del Programador de tareas de SolidWorks.lnk = C:\Archivos de programa\SolidWorks Corp\SolidWorks\swScheduler\swBOEngine.exe (Dassault Systèmes SolidWorks Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
-
OTL 4th part
========== Files/Folders - Created Within 90 Days ==========
[2010/09/17 09:05:25 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Bruno\Desktop\OTL.exe
[2010/09/16 19:35:55 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\Sunshines
[2010/09/16 18:03:24 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/09/16 17:54:52 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/09/16 17:18:25 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/09/15 21:43:23 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\Sunshine 130x63704_1 - copia
[2010/09/15 21:42:30 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\Sunshine 130x63704_1
[2010/09/15 18:55:28 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\FLINX
[2010/09/15 09:25:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/09/15 09:25:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/09/15 09:25:40 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/09/15 09:25:25 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/09/15 09:24:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/09/14 11:01:49 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Etiquetas
[2010/09/13 17:14:08 | 000,000,000 | ---D | C] -- C:\Archivos de programa\LogoJet
[2010/09/13 14:09:27 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010/09/10 14:27:25 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\fotos
[2010/09/08 18:38:37 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Dados
[2010/09/08 18:30:53 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\InstallShield
[2010/09/08 14:48:42 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\Bastones
[2010/09/01 09:12:54 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Marcadora
[2010/08/31 16:10:53 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\LINX
[2010/08/30 16:33:09 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\Nueva carpeta
[2010/08/28 18:35:12 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\trif_mix
[2010/08/28 18:34:11 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\trif_mix - copia
[2010/08/28 18:33:19 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\trif_mix
[2010/08/28 16:16:03 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Synchronization Services
[2010/08/28 16:15:27 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/08/28 16:15:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Sync Framework
[2010/08/28 16:15:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft SQL Server Compact Edition
[2010/08/28 15:08:06 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\8. Office 2010
[2010/08/28 14:19:02 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Analysis Services
[2010/08/28 14:17:35 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/08/26 20:30:02 | 000,000,000 | ---D | C] -- C:\temp
[2010/08/26 13:08:47 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\Canon Inkjet iP1900 series
[2010/08/23 19:42:47 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Engranes
[2010/08/23 17:49:41 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Inventarios
[2010/08/23 11:44:23 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/08/23 10:51:29 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\Malwarebytes
[2010/08/23 10:50:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/08/23 10:50:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/08/23 10:50:57 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
[2010/08/23 10:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/19 17:36:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LOCALAPPDATA%
[2010/08/19 17:35:38 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010/08/12 19:14:55 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Fotos
[2010/08/09 13:39:42 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/08/09 13:39:37 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/08/09 13:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010/08/09 13:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\HPSSUPPLY
[2010/08/06 19:20:52 | 000,000,000 | ---D | C] -- C:\Archivos de programa\HP
[2010/08/06 19:20:18 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\HP
[2010/08/04 16:51:34 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Manuales
[2010/08/04 11:12:12 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Rockwell
[2010/08/04 09:25:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010/08/04 09:12:30 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Rockwell Software
[2010/08/03 10:46:32 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Silverlight
[2010/08/03 07:24:35 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\DassaultSystemes
[2010/08/03 07:24:35 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Local\DassaultSystemes
[2010/08/03 07:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DassaultSystemes
[2010/08/02 19:10:09 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Cobian Backup 10
[2010/08/02 19:03:43 | 015,427,584 | ---- | C] (Luis Cobian, CobianSoft) -- C:\Users\Bruno\Desktop\cbSetup.exe
[2010/07/30 16:16:47 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Espátulas
[2010/07/30 11:35:42 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\AdobeUM
[2010/07/30 10:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe Systems
[2010/07/30 10:14:54 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Adobe Systems Shared
[2010/07/30 10:06:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2010/07/29 14:38:50 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Local\Dassault_Systèmes_SolidWo
[2010/07/29 12:58:19 | 000,000,000 | ---D | C] -- C:\Windows\lhsp
[2010/07/29 12:58:14 | 000,000,000 | ---D | C] -- C:\Windows\msagent
[2010/07/29 12:57:50 | 000,000,000 | ---D | C] -- C:\Archivos de programa\TheLearningPit
[2010/07/29 12:41:51 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\WinRAR
[2010/07/27 16:12:28 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\SolidWorks 2009
[2010/07/26 15:35:52 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Curso
[2010/07/26 15:31:13 | 000,000,000 | --SD | C] -- C:\Users\Bruno\Documents\My Data Sources
[2010/07/26 13:25:10 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Local\Microsoft Help
[2010/07/24 13:18:37 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Base_pruebas
[2010/07/22 13:09:41 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Chillers
[2010/07/22 11:58:40 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Luminarias
[2010/07/22 10:53:17 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Outlook Files
[2010/07/20 19:07:40 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Calificaciones Norberto
[2010/07/20 16:07:06 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Cortadora
[2010/07/20 13:20:26 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Residuos peligrosos
[2010/07/20 13:14:19 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Desktop\Etiquetas de Residuos
[2010/07/20 10:43:55 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Trampas
[2010/07/20 08:55:20 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\Mozilla
[2010/07/20 08:55:20 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Local\Mozilla
[2010/07/20 08:55:07 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Mozilla Firefox
[2010/07/20 08:53:24 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\Macromedia
[2010/07/19 18:05:54 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Local\Symantec
[2010/07/19 18:05:46 | 000,161,920 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\wpshelper.sys
[2010/07/19 18:04:22 | 000,097,096 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SysPlant.sys
[2010/07/19 18:03:49 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/07/19 18:03:06 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Symantec Shared
[2010/07/19 18:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/07/19 18:03:06 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Symantec
[2010/07/19 16:35:36 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\Documentos Mauro
[2010/07/19 15:59:27 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Documents\CAD
[2010/07/19 15:47:44 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\IM
[2010/07/19 13:58:49 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\SolidWorks
[2010/07/19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\DWGeditor
[2010/07/19 13:22:21 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Local\Adobe
[2010/07/19 13:22:16 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\Adobe
[2010/07/19 13:18:43 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Documents\Documents
[2010/07/19 13:11:20 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Local\ElevatedDiagnostics
[2010/07/19 11:37:28 | 000,353,608 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\sysfer.dll
[2010/07/19 11:37:28 | 000,107,848 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\SymVPN.dll
[2010/07/19 11:37:28 | 000,087,368 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\FwsVpn.dll
[2010/07/19 11:37:26 | 000,320,944 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspl.sys
[2010/07/19 11:37:26 | 000,283,184 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\srtsp.sys
[2010/07/19 11:37:26 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspx.sys
[2010/07/19 11:37:26 | 000,043,336 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\WPSDRVnt.sys
[2010/07/19 11:37:24 | 000,067,472 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\Teefer2.sys
[2010/07/19 11:37:16 | 000,188,080 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symtdi.sys
[2010/07/19 11:37:16 | 000,145,968 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symfw.sys
[2010/07/19 11:37:16 | 000,039,856 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symids.sys
[2010/07/19 11:37:16 | 000,038,448 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symndisv.sys
[2010/07/19 11:37:16 | 000,026,416 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symredrv.sys
[2010/07/19 11:37:16 | 000,012,720 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symdns.sys
[2010/07/19 09:23:02 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Searches
[2010/07/19 09:22:53 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\Identities
[2010/07/19 09:22:50 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Contacts
[2010/07/19 09:22:40 | 000,000,000 | --SD | C] -- C:\Users\Bruno\AppData\Roaming\Microsoft
[2010/07/19 09:22:40 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Videos
[2010/07/19 09:22:40 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Saved Games
[2010/07/19 09:22:40 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Pictures
[2010/07/19 09:22:40 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Music
[2010/07/19 09:22:40 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Links
[2010/07/19 09:22:40 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Favorites
[2010/07/19 09:22:40 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Downloads
[2010/07/19 09:22:40 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Documents
[2010/07/19 09:22:40 | 000,000,000 | R--D | C] -- C:\Users\Bruno\Desktop
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\SendTo
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Reciente
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Plantillas
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Documents\Mis vÃ*deos
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Documents\Mis imágenes
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Mis documentos
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Documents\Mi música
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Menú Inicio
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Impresoras
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\AppData\Local\Historial
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Entorno de red
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Datos de programa
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\AppData\Local\Datos de programa
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Cookies
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\Configuración local
[2010/07/19 09:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Bruno\AppData\Local\Archivos temporales de Internet
[2010/07/19 09:22:40 | 000,000,000 | -H-D | C] -- C:\Users\Bruno\AppData
[2010/07/19 09:22:40 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Local\Temp
[2010/07/19 09:22:40 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Local\Microsoft
[2010/07/19 09:22:40 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\Media Center Programs
[2010/05/21 12:44:21 | 000,151,552 | ---- | C] ( ) -- C:\Windows\rsnp2std.dll
[2010/05/21 12:44:21 | 000,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll
-
OTL 5th part
========== Files - Modified Within 90 Days ==========
[2010/09/17 09:09:54 | 004,456,448 | -HS- | M] () -- C:\Users\Bruno\NTUSER.DAT
[2010/09/17 09:08:03 | 000,018,144 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/17 09:08:03 | 000,018,144 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/17 09:06:26 | 001,639,908 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/09/17 09:06:26 | 000,729,666 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2010/09/17 09:06:26 | 000,642,510 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/09/17 09:06:26 | 000,151,724 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2010/09/17 09:06:26 | 000,120,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/09/17 09:05:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bruno\Desktop\OTL.exe
[2010/09/17 06:59:41 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/17 06:59:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/17 06:59:23 | 1609,814,016 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/16 21:50:05 | 002,097,519 | -H-- | M] () -- C:\Users\Bruno\AppData\Local\IconCache.db
[2010/09/16 19:16:24 | 246,750,950 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/09/16 19:07:34 | 000,018,782 | ---- | M] () -- C:\Users\Bruno\Desktop\Trif_mix_1.pdf
[2010/09/16 17:55:10 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/09/16 17:50:26 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/09/16 17:17:33 | 003,846,241 | R--- | M] () -- C:\Users\Bruno\Desktop\ComboFix.exe
[2010/09/16 16:38:40 | 001,550,539 | ---- | M] () -- C:\Users\Bruno\Desktop\sunshine_1.job
[2010/09/16 14:27:27 | 003,932,184 | ---- | M] () -- C:\snp2sxp-001.raw
[2010/09/15 16:02:27 | 000,039,936 | ---- | M] () -- C:\Users\Bruno\Documents\Acuse de Recibo.doc
[2010/09/15 09:17:10 | 000,080,384 | ---- | M] () -- C:\Users\Bruno\Desktop\MBRCheck.exe
[2010/09/07 12:31:19 | 000,122,088 | ---- | M] () -- C:\Users\Bruno\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/09/07 12:18:52 | 000,433,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/09/07 12:01:10 | 000,000,536 | ---- | M] () -- C:\Windows\win.ini
[2010/09/06 16:02:38 | 000,525,824 | ---- | M] () -- C:\Users\Bruno\Desktop\dds.scr
[2010/09/06 16:01:28 | 000,293,376 | ---- | M] () -- C:\Users\Bruno\Desktop\5etmlxdc.exe
[2010/09/06 12:22:56 | 000,023,778 | ---- | M] () -- C:\Users\Bruno\Documents\Lista de daños_ Servin.xlsx
[2010/09/06 12:22:44 | 000,023,363 | ---- | M] () -- C:\Users\Bruno\Documents\Lista de daños_ Servin_DESC.xlsx
[2010/09/04 15:25:36 | 000,002,907 | ---- | M] () -- C:\Users\Bruno\Desktop\Microsoft Office Picture Manager.lnk
[2010/09/01 11:56:47 | 001,802,240 | ---- | M] () -- C:\Users\Bruno\Documents\Norberto.accdb
[2010/08/28 16:14:53 | 000,672,768 | ---- | M] () -- C:\Users\Bruno\Desktop\MicrosoftFixit50450(2).msi
[2010/08/28 16:14:19 | 000,672,768 | ---- | M] () -- C:\Users\Bruno\Desktop\MicrosoftFixit50450.msi
[2010/08/26 11:47:24 | 000,000,476 | RHS- | M] () -- C:\Users\Bruno\ntuser.pol
[2010/08/24 19:13:27 | 000,034,304 | ---- | M] () -- C:\Users\Bruno\Documents\Acuse de Recibo2.doc
[2010/08/23 11:56:14 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2010/08/23 11:56:13 | 000,002,453 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/08/23 10:53:56 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/23 10:51:10 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/18 23:40:51 | 000,000,000 | ---- | M] () -- C:\Users\Bruno\AppData\Local\Temptable.xml
[2010/08/09 13:37:04 | 000,002,057 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2010/08/04 11:12:18 | 000,000,051 | ---- | M] () -- C:\Windows\Rocksoft.ini
[2010/08/03 14:15:47 | 000,038,341 | ---- | M] () -- C:\Users\Bruno\Documents\FRequisiciones.xlsm
[2010/08/03 12:55:12 | 000,034,816 | ---- | M] () -- C:\Users\Bruno\Documents\Acuse de Recibo1.doc
[2010/08/02 19:07:53 | 015,427,584 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Users\Bruno\Desktop\cbSetup.exe
[2010/07/27 16:12:30 | 000,002,315 | ---- | M] () -- C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Motor del Programador de tareas de SolidWorks.lnk
[2010/07/24 14:32:21 | 002,314,936 | ---- | M] () -- C:\Users\Bruno\Desktop\TeamViewerQS.exe
[2010/07/20 08:55:21 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/07/20 08:55:12 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/07/19 18:08:37 | 000,524,288 | -HS- | M] () -- C:\Users\Bruno\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/07/19 18:08:37 | 000,524,288 | -HS- | M] () -- C:\Users\Bruno\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/07/19 18:08:37 | 000,065,536 | -HS- | M] () -- C:\Users\Bruno\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/07/19 18:04:08 | 000,007,456 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/07/19 18:04:07 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/07/19 18:04:07 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/07/19 11:37:28 | 000,353,608 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\sysfer.dll
[2010/07/19 11:37:28 | 000,107,848 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\SymVPN.dll
[2010/07/19 11:37:28 | 000,087,368 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\FwsVpn.dll
[2010/07/19 11:37:26 | 000,320,944 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspl.sys
[2010/07/19 11:37:26 | 000,283,184 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtsp.sys
[2010/07/19 11:37:26 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspx.sys
[2010/07/19 11:37:26 | 000,043,336 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\WPSDRVnt.sys
[2010/07/19 11:37:26 | 000,007,442 | ---- | M] () -- C:\Windows\System32\drivers\srtspx.cat
[2010/07/19 11:37:26 | 000,007,442 | ---- | M] () -- C:\Windows\System32\drivers\srtspl.cat
[2010/07/19 11:37:26 | 000,007,438 | ---- | M] () -- C:\Windows\System32\drivers\srtsp.cat
[2010/07/19 11:37:26 | 000,001,430 | ---- | M] () -- C:\Windows\System32\drivers\srtspl.inf
[2010/07/19 11:37:26 | 000,001,421 | ---- | M] () -- C:\Windows\System32\drivers\srtspx.inf
[2010/07/19 11:37:26 | 000,001,415 | ---- | M] () -- C:\Windows\System32\drivers\srtsp.inf
[2010/07/19 11:37:24 | 000,097,096 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SysPlant.sys
[2010/07/19 11:37:24 | 000,067,472 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\Teefer2.sys
[2010/07/19 11:37:16 | 000,188,080 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symtdi.sys
[2010/07/19 11:37:16 | 000,145,968 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symfw.sys
[2010/07/19 11:37:16 | 000,039,856 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symids.sys
[2010/07/19 11:37:16 | 000,038,448 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symndisv.sys
[2010/07/19 11:37:16 | 000,026,416 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symredrv.sys
[2010/07/19 11:37:16 | 000,012,720 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symdns.sys
[2010/07/19 11:37:16 | 000,009,892 | ---- | M] () -- C:\Windows\System32\drivers\SymRedir.cat
[2010/07/19 11:37:16 | 000,001,356 | ---- | M] () -- C:\Windows\System32\drivers\SymRedir.inf
[2010/07/19 09:22:40 | 000,000,020 | -HS- | M] () -- C:\Users\Bruno\ntuser.ini
[2010/07/16 19:21:41 | 000,113,629 | ---- | M] () -- C:\Windows\System32\slmgr.vbs.removewat
-
OTL 6th part
========== Files Created - No Company Name ==========
[2010/09/16 14:54:21 | 000,018,782 | ---- | C] () -- C:\Users\Bruno\Desktop\Trif_mix_1.pdf
[2010/09/15 22:06:23 | 001,550,539 | ---- | C] () -- C:\Users\Bruno\Desktop\sunshine_1.job
[2010/09/15 09:25:40 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/09/15 09:25:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/09/15 09:25:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/09/15 09:25:40 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/09/15 09:25:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/09/15 09:21:00 | 003,846,241 | R--- | C] () -- C:\Users\Bruno\Desktop\ComboFix.exe
[2010/09/15 09:20:47 | 000,080,384 | ---- | C] () -- C:\Users\Bruno\Desktop\MBRCheck.exe
[2010/09/06 16:05:18 | 000,293,376 | ---- | C] () -- C:\Users\Bruno\Desktop\5etmlxdc.exe
[2010/09/06 16:05:11 | 000,525,824 | ---- | C] () -- C:\Users\Bruno\Desktop\dds.scr
[2010/09/04 15:25:36 | 000,002,907 | ---- | C] () -- C:\Users\Bruno\Desktop\Microsoft Office Picture Manager.lnk
[2010/09/03 07:50:05 | 000,023,363 | ---- | C] () -- C:\Users\Bruno\Documents\Lista de daños_ Servin_DESC.xlsx
[2010/09/01 08:34:42 | 000,023,778 | ---- | C] () -- C:\Users\Bruno\Documents\Lista de daños_ Servin.xlsx
[2010/08/28 16:14:52 | 000,672,768 | ---- | C] () -- C:\Users\Bruno\Desktop\MicrosoftFixit50450(2).msi
[2010/08/28 16:13:53 | 000,672,768 | ---- | C] () -- C:\Users\Bruno\Desktop\MicrosoftFixit50450.msi
[2010/08/26 11:47:24 | 000,000,476 | RHS- | C] () -- C:\Users\Bruno\ntuser.pol
[2010/08/24 18:05:13 | 000,034,304 | ---- | C] () -- C:\Users\Bruno\Documents\Acuse de Recibo2.doc
[2010/08/23 11:44:10 | 246,750,950 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/23 10:51:10 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/18 08:57:31 | 001,802,240 | ---- | C] () -- C:\Users\Bruno\Documents\Norberto.accdb
[2010/08/09 13:39:00 | 000,052,736 | R--- | C] () -- C:\Windows\System32\HP1100SMs.dll
[2010/08/09 13:38:58 | 001,486,848 | ---- | C] () -- C:\Windows\System32\HP1100SM.EXE
[2010/08/09 13:38:58 | 000,284,160 | ---- | C] () -- C:\Windows\System32\mvhlewsi.DLL
[2010/08/09 13:38:58 | 000,151,552 | ---- | C] () -- C:\Windows\System32\HP1100LM.DLL
[2010/08/09 13:37:04 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2010/08/04 09:12:40 | 000,000,051 | ---- | C] () -- C:\Windows\Rocksoft.ini
[2010/08/03 12:55:11 | 000,034,816 | ---- | C] () -- C:\Users\Bruno\Documents\Acuse de Recibo1.doc
[2010/07/30 10:10:21 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/07/30 10:10:21 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2010/07/30 09:32:13 | 000,039,936 | ---- | C] () -- C:\Users\Bruno\Documents\Acuse de Recibo.doc
[2010/07/27 16:16:42 | 000,000,000 | ---- | C] () -- C:\Users\Bruno\AppData\Local\Temptable.xml
[2010/07/27 16:12:30 | 000,002,315 | ---- | C] () -- C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Motor del Programador de tareas de SolidWorks.lnk
[2010/07/26 15:21:13 | 000,038,341 | ---- | C] () -- C:\Users\Bruno\Documents\FRequisiciones.xlsm
[2010/07/24 14:32:11 | 002,314,936 | ---- | C] () -- C:\Users\Bruno\Desktop\TeamViewerQS.exe
[2010/07/20 08:55:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/07/20 08:55:12 | 000,001,877 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/07/19 18:03:49 | 000,007,456 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/07/19 18:03:49 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/07/19 11:37:26 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\srtspx.cat
[2010/07/19 11:37:26 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\srtspl.cat
[2010/07/19 11:37:26 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\srtsp.cat
[2010/07/19 11:37:26 | 000,001,430 | ---- | C] () -- C:\Windows\System32\drivers\srtspl.inf
[2010/07/19 11:37:26 | 000,001,421 | ---- | C] () -- C:\Windows\System32\drivers\srtspx.inf
[2010/07/19 11:37:26 | 000,001,415 | ---- | C] () -- C:\Windows\System32\drivers\srtsp.inf
[2010/07/19 11:37:16 | 000,009,892 | ---- | C] () -- C:\Windows\System32\drivers\SymRedir.cat
[2010/07/19 11:37:16 | 000,001,356 | ---- | C] () -- C:\Windows\System32\drivers\SymRedir.inf
[2010/07/19 09:22:40 | 004,456,448 | -HS- | C] () -- C:\Users\Bruno\NTUSER.DAT
[2010/07/19 09:22:40 | 000,524,288 | -HS- | C] () -- C:\Users\Bruno\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/07/19 09:22:40 | 000,524,288 | -HS- | C] () -- C:\Users\Bruno\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/07/19 09:22:40 | 000,262,144 | -HS- | C] () -- C:\Users\Bruno\ntuser.dat.LOG1
[2010/07/19 09:22:40 | 000,065,536 | -HS- | C] () -- C:\Users\Bruno\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/07/19 09:22:40 | 000,000,020 | -HS- | C] () -- C:\Users\Bruno\ntuser.ini
[2010/07/19 09:22:40 | 000,000,000 | -HS- | C] () -- C:\Users\Bruno\ntuser.dat.LOG2
[2010/07/16 19:21:41 | 000,113,629 | ---- | C] () -- C:\Windows\System32\slmgr.vbs.removewat
[2010/07/16 18:47:18 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/05/21 12:44:22 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2010/05/21 12:44:21 | 012,033,024 | ---- | C] () -- C:\Windows\System32\drivers\snp2sxp.sys
[2010/05/21 12:44:21 | 000,025,472 | ---- | C] () -- C:\Windows\System32\drivers\sncamd.sys
[2010/05/05 13:38:38 | 000,000,936 | ---- | C] () -- C:\Windows\ARPR.INI
[2010/05/03 09:57:56 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2010/05/03 09:57:56 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2010/04/12 14:55:24 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/04/10 15:20:01 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2010/04/10 15:16:23 | 000,094,208 | ---- | C] () -- C:\Windows\System32\GTW32N50.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 18:36:08 | 000,193,024 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
[2009/04/01 10:48:16 | 000,053,478 | ---- | C] () -- C:\Windows\mvtcpui.ini
[2009/03/03 23:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2007/08/21 20:46:34 | 000,059,160 | ---- | C] () -- C:\Windows\System32\zlib.dll
========== LOP Check ==========
[2010/08/03 07:24:35 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\DassaultSystemes
[2010/07/19 13:22:55 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\DWGeditor
[2010/09/16 13:24:12 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\IM
[2010/09/08 12:24:50 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
-
OTL 7th part
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/06/10 16:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/09/16 18:03:22 | 000,015,662 | ---- | M] () -- C:\ComboFix.txt
[2009/06/10 16:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/09/09 05:37:04 | 016,823,592 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\DwgDocumentMgrNET.dll
[2010/09/17 06:59:23 | 1609,814,016 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/12 12:30:07 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/12 12:30:07 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/09/17 06:59:28 | 2146,422,784 | -HS- | M] () -- C:\pagefile.sys
[2010/09/16 14:27:27 | 003,932,184 | ---- | M] () -- C:\snp2sxp-001.raw
[2010/05/31 10:36:47 | 003,932,184 | ---- | M] () -- C:\snp2sxp-002.raw
[2010/05/31 11:23:45 | 003,932,184 | ---- | M] () -- C:\snp2sxp-003.raw
< %systemroot%\Fonts\*.com >
[2009/07/13 23:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 23:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 23:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 23:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 16:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/07/13 20:15:05 | 000,071,168 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNBPP4.DLL
[2009/10/23 11:18:14 | 000,069,632 | ---- | M] () -- C:\Windows\System32\spool\prtprocs\w32x86\HP1100PP.dll
[2009/07/13 20:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2009/07/13 20:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/13 23:41:57 | 000,000,174 | -HS- | M] () -- C:\Archivos de programa\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/07/19 13:01:27 | 000,000,221 | -HS- | M] () -- C:\Users\Bruno\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2010/09/06 16:01:28 | 000,293,376 | ---- | M] () -- C:\Users\Bruno\Desktop\5etmlxdc.exe
[2010/08/02 19:07:53 | 015,427,584 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Users\Bruno\Desktop\cbSetup.exe
[2010/09/16 17:17:33 | 003,846,241 | R--- | M] () -- C:\Users\Bruno\Desktop\ComboFix.exe
[2010/09/15 09:17:10 | 000,080,384 | ---- | M] () -- C:\Users\Bruno\Desktop\MBRCheck.exe
[2010/09/17 09:05:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bruno\Desktop\OTL.exe
[2010/07/24 14:32:21 | 002,314,936 | ---- | M] () -- C:\Users\Bruno\Desktop\TeamViewerQS.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
[2004/12/09 17:23:46 | 000,013,022 | ---- | M] () -- C:\Windows\snp2std.src
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
[2009/06/10 16:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2010/08/04 07:04:20 | 000,000,402 | -HS- | M] () -- C:\Users\Bruno\Favorites\desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< %systemroot%\system32\drivers\*.rmv >
< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
< dir /b "%systemroot%\*.exe" | find /i " " /c >
< %PROGRAMFILES%\Microsoft\*.* >
< %systemroot%\System32\Wbem\proquota.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.dat >
< %USERPROFILE%\Cookies\*.txt /x >
< %SystemRoot%\system32\fonts\*.* >
< %systemroot%\system32\winlog\*.* >
< %systemroot%\system32\Language\*.* >
< %systemroot%\system32\Settings\*.* >
< %systemroot%\system32\*.quo >
< %SYSTEMROOT%\AppPatch\*.exe >
< %SYSTEMROOT%\inf\*.exe >
< %SYSTEMROOT%\Installer\*.exe >
< %systemroot%\system32\config\*.bak2 >
< %systemroot%\system32\Computers\*.* >
< %SystemRoot%\system32\Sound\*.* >
< %SystemRoot%\system32\SpecialImg\*.* >
< %SystemRoot%\system32\code\*.* >
< %SystemRoot%\system32\draft\*.* >
< %SystemRoot%\system32\MSSSys\*.* >
< %ProgramFiles%\Javascript\*.* >
< %systemroot%\pchealth\helpctr\System\*.exe /s >
< %systemroot%\Web\*.exe >
< %systemroot%\system32\msn\*.* >
< %systemroot%\system32\*.tro >
< %AppData%\Microsoft\Installer\msupdates\*.* >
< %ProgramFiles%\Messenger\*.* >
< %systemroot%\system32\systhem32\*.* >
< %systemroot%\system\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-03 15:48:23
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:63238B95
< End of report >
-
Extras
OTL Extras logfile created on: 17/09/2010 09:09:32 a.m. - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Bruno\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 62.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 98.19 Gb Free Space | 65.92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7.45 Gb Total Space | 4.56 Gb Free Space | 61.13% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive R: | 149.05 Gb Total Space | 67.22 Gb Free Space | 45.10% Space Free | Partition Type: NTFS
Computer Name: INGENIERIA05
Current User Name: Bruno
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06379784-4648-46BF-9426-0B10817F0AF5}" = PhotoView 360
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppP1100P1560P1600SeriesLaserJetService
"{15D7ECFC-B252-4990-A6BC-1C550A046FE5}" = SolidWorks eDrawings 2009
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{29E58280-6B01-4B4C-BE86-86F46F1C2E45}" = LogoJet 1.1 Demo
"{325CC540-F105-4074-BFC0-B8E26BFFE1D5}" = SolidWorks Explorer 2009 sp0
"{3C1AE512-3C37-44FA-BA42-ABB721EC5B1D}" = Symantec Endpoint Protection
"{62625BB0-A3F6-409F-82F9-A6FF54ED587B}" = SolidWorks 2009 SP0
"{6284454D-E936-41AB-ACFC-D15424407268}" = Cognex In-Sight Software 4.4.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{853F464A-B2B8-404E-BA3E-B98FF6862C41}" = hppusgP1100P1560P1600Series
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2010
"{90140000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2010
"{90140000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2010
"{90140000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2010
"{90140000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2010
"{90140000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2010
"{90140000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2010
"{90140000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2010
"{90140000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2010
"{90140000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2010
"{90140000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2010
"{90140000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2010
"{90140000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2010
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{AC76BA86-7AD7-1034-7B44-A93000000001}" = Adobe Reader 9.3.4 - Español
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{EE1671E1-ECB2-446B-A278-E8C56CFC839E}" = DWGeditor
"{EFDCE57C-A7C0-4111-9965-E9D21A89BC35}" = RSLogix 500 English 7.00.00 (CPR 7)
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.0 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced RAR Password Recovery" = Advanced RAR Password Recovery (remove only)
"CobBackup10" = Cobian Backup 10
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Recover My Files_is1" = Recover My Files
"SolidWorks Installation Manager 20090-40000-1100-200" = SolidWorks 2009 SP0
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Ultra MPEG-4 Converter_is1" = Ultra MPEG-4 Converter 3.9.1120
"WinRAR archiver" = Compresor WinRAR
"WorldUnlock Codes Calculator" = WorldUnlock Codes Calculator
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30/08/2010 09:01:17 a.m. | Computer Name = Ingenieria05 | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Trojan Horse in File: C:\Users\Bruno\AppData\Local\Temp\DWH2895.tmp
by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description:
The file was quarantined successfully.
Error - 30/08/2010 09:01:43 a.m. | Computer Name = Ingenieria05 | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Trojan Horse in File: C:\Users\Bruno\AppData\Local\Temp\DWH40F6.tmp
by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description:
The file was quarantined successfully.
Error - 30/08/2010 09:02:07 a.m. | Computer Name = Ingenieria05 | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Trojan Horse in File: C:\Users\Bruno\AppData\Local\Temp\DWH5A50.tmp
by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description:
The file was quarantined successfully.
Error - 30/08/2010 09:02:32 a.m. | Computer Name = Ingenieria05 | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Trojan Horse in File: C:\Users\Bruno\AppData\Local\Temp\DWH76B7.tmp
by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description:
The file was quarantined successfully.
Error - 30/08/2010 09:02:56 a.m. | Computer Name = Ingenieria05 | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Trojan Horse in File: C:\Users\Bruno\AppData\Local\Temp\DWH8BCE.tmp
by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description:
The file was quarantined successfully.
Error - 30/08/2010 09:03:08 a.m. | Computer Name = Ingenieria05 | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: Rtvscan.exe, versión: 11.0.6070.422,
marca de tiempo: 0x4bd1409a Nombre del módulo con errores: Rtvscan.exe, versión:
11.0.6070.422, marca de tiempo: 0x4bd1409a Código de excepción: 0xc0000005 Desplazamiento
de errores: 0x00087565 Id. del proceso con errores: 0x44c Hora de inicio de la aplicación
con errores: 0x01cb4839e48aba87 Ruta de acceso de la aplicación con errores: C:\Program
Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe Ruta de acceso del módulo
con errores: C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
Id.
del informe: eef95012-b436-11df-a130-0024e800d4af
Error - 30/08/2010 09:04:22 a.m. | Computer Name = Ingenieria05 | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Trojan Horse in File: C:\Users\Bruno\AppData\Local\Temp\DWH5AEB.tmp
by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description:
The file was quarantined successfully.
Error - 30/08/2010 09:32:19 a.m. | Computer Name = Ingenieria05 | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "C:\Program Files\Microsoft
Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe". No se encontró el
ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
sxstrace.exe para obtener un diagnóstico detallado.
Error - 30/08/2010 09:32:19 a.m. | Computer Name = Ingenieria05 | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "C:\Program Files\Microsoft
Visual Studio 8\Common7\IDE\Remote Debugger\ia64\msvsmon.exe". No se encontró el
ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
sxstrace.exe para obtener un diagnóstico detallado.
Error - 30/08/2010 12:32:12 p.m. | Computer Name = Ingenieria05 | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Trojan Horse in File: C:\Users\Bruno\AppData\Local\Temp\DWHE036.tmp
by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description:
The file was quarantined successfully.
[ System Events ]
Error - 04/09/2010 03:45:32 p.m. | Computer Name = Ingenieria05 | Source = DCOM | ID = 10016
Description =
Error - 04/09/2010 03:55:32 p.m. | Computer Name = Ingenieria05 | Source = DCOM | ID = 10016
Description =
Error - 04/09/2010 04:05:32 p.m. | Computer Name = Ingenieria05 | Source = DCOM | ID = 10016
Description =
Error - 04/09/2010 04:15:32 p.m. | Computer Name = Ingenieria05 | Source = DCOM | ID = 10016
Description =
Error - 04/09/2010 04:25:32 p.m. | Computer Name = Ingenieria05 | Source = DCOM | ID = 10016
Description =
Error - 04/09/2010 04:35:32 p.m. | Computer Name = Ingenieria05 | Source = DCOM | ID = 10016
Description =
Error - 04/09/2010 04:45:32 p.m. | Computer Name = Ingenieria05 | Source = DCOM | ID = 10016
Description =
Error - 04/09/2010 04:55:32 p.m. | Computer Name = Ingenieria05 | Source = DCOM | ID = 10016
Description =
Error - 04/09/2010 04:59:07 p.m. | Computer Name = Ingenieria05 | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 04/09/2010 04:59:07 p.m. | Computer Name = Ingenieria05 | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
-
Update your Java version here: http://www.java.com/en/download/installed.jsp
Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.
Now, we need to remove old Java version and its remnants...
Download JavaRa to your desktop and unzip it to its own folder
- Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
- Accept any prompts.
================================================================
Make sure, Windows firewall is OFF, since you're running Norton AV + firewall.
===============================================================
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
Code:
:OTL
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:63238B95
:Services
:Reg
:Files
:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- You will get a log that shows the results of the fix. Please post it.
==============================================================
Last scans...
1. Download Security Check from HERE, and save it to your Desktop.
- Double-click SecurityCheck.exe
- Follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
2. Download Temp File Cleaner (TFC)
- Double click on TFC.exe to run the program.
- Click on Start button to begin cleaning process.
- TFC will close all running programs, and it may ask you to restart computer.
3. Go to Kaspersky website and perform an online antivirus scan.
- Disable your active antivirus program.
- Read through the requirements and privacy statement and click on Accept button.
- It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
- When the downloads have finished, click on Settings.
- Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
- Archives
- Mail databases
- Click on My Computer under Scan.
- Once the scan is complete, it will display the results. Click on View Scan Report.
- You will see a list of infected items there. Click on Save Report As....
- Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
-
You are online !!! :D niceee....
Broni... finished this topic can you help me with my personal computer :$ ?
I dont use antivirus but i made a scan with kaspersky internet security and it said that i had some virus can u help me plissss ?? ^.^
-
Finish this topic first, then start another topic regarding different computer.
-
Broni just one thing :(
Before the custom repair with OTL, the Symantec Endpoint Protection has stopped working. If i try to start again the antivirus, Windows says that the process can not be started. :(
I post the logs here in a couple of minutes.
-
JavaRa.log
JavaRa 1.16 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Fri Sep 17 18:29:00 2010
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
------------------------------------
Finished reporting.
-
OTL custom repair.log
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
ADS C:\ProgramData\TEMP:63238B95 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Arturo
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 18417242 bytes
->Java cache emptied: 12121533 bytes
->Flash cache emptied: 56939 bytes
User: Bruno
->Temp folder emptied: 8582890 bytes
->Temporary Internet Files folder emptied: 24851139 bytes
->Java cache emptied: 2027 bytes
->FireFox cache emptied: 39978080 bytes
->Flash cache emptied: 695 bytes
User: CURRENT_USER
->Temp folder emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Invitado
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 294871 bytes
->Flash cache emptied: 434 bytes
User: Public
->Temp folder emptied: 0 bytes
User: TEMP
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 58106 bytes
RecycleBin emptied: 1942970 bytes
Total Files Cleaned = 101.00 mb
[EMPTYFLASH]
User: All Users
User: Arturo
->Flash cache emptied: 0 bytes
User: Bruno
->Flash cache emptied: 0 bytes
User: CURRENT_USER
User: Default
User: Default User
User: Invitado
->Flash cache emptied: 0 bytes
User: Public
User: TEMP
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.12.1 log created on 09172010_183111
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
checkup.txt
Results of screen317's Security Check version 0.99.5
Windows 7 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Symantec Endpoint Protection
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 21
Adobe Flash Player 10.1.82.76
Adobe Reader 9.3.4 - Español
Mozilla Firefox (3.6.8)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Norton ccSvcHst.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)
``````````End of Log````````````
