Hello, I have this problem. Slow computer, takes forever to launch and turn-off, also firefox, excel, word, ppt. Thanks in advance for any help! Here's my DDS log, Spybot-S&D log and attached my attach.zip:

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_26
Run by M at 12:15:07 on 2011-07-11
Microsoft Windows XP Professional 5.1.2600.2.1252.502.3082.18.503.164 [GMT -6:00]
.
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe
C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe
C:\Archivos de programa\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Archivos de programa\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
svchost.exe
C:\Archivos de programa\AVAST Software\Avast\afwServ.exe
C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe
C:\Archivos de programa\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe
C:\Archivos de programa\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Internet Movil\Internet Movil.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ChgService.exe
C:\Archivos de programa\Java\jre6\bin\jqs.exe
C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe
C:\Archivos de programa\Spybot - Search & Destroy 2\SDHookSvc.exe
C:\Archivos de programa\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Archivos de programa\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Archivos de programa\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Archivos de programa\Mozilla Firefox\plugin-container.exe
C:\Archivos de programa\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyServer = socks=127.0.0.1:4021
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\archivos de programa\archivos comunes\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\datos de programa\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\archiv~1\micros~2\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\archivos de programa\archivos comunes\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\archivos de programa\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\archivos de programa\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
EB: {5ad5e5e3-8a21-252b-ced6-7f47ac3b351c} - Search panel
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Mobile Partner] "c:\archivos de programa\internet movil\Internet Movil.exe"
uRun: [PC Suite Tray] "c:\archivos de programa\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [PAC207_Monitor] c:\windows\pixart\pac207\Monitor.exe
mRun: [Monitor] c:\windows\pixart\pac207\Monitor.exe
mRun: [SunJavaUpdateSched] "c:\archivos de programa\archivos comunes\java\java update\jusched.exe"
mRun: [avast] "c:\archivos de programa\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\archivos de programa\archivos comunes\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "c:\archivos de programa\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Spybot-S&D Cleaning] "c:\archivos de programa\spybot - search & destroy 2\SDCleaner.exe" /autoclean
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: E&xportar a Microsoft Excel - c:\archiv~1\micros~2\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\archivos de programa\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\archivos de programa\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\archiv~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\archiv~1\mic273~1\office12\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212258837656
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212612815562
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
TCP: Interfaces\{0BE62E76-7219-4FE6-86C2-CA1ED720C707} : NameServer = 200.49.161.131 200.49.160.35
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\archiv~1\micros~2\office12\GR99D3~1.DLL
Notify: !SASWinLogon - c:\archivos de programa\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
Notify: IntelWireless - c:\archivos de programa\intel\wireless\bin\LgNotify.dll
Notify: SDWinLogon - SDWinLogon.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\archivos de programa\superantispyware\SASSEH.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\archiv~1\micros~2\office12\GRA8E1~1.DLL
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\m\datos de programa\mozilla\firefox\profiles\o1ov1ejt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www15.searchonthego.net/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - hxxp://kiosko.net/gt/|http://sn106w.snt106.mail.live.com/default.aspx?wa=wsignin1.0|http://www.facebook.com/|https://mail.google.com/mail/#inbox|http://es.mg41.mail.yahoo.com/dc/launch?.gx=1&.rand=c24juiut9s8d3|https://www.sucursalelectronica.com/redir/showLogin.go?country=GT|https://www.bancocuscatlan.com/guatemala/y_home_seguro/Sitio_Seguro/display_personas.html|http://www.guatefutbol.com/ (http://sn106w.snt106.mail.live.com/default.aspx?wa=wsignin1.0%7Chttp://www.facebook.com/%7Chttps://mail.google.com/mail/#inbox%7Chttp://es.mg41.mail.yahoo.com/dc/launch?.gx=1&.rand=c24juiut9s8d3%7Chttps://www.sucursalelectronica.com/redir/showLogin.go?country=GT%7Chttps://www.bancocuscatlan.com/guatemala/y_home_seguro/Sitio_Seguro/display_personas.html%7Chttp://www.guatefutbol.com/)
FF - prefs.js: keyword.URL - hxxp://www15.searchonthego.net/search.php?q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\all users\datos de programa\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\datos de programa\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\documents and settings\m\datos de programa\mozilla\firefox\profiles\o1ov1ejt.default\extensions\{7378b8c2-fc38-41b8-a8c9-875d1f5b0a24}\components\NativeComponent.dll
FF - plugin: c:\archivos de programa\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\archivos de programa\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\archivos de programa\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\archivos de programa\microsoft\office live\npOLW.dll
FF - plugin: c:\archivos de programa\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\archivos de programa\opera\program\plugins\nppl3260.dll
FF - plugin: c:\archivos de programa\opera\program\plugins\nprjplug.dll
FF - plugin: c:\archivos de programa\opera\program\plugins\nprpjplug.dll
FF - plugin: c:\archivos de programa\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\documents and settings\all users\datos de programa\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\datos de programa\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\m\datos de programa\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\m\datos de programa\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\m\datos de programa\mozilla\plugins\npgtpo3dautoplugin.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www15.searchonthego.net/search.php?q=
FF - user.js: keyword.enabled - true
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www15.searchonthego.net/search.php?q=
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2011-6-20 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2011-6-20 194264]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2011-6-20 103384]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-20 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-6-20 309848]
R1 SASDIFSV;SASDIFSV;c:\archivos de programa\superantispyware\SASDIFSV.SYS [2008-5-13 9968]
R1 SASKUTIL;SASKUTIL;c:\archivos de programa\superantispyware\SASKUTIL.SYS [2008-5-13 74480]
R1 SDHookDriver;Spybot-S&D 2 Hook Driver;c:\archivos de programa\spybot - search & destroy 2\SDHookDrv32.sys [2011-7-10 38504]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-6-20 19544]
R2 avast! Antivirus;avast! Antivirus;c:\archivos de programa\avast software\avast\AvastSvc.exe [2011-6-20 42184]
R2 avast! Firewall;avast! Firewall;c:\archivos de programa\avast software\avast\afwServ.exe [2011-6-20 121000]
R2 Change Modem Device Service;Change Modem Device Service;c:\windows\system32\ChgService.exe [2009-11-24 135168]
R2 SDHookService;Spybot-S&D 2 Hooks Service;c:\archivos de programa\spybot - search & destroy 2\SDHookSvc.exe [2011-7-10 130976]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\archivos de programa\spybot - search & destroy 2\SDFSSvc.exe [2011-7-10 1060272]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\archivos de programa\spybot - search & destroy 2\SDUpdSvc.exe [2011-7-10 909224]
R3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\drivers\CamSuiteVAC.sys [2011-6-10 37560]
R3 PAC207;PC Camer@;c:\windows\system32\drivers\PFC027.SYS [2011-6-10 618112]
S0 oyfebwga;oyfebwga;c:\windows\system32\drivers\slswd.sys --> c:\windows\system32\drivers\slswd.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\archivos de programa\google\update\GoogleUpdate.exe [2011-5-24 136176]
S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\drivers\cmnsusbser.sys [2009-11-24 103424]
S3 DIGIRPS;Controlador Digi PortServer;c:\windows\system32\drivers\digirlpt.sys [2011-7-7 42624]
S3 gupdatem;Servicio de Google Update (gupdatem);c:\archivos de programa\google\update\GoogleUpdate.exe [2011-5-24 136176]
S3 SASENUM;SASENUM;c:\archivos de programa\superantispyware\SASENUM.SYS [2008-5-13 7408]
S3 ZSMC302;VIMICRO USB PC Camera;c:\windows\system32\drivers\usbvm31b.sys --> c:\windows\system32\drivers\usbVM31b.sys [?]
.
=============== Created Last 30 ================
.
2011-07-11 17:17:41 -------- d-----w- c:\archivos de programa\RkU3.8.388.590
2011-07-11 16:39:49 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-11 16:39:30 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-11 16:39:30 -------- d-----w- c:\archivos de programa\Malwarebytes' Anti-Malware
2011-07-11 04:12:11 -------- d-----w- c:\documents and settings\all users\datos de programa\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-07-11 00:40:42 15224 ----a-w- c:\windows\system32\sdnclean.exe
2011-07-11 00:40:34 -------- d-----w- c:\archivos de programa\Spybot - Search & Destroy 2
2011-07-11 00:19:49 -------- d-----w- c:\documents and settings\m\configuración local\datos de programa\PackageAware
2011-07-11 00:09:38 15592 ----a-w- c:\windows\system32\roboot.exe
2011-07-11 00:09:28 174592 ----a-w- c:\windows\system32\framedyn.dll
2011-07-10 21:50:43 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ...ZZZZ.Z...Z
2011-07-10 21:26:51 -------- d-----w- c:\documents and settings\m\datos de programa\VSRevoGroup
2011-07-10 18:37:29 -------- d-----w- c:\documents and settings\m\datos de programa\DriverCure
2011-07-10 18:37:27 -------- d-----w- c:\documents and settings\m\datos de programa\ParetoLogic
2011-07-10 18:31:02 -------- d-----w- c:\archivos de programa\archivos comunes\ParetoLogic
2011-07-10 18:30:48 -------- d-----w- c:\documents and settings\all users\datos de programa\ParetoLogic
2011-07-10 18:30:48 -------- d-----w- c:\archivos de programa\ParetoLogic
2011-07-08 06:21:08 -------- d-----w- c:\documents and settings\m\configuración local\datos de programa\Geolocator
2011-07-08 06:16:02 -------- d-----w- c:\documents and settings\m\configuración local\datos de programa\ISS
2011-07-08 06:03:40 -------- d-----w- c:\documents and settings\m\configuración local\datos de programa\PlanetWerks
2011-07-08 05:29:25 -------- d-----w- c:\documents and settings\m\configuración local\datos de programa\Airfield Mayhem
2011-07-08 05:02:29 -------- d-----w- c:\documents and settings\m\configuración local\datos de programa\multiWeather
2011-07-08 04:01:43 159744 -c--a-w- c:\archivos de programa\mozilla firefox\plugins\npqtplugin7.dll
2011-07-08 04:01:43 159744 -c--a-w- c:\archivos de programa\mozilla firefox\plugins\npqtplugin6.dll
2011-07-08 04:01:43 159744 -c--a-w- c:\archivos de programa\mozilla firefox\plugins\npqtplugin5.dll
2011-07-08 04:01:43 159744 -c--a-w- c:\archivos de programa\mozilla firefox\plugins\npqtplugin4.dll
2011-07-08 04:01:43 159744 -c--a-w- c:\archivos de programa\mozilla firefox\plugins\npqtplugin3.dll
2011-07-08 04:01:43 159744 -c--a-w- c:\archivos de programa\mozilla firefox\plugins\npqtplugin2.dll
2011-07-08 04:01:43 159744 -c--a-w- c:\archivos de programa\mozilla firefox\plugins\npqtplugin.dll
2011-07-08 01:50:46 42624 -c--a-w- c:\windows\system32\dllcache\digirlpt.sys
2011-07-08 01:50:46 42624 ----a-w- c:\windows\system32\drivers\digirlpt.sys
2011-07-08 01:50:46 110621 -c--a-w- c:\windows\system32\dllcache\digirlpt.dll
2011-07-08 01:50:46 110621 ----a-w- c:\windows\system32\digirlpt.dll
2011-07-07 02:46:33 -------- d-----w- c:\archivos de programa\VS Revo Group
2011-06-21 04:07:53 98304 ----a-w- c:\windows\system32\redmonnt.dll
2011-06-20 20:12:30 103384 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-06-20 20:11:35 194264 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-06-20 20:11:33 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-06-20 20:10:01 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2011-06-20 20:09:59 40112 ----a-w- c:\windows\avastSS.scr
2011-06-20 20:09:03 -------- d-----w- c:\documents and settings\all users\datos de programa\AVAST Software
2011-06-20 20:09:03 -------- d-----w- c:\archivos de programa\AVAST Software
2011-06-20 05:41:37 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-20 05:41:37 476904 -c--a-w- c:\archivos de programa\mozilla firefox\plugins\npdeployJava1.dll
2011-06-20 05:10:00 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-06-20 05:10:00 -------- d-----w- c:\windows\system32\wbem\Repository
2011-06-18 14:16:36 -------- d-----w- c:\archivos de programa\ConvertHelper
2011-06-15 15:46:56 -------- d-----w- c:\documents and settings\m\datos de programa\DVDVideoSoft
2011-06-15 15:46:47 -------- d-----w- c:\archivos de programa\archivos comunes\DVDVideoSoft
2011-06-15 15:38:19 -------- d-----w- c:\windows\system32\drivers\mycodec
.
==================== Find3M ====================
.
2011-07-06 14:08:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-05 02:45:24 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-07-05 02:45:24 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-05-04 10:52:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-01 22:25:53 7839744 ----a-w- c:\archivos de programa\Nokia_Connectivity_Cable_Driver_spa_co.msi
2008-05-31 18:49:01 2585872 ----a-w- c:\archivos de programa\WindowsInstaller-KB893803-v2-x86.exe
2006-11-28 22:16:56 274432 ----a-w- c:\archivos de programa\stripmail.exe
1999-03-06 03:26:28 777216 ----a-w- c:\archivos de programa\PHOTOED.EXE
1998-12-09 08:53:58 97792 ----a-w- c:\archivos de programa\STAMP.DLL
1998-12-09 08:53:58 183808 ----a-w- c:\archivos de programa\TEXTURIZ.DLL
1998-12-09 08:53:58 115712 ----a-w- c:\archivos de programa\STAINEDG.DLL
1998-12-09 08:53:58 110080 ----a-w- c:\archivos de programa\WATERCOL.DLL
1998-12-09 08:53:56 98816 ----a-w- c:\archivos de programa\NOTEPAPE.DLL
1998-12-09 08:53:54 97792 ----a-w- c:\archivos de programa\GRAPHICP.DLL
1998-12-09 08:53:50 97792 -c--a-w- c:\archivos de programa\EMBOSS.DLL
1998-12-09 08:53:48 104448 -c--a-w- c:\archivos de programa\CHALKCHA.DLL
.
============= FINISH: 12:27:42.31 ===============


Search results from Spybot - Search & Destroy

11/07/2011 02:22:38 p.m.
Scan took 01:00:51.

RevealerKeylogger: [SBI $B53A5B7E] Program directory (Directory, nothing done)
C:\Documents and Settings\All Users\Datos de programa\rkfree\
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\maps\3082
Directory.subfile.size=7172
Directory.subfile.md5=9D75FAF106E0C4DFE9DF0E58821ED11E
Directory.subfile.filedate=1305843498
Directory.subfile.filedatetext=2011-05-19 16:18:18
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\maps\4106
Directory.subfile.size=7172
Directory.subfile.md5=5F9479DF6E49B2451DAF44959D796225
Directory.subfile.filedate=1305843032
Directory.subfile.filedatetext=2011-05-19 16:10:32
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\08062011.rvl
Directory.subfile.size=1008
Directory.subfile.md5=D339315E18B325B681D494A234507170
Directory.subfile.filedate=1307560226
Directory.subfile.filedatetext=2011-06-08 13:10:25
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\10072011.rvl
Directory.subfile.size=9442
Directory.subfile.md5=A11E9FAE7F9B1B99626D38DAE8694060
Directory.subfile.filedate=1310319269
Directory.subfile.filedatetext=2011-07-10 11:34:28
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\11062011.rvl
Directory.subfile.size=290
Directory.subfile.md5=386A6592E59CAB7403BD5942313B37DD
Directory.subfile.filedate=1307815600
Directory.subfile.filedatetext=2011-06-11 12:06:40
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\12062011.rvl
Directory.subfile.size=7914
Directory.subfile.md5=FE7F0DC68EDF31BD9DCE35834E5ADB4A
Directory.subfile.filedate=1307921480
Directory.subfile.filedatetext=2011-06-12 17:31:19
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\19052011.rvl
Directory.subfile.size=1918
Directory.subfile.md5=45009798E8821FC01704613D48BFB750
Directory.subfile.filedate=1305844579
Directory.subfile.filedatetext=2011-05-19 16:36:19
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\20052011.rvl
Directory.subfile.size=3242
Directory.subfile.md5=2C97A7167E641EF226FDCF89A39C59B0
Directory.subfile.filedate=1305936883
Directory.subfile.filedatetext=2011-05-20 18:14:43
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\21052011.rvl
Directory.subfile.size=6862
Directory.subfile.md5=3FE12343296FE9702AB78C15A3022511
Directory.subfile.filedate=1306029442
Directory.subfile.filedatetext=2011-05-21 19:57:22
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\22052011.rvl
Directory.subfile.size=11446
Directory.subfile.md5=F050DF49F61E17C8451A4EFAB86CECE3
Directory.subfile.filedate=1306119225
Directory.subfile.filedatetext=2011-05-22 20:53:45
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\22062011.rvl
Directory.subfile.size=854
Directory.subfile.md5=FA5F93755A1E820EC7475EEB471E15B2
Directory.subfile.filedate=1308764829
Directory.subfile.filedatetext=2011-06-22 11:47:09
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\23052011.rvl
Directory.subfile.size=7232
Directory.subfile.md5=88C76C37C379E38064F0D3C8EB4A0792
Directory.subfile.filedate=1306203952
Directory.subfile.filedatetext=2011-05-23 20:25:51
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\28052011.rvl
Directory.subfile.size=1612
Directory.subfile.md5=899B84DBDFEF0668AD9BF42056FD8D89
Directory.subfile.filedate=1306635506
Directory.subfile.filedatetext=2011-05-28 20:18:25
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\29052011.rvl
Directory.subfile.size=2546
Directory.subfile.md5=A604DFAC523D80C64B3E542C7A56B824
Directory.subfile.filedate=1306708367
Directory.subfile.filedatetext=2011-05-29 16:32:47
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\30052011.rvl
Directory.subfile.size=314
Directory.subfile.md5=5DF0C7F9D52CAF7D102EAA71A7E47FCE
Directory.subfile.filedate=1306807324
Directory.subfile.filedatetext=2011-05-30 20:02:03
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\30062011.rvl
Directory.subfile.size=2110
Directory.subfile.md5=0C2EC7C4444A1D8312C6A9154310223C
Directory.subfile.filedate=1309474472
Directory.subfile.filedatetext=2011-06-30 16:54:32
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\31052011.rvl
Directory.subfile.size=4376
Directory.subfile.md5=9D66BB29E1E6DB790E431AAD792468B2
Directory.subfile.filedate=1306901486
Directory.subfile.filedatetext=2011-05-31 22:11:25
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\01062011.rvl
Directory.subfile.size=30588
Directory.subfile.md5=3F2A6DD0B16B3FD2A1EF5AF5EC198570
Directory.subfile.filedate=1306982962
Directory.subfile.filedatetext=2011-06-01 20:49:21
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\01072011.rvl
Directory.subfile.size=20366
Directory.subfile.md5=9243DCE7AD0C48BC5BAFD5408F8AA7B5
Directory.subfile.filedate=1309581096
Directory.subfile.filedatetext=2011-07-01 22:31:36
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\02062011.rvl
Directory.subfile.size=25798
Directory.subfile.md5=45627DD654963500A665AC9E514EA7C7
Directory.subfile.filedate=1307080775
Directory.subfile.filedatetext=2011-06-02 23:59:34
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\03062011.rvl
Directory.subfile.size=20886
Directory.subfile.md5=A9D66F05CB43535D9C52F53CEE2920D2
Directory.subfile.filedate=1307167121
Directory.subfile.filedatetext=2011-06-03 23:58:41
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\03072011.rvl
Directory.subfile.size=5744
Directory.subfile.md5=42D0FAE8CA03E1CC2F05B7D3AF600254
Directory.subfile.filedate=1309756759
Directory.subfile.filedatetext=2011-07-03 23:19:18
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\04062011.rvl
Directory.subfile.size=7292
Directory.subfile.md5=CDA3F9C6A209DC463BEAC4DD0352DF44
Directory.subfile.filedate=1307247102
Directory.subfile.filedatetext=2011-06-04 22:11:42
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\04072011.rvl
Directory.subfile.size=9314
Directory.subfile.md5=4A1FE0272071F2439197ABC2CCB3E5C7
Directory.subfile.filedate=1309813631
Directory.subfile.filedatetext=2011-07-04 15:07:10
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\05062011.rvl
Directory.subfile.size=1212
Directory.subfile.md5=DE2616B0756DDCAF7746907172212564
Directory.subfile.filedate=1307304420
Directory.subfile.filedatetext=2011-06-05 14:06:59
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\05072011.rvl
Directory.subfile.size=6462
Directory.subfile.md5=C032612F84D27575F47A2D1E83AB2F1F
Directory.subfile.filedate=1309929288
Directory.subfile.filedatetext=2011-07-05 23:14:48
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\06062011.rvl
Directory.subfile.size=1720
Directory.subfile.md5=66C0597860AE342DD20580DD1244FB63
Directory.subfile.filedate=1307376578
Directory.subfile.filedatetext=2011-06-06 10:09:38
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\06072011.rvl
Directory.subfile.size=8732
Directory.subfile.md5=DB6780C4764184393F1B3DF70ACAC5B9
Directory.subfile.filedate=1310004531
Directory.subfile.filedatetext=2011-07-06 20:08:51
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\07062011.rvl
Directory.subfile.size=22878
Directory.subfile.md5=CA3A7E87B5607CFAEA1E1C37739EB89B
Directory.subfile.filedate=1307511646
Directory.subfile.filedatetext=2011-06-07 23:40:45
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\07072011.rvl
Directory.subfile.size=13406
Directory.subfile.md5=136BAC1A1C10E18101880D67C1FFF6D6
Directory.subfile.filedate=1310098206
Directory.subfile.filedatetext=2011-07-07 22:10:05
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\08062011.rvl
Directory.subfile.size=10558
Directory.subfile.md5=91479F3D6D1B84BBBBB8059462758613
Directory.subfile.filedate=1307598885
Directory.subfile.filedatetext=2011-06-08 23:54:45
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\08072011.rvl
Directory.subfile.size=8570
Directory.subfile.md5=FA4D530143975E411A495F9DE184CD63
Directory.subfile.filedate=1310170741
Directory.subfile.filedatetext=2011-07-08 18:19:01
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\09062011.rvl
Directory.subfile.size=4222
Directory.subfile.md5=28A95A91E455FF7475FA720107A87778
Directory.subfile.filedate=1307635466
Directory.subfile.filedatetext=2011-06-09 10:04:26
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\09072011.rvl
Directory.subfile.size=8634
Directory.subfile.md5=4D8495066453A2C1B4AB1A765AC662E6
Directory.subfile.filedate=1310269606
Directory.subfile.filedatetext=2011-07-09 21:46:45
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\10062011.rvl
Directory.subfile.size=5490
Directory.subfile.md5=29D26FFBF70B9FBBE1E088783FADB403
Directory.subfile.filedate=1307767214
Directory.subfile.filedatetext=2011-06-10 22:40:14
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\11062011.rvl
Directory.subfile.size=2684
Directory.subfile.md5=3385F771EC075EB618FB72A7CB6F673B
Directory.subfile.filedate=1307853137
Directory.subfile.filedatetext=2011-06-11 22:32:16
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\12062011.rvl
Directory.subfile.size=2160
Directory.subfile.md5=7B364FD6669F81494FB4A9CBABF84AB4
Directory.subfile.filedate=1307936353
Directory.subfile.filedatetext=2011-06-12 21:39:12
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\13062011.rvl
Directory.subfile.size=16846
Directory.subfile.md5=A29F9A0BE96B68C6D3D069FEDC5A8F57
Directory.subfile.filedate=1308026727
Directory.subfile.filedatetext=2011-06-13 22:45:27
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\14062011.rvl
Directory.subfile.size=5726
Directory.subfile.md5=D75908D16A6D9888AA7693449CA14A3C
Directory.subfile.filedate=1308101450
Directory.subfile.filedatetext=2011-06-14 19:30:49
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\15062011.rvl
Directory.subfile.size=2096
Directory.subfile.md5=295E9670A7DB3D4E46656CF898B42AFF
Directory.subfile.filedate=1308151257
Directory.subfile.filedatetext=2011-06-15 09:20:56
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\16062011.rvl
Directory.subfile.size=522
Directory.subfile.md5=8505AC30ACDD19B26947A8D53BE3A74B
Directory.subfile.filedate=1308208953
Directory.subfile.filedatetext=2011-06-16 01:22:33
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\17062011.rvl
Directory.subfile.size=7462
Directory.subfile.md5=783AC78551FB7AB80B45FE6A9F5B78CD
Directory.subfile.filedate=1308361871
Directory.subfile.filedatetext=2011-06-17 19:51:11
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\18062011.rvl
Directory.subfile.size=390
Directory.subfile.md5=5E76BF8E030495ACBA995E4A769545BB
Directory.subfile.filedate=1308404656
Directory.subfile.filedatetext=2011-06-18 07:44:16
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\19052011.rvl
Directory.subfile.size=4026
Directory.subfile.md5=92E2519A6F8C7436295968BCEC4DDE1B
Directory.subfile.filedate=1305848598
Directory.subfile.filedatetext=2011-05-19 17:43:17
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\19062011.rvl
Directory.subfile.size=182
Directory.subfile.md5=0F1F0849038F798E0BB39A97DE59A37E
Directory.subfile.filedate=1308547208
Directory.subfile.filedatetext=2011-06-19 23:20:08
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\20052011.rvl
Directory.subfile.size=7784
Directory.subfile.md5=13EC03F150F2183BECE6E630A2752CAB
Directory.subfile.filedate=1305944638
Directory.subfile.filedatetext=2011-05-20 20:23:57
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\20062011.rvl
Directory.subfile.size=21750
Directory.subfile.md5=B5D4F68FACAA55AE96A5A6C19295BA8C
Directory.subfile.filedate=1308629845
Directory.subfile.filedatetext=2011-06-20 22:17:24
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\21052011.rvl
Directory.subfile.size=37320
Directory.subfile.md5=2E0CB5BF20DCE25C1E1ED01A6F0A61BA
Directory.subfile.filedate=1306043159
Directory.subfile.filedatetext=2011-05-21 23:45:58
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\21062011.rvl
Directory.subfile.size=234
Directory.subfile.md5=2BB5C64827D16912A8B8F4C31708F70F
Directory.subfile.filedate=1308693941
Directory.subfile.filedatetext=2011-06-21 16:05:41
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\22052011.rvl
Directory.subfile.size=39166
Directory.subfile.md5=EF90DAE58F88B17F162FB1F7E074CB3D
Directory.subfile.filedate=1306130395
Directory.subfile.filedatetext=2011-05-22 23:59:55
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\23052011.rvl
Directory.subfile.size=33718
Directory.subfile.md5=FAF9DEBE738402C5F04CA521C50A4DE0
Directory.subfile.filedate=1306209905
Directory.subfile.filedatetext=2011-05-23 22:05:05
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\23062011.rvl
Directory.subfile.size=33212
Directory.subfile.md5=D4B6F02DDCBCBD83524B6AB5CC53158C
Directory.subfile.filedate=1308888215
Directory.subfile.filedatetext=2011-06-23 22:03:34
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\24052011.rvl
Directory.subfile.size=57394
Directory.subfile.md5=3B686441DEB59607C834620F49396117
Directory.subfile.filedate=1306297424
Directory.subfile.filedatetext=2011-05-24 22:23:44
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\24062011.rvl
Directory.subfile.size=2300
Directory.subfile.md5=0D3F62E8C8CA31334D97D1F044144134
Directory.subfile.filedate=1308967324
Directory.subfile.filedatetext=2011-06-24 20:02:04
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\25052011.rvl
Directory.subfile.size=32400
Directory.subfile.md5=1CDFFD18C1802D726A9116600A05621C
Directory.subfile.filedate=1306386458
Directory.subfile.filedatetext=2011-05-25 23:07:37
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\25062011.rvl
Directory.subfile.size=18570
Directory.subfile.md5=B72BC2258469B7AB5AF264A40C92250B
Directory.subfile.filedate=1309058968
Directory.subfile.filedatetext=2011-06-25 21:29:27
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\26052011.rvl
Directory.subfile.size=24708
Directory.subfile.md5=CD3537CC5C9EBEDA0C29561757E95746
Directory.subfile.filedate=1306475914
Directory.subfile.filedatetext=2011-05-26 23:58:33
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\27052011.rvl
Directory.subfile.size=27652
Directory.subfile.md5=91025A48268037E3F860A4A15BAFC17B
Directory.subfile.filedate=1306550026
Directory.subfile.filedatetext=2011-05-27 20:33:46
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\28052011.rvl
Directory.subfile.size=7230
Directory.subfile.md5=AFCC7FC2A5C9D337FAE9A3DE1EBFE330
Directory.subfile.filedate=1306631054
Directory.subfile.filedatetext=2011-05-28 19:04:14
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\29052011.rvl
Directory.subfile.size=5676
Directory.subfile.md5=D2BDEA941D56503A9320B4F531565136
Directory.subfile.filedate=1306725505
Directory.subfile.filedatetext=2011-05-29 21:18:25
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\30052011.rvl
Directory.subfile.size=13988
Directory.subfile.md5=C26232EA85663279D60201874EAFD1D8
Directory.subfile.filedate=1306811875
Directory.subfile.filedatetext=2011-05-30 21:17:55
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\30062011.rvl
Directory.subfile.size=7070
Directory.subfile.md5=E1757B2095F72D936AD3FFB2068CC2F0
Directory.subfile.filedate=1309469509
Directory.subfile.filedatetext=2011-06-30 15:31:48
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\31052011.rvl
Directory.subfile.size=752
Directory.subfile.md5=5F100678922F7B4BBB60EC71E83B3023
Directory.subfile.filedate=1306855836
Directory.subfile.filedatetext=2011-05-31 09:30:36

RevealerKeylogger: [SBI $08FCED7F] Program directory (Directory, nothing done)
C:\Documents and Settings\All Users\Datos de programa\rkfree\data\
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\08062011.rvl
Directory.subfile.size=1008
Directory.subfile.md5=D339315E18B325B681D494A234507170
Directory.subfile.filedate=1307560226
Directory.subfile.filedatetext=2011-06-08 13:10:25
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\10072011.rvl
Directory.subfile.size=9442
Directory.subfile.md5=A11E9FAE7F9B1B99626D38DAE8694060
Directory.subfile.filedate=1310319269
Directory.subfile.filedatetext=2011-07-10 11:34:28
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\11062011.rvl
Directory.subfile.size=290
Directory.subfile.md5=386A6592E59CAB7403BD5942313B37DD
Directory.subfile.filedate=1307815600
Directory.subfile.filedatetext=2011-06-11 12:06:40
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\12062011.rvl
Directory.subfile.size=7914
Directory.subfile.md5=FE7F0DC68EDF31BD9DCE35834E5ADB4A
Directory.subfile.filedate=1307921480
Directory.subfile.filedatetext=2011-06-12 17:31:19
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\19052011.rvl
Directory.subfile.size=1918
Directory.subfile.md5=45009798E8821FC01704613D48BFB750
Directory.subfile.filedate=1305844579
Directory.subfile.filedatetext=2011-05-19 16:36:19
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\20052011.rvl
Directory.subfile.size=3242
Directory.subfile.md5=2C97A7167E641EF226FDCF89A39C59B0
Directory.subfile.filedate=1305936883
Directory.subfile.filedatetext=2011-05-20 18:14:43
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\21052011.rvl
Directory.subfile.size=6862
Directory.subfile.md5=3FE12343296FE9702AB78C15A3022511
Directory.subfile.filedate=1306029442
Directory.subfile.filedatetext=2011-05-21 19:57:22
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\22052011.rvl
Directory.subfile.size=11446
Directory.subfile.md5=F050DF49F61E17C8451A4EFAB86CECE3
Directory.subfile.filedate=1306119225
Directory.subfile.filedatetext=2011-05-22 20:53:45
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\22062011.rvl
Directory.subfile.size=854
Directory.subfile.md5=FA5F93755A1E820EC7475EEB471E15B2
Directory.subfile.filedate=1308764829
Directory.subfile.filedatetext=2011-06-22 11:47:09
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\23052011.rvl
Directory.subfile.size=7232
Directory.subfile.md5=88C76C37C379E38064F0D3C8EB4A0792
Directory.subfile.filedate=1306203952
Directory.subfile.filedatetext=2011-05-23 20:25:51
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\28052011.rvl
Directory.subfile.size=1612
Directory.subfile.md5=899B84DBDFEF0668AD9BF42056FD8D89
Directory.subfile.filedate=1306635506
Directory.subfile.filedatetext=2011-05-28 20:18:25
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\29052011.rvl
Directory.subfile.size=2546
Directory.subfile.md5=A604DFAC523D80C64B3E542C7A56B824
Directory.subfile.filedate=1306708367
Directory.subfile.filedatetext=2011-05-29 16:32:47
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\30052011.rvl
Directory.subfile.size=314
Directory.subfile.md5=5DF0C7F9D52CAF7D102EAA71A7E47FCE
Directory.subfile.filedate=1306807324
Directory.subfile.filedatetext=2011-05-30 20:02:03
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\30062011.rvl
Directory.subfile.size=2110
Directory.subfile.md5=0C2EC7C4444A1D8312C6A9154310223C
Directory.subfile.filedate=1309474472
Directory.subfile.filedatetext=2011-06-30 16:54:32
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\Daniel\31052011.rvl
Directory.subfile.size=4376
Directory.subfile.md5=9D66BB29E1E6DB790E431AAD792468B2
Directory.subfile.filedate=1306901486
Directory.subfile.filedatetext=2011-05-31 22:11:25
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\01062011.rvl
Directory.subfile.size=30588
Directory.subfile.md5=3F2A6DD0B16B3FD2A1EF5AF5EC198570
Directory.subfile.filedate=1306982962
Directory.subfile.filedatetext=2011-06-01 20:49:21
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\01072011.rvl
Directory.subfile.size=20366
Directory.subfile.md5=9243DCE7AD0C48BC5BAFD5408F8AA7B5
Directory.subfile.filedate=1309581096
Directory.subfile.filedatetext=2011-07-01 22:31:36
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\02062011.rvl
Directory.subfile.size=25798
Directory.subfile.md5=45627DD654963500A665AC9E514EA7C7
Directory.subfile.filedate=1307080775
Directory.subfile.filedatetext=2011-06-02 23:59:34
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\03062011.rvl
Directory.subfile.size=20886
Directory.subfile.md5=A9D66F05CB43535D9C52F53CEE2920D2
Directory.subfile.filedate=1307167121
Directory.subfile.filedatetext=2011-06-03 23:58:41
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\03072011.rvl
Directory.subfile.size=5744
Directory.subfile.md5=42D0FAE8CA03E1CC2F05B7D3AF600254
Directory.subfile.filedate=1309756759
Directory.subfile.filedatetext=2011-07-03 23:19:18
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\04062011.rvl
Directory.subfile.size=7292
Directory.subfile.md5=CDA3F9C6A209DC463BEAC4DD0352DF44
Directory.subfile.filedate=1307247102
Directory.subfile.filedatetext=2011-06-04 22:11:42
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\04072011.rvl
Directory.subfile.size=9314
Directory.subfile.md5=4A1FE0272071F2439197ABC2CCB3E5C7
Directory.subfile.filedate=1309813631
Directory.subfile.filedatetext=2011-07-04 15:07:10
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\05062011.rvl
Directory.subfile.size=1212
Directory.subfile.md5=DE2616B0756DDCAF7746907172212564
Directory.subfile.filedate=1307304420
Directory.subfile.filedatetext=2011-06-05 14:06:59
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\05072011.rvl
Directory.subfile.size=6462
Directory.subfile.md5=C032612F84D27575F47A2D1E83AB2F1F
Directory.subfile.filedate=1309929288
Directory.subfile.filedatetext=2011-07-05 23:14:48
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\06062011.rvl
Directory.subfile.size=1720
Directory.subfile.md5=66C0597860AE342DD20580DD1244FB63
Directory.subfile.filedate=1307376578
Directory.subfile.filedatetext=2011-06-06 10:09:38
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\06072011.rvl
Directory.subfile.size=8732
Directory.subfile.md5=DB6780C4764184393F1B3DF70ACAC5B9
Directory.subfile.filedate=1310004531
Directory.subfile.filedatetext=2011-07-06 20:08:51
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\07062011.rvl
Directory.subfile.size=22878
Directory.subfile.md5=CA3A7E87B5607CFAEA1E1C37739EB89B
Directory.subfile.filedate=1307511646
Directory.subfile.filedatetext=2011-06-07 23:40:45
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\07072011.rvl
Directory.subfile.size=13406
Directory.subfile.md5=136BAC1A1C10E18101880D67C1FFF6D6
Directory.subfile.filedate=1310098206
Directory.subfile.filedatetext=2011-07-07 22:10:05
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\08062011.rvl
Directory.subfile.size=10558
Directory.subfile.md5=91479F3D6D1B84BBBBB8059462758613
Directory.subfile.filedate=1307598885
Directory.subfile.filedatetext=2011-06-08 23:54:45
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\08072011.rvl
Directory.subfile.size=8570
Directory.subfile.md5=FA4D530143975E411A495F9DE184CD63
Directory.subfile.filedate=1310170741
Directory.subfile.filedatetext=2011-07-08 18:19:01
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\09062011.rvl
Directory.subfile.size=4222
Directory.subfile.md5=28A95A91E455FF7475FA720107A87778
Directory.subfile.filedate=1307635466
Directory.subfile.filedatetext=2011-06-09 10:04:26
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\09072011.rvl
Directory.subfile.size=8634
Directory.subfile.md5=4D8495066453A2C1B4AB1A765AC662E6
Directory.subfile.filedate=1310269606
Directory.subfile.filedatetext=2011-07-09 21:46:45
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\10062011.rvl
Directory.subfile.size=5490
Directory.subfile.md5=29D26FFBF70B9FBBE1E088783FADB403
Directory.subfile.filedate=1307767214
Directory.subfile.filedatetext=2011-06-10 22:40:14
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\11062011.rvl
Directory.subfile.size=2684
Directory.subfile.md5=3385F771EC075EB618FB72A7CB6F673B
Directory.subfile.filedate=1307853137
Directory.subfile.filedatetext=2011-06-11 22:32:16
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\12062011.rvl
Directory.subfile.size=2160
Directory.subfile.md5=7B364FD6669F81494FB4A9CBABF84AB4
Directory.subfile.filedate=1307936353
Directory.subfile.filedatetext=2011-06-12 21:39:12
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\13062011.rvl
Directory.subfile.size=16846
Directory.subfile.md5=A29F9A0BE96B68C6D3D069FEDC5A8F57
Directory.subfile.filedate=1308026727
Directory.subfile.filedatetext=2011-06-13 22:45:27
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\14062011.rvl
Directory.subfile.size=5726
Directory.subfile.md5=D75908D16A6D9888AA7693449CA14A3C
Directory.subfile.filedate=1308101450
Directory.subfile.filedatetext=2011-06-14 19:30:49
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\15062011.rvl
Directory.subfile.size=2096
Directory.subfile.md5=295E9670A7DB3D4E46656CF898B42AFF
Directory.subfile.filedate=1308151257
Directory.subfile.filedatetext=2011-06-15 09:20:56
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\16062011.rvl
Directory.subfile.size=522
Directory.subfile.md5=8505AC30ACDD19B26947A8D53BE3A74B
Directory.subfile.filedate=1308208953
Directory.subfile.filedatetext=2011-06-16 01:22:33
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\17062011.rvl
Directory.subfile.size=7462
Directory.subfile.md5=783AC78551FB7AB80B45FE6A9F5B78CD
Directory.subfile.filedate=1308361871
Directory.subfile.filedatetext=2011-06-17 19:51:11
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\18062011.rvl
Directory.subfile.size=390
Directory.subfile.md5=5E76BF8E030495ACBA995E4A769545BB
Directory.subfile.filedate=1308404656
Directory.subfile.filedatetext=2011-06-18 07:44:16
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\19052011.rvl
Directory.subfile.size=4026
Directory.subfile.md5=92E2519A6F8C7436295968BCEC4DDE1B
Directory.subfile.filedate=1305848598
Directory.subfile.filedatetext=2011-05-19 17:43:17
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\19062011.rvl
Directory.subfile.size=182
Directory.subfile.md5=0F1F0849038F798E0BB39A97DE59A37E
Directory.subfile.filedate=1308547208
Directory.subfile.filedatetext=2011-06-19 23:20:08
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\20052011.rvl
Directory.subfile.size=7784
Directory.subfile.md5=13EC03F150F2183BECE6E630A2752CAB
Directory.subfile.filedate=1305944638
Directory.subfile.filedatetext=2011-05-20 20:23:57
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\20062011.rvl
Directory.subfile.size=21750
Directory.subfile.md5=B5D4F68FACAA55AE96A5A6C19295BA8C
Directory.subfile.filedate=1308629845
Directory.subfile.filedatetext=2011-06-20 22:17:24
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\21052011.rvl
Directory.subfile.size=37320
Directory.subfile.md5=2E0CB5BF20DCE25C1E1ED01A6F0A61BA
Directory.subfile.filedate=1306043159
Directory.subfile.filedatetext=2011-05-21 23:45:58
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\21062011.rvl
Directory.subfile.size=234
Directory.subfile.md5=2BB5C64827D16912A8B8F4C31708F70F
Directory.subfile.filedate=1308693941
Directory.subfile.filedatetext=2011-06-21 16:05:41
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\22052011.rvl
Directory.subfile.size=39166
Directory.subfile.md5=EF90DAE58F88B17F162FB1F7E074CB3D
Directory.subfile.filedate=1306130395
Directory.subfile.filedatetext=2011-05-22 23:59:55
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\23052011.rvl
Directory.subfile.size=33718
Directory.subfile.md5=FAF9DEBE738402C5F04CA521C50A4DE0
Directory.subfile.filedate=1306209905
Directory.subfile.filedatetext=2011-05-23 22:05:05
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\23062011.rvl
Directory.subfile.size=33212
Directory.subfile.md5=D4B6F02DDCBCBD83524B6AB5CC53158C
Directory.subfile.filedate=1308888215
Directory.subfile.filedatetext=2011-06-23 22:03:34
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\24052011.rvl
Directory.subfile.size=57394
Directory.subfile.md5=3B686441DEB59607C834620F49396117
Directory.subfile.filedate=1306297424
Directory.subfile.filedatetext=2011-05-24 22:23:44
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\24062011.rvl
Directory.subfile.size=2300
Directory.subfile.md5=0D3F62E8C8CA31334D97D1F044144134
Directory.subfile.filedate=1308967324
Directory.subfile.filedatetext=2011-06-24 20:02:04
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\25052011.rvl
Directory.subfile.size=32400
Directory.subfile.md5=1CDFFD18C1802D726A9116600A05621C
Directory.subfile.filedate=1306386458
Directory.subfile.filedatetext=2011-05-25 23:07:37
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\25062011.rvl
Directory.subfile.size=18570
Directory.subfile.md5=B72BC2258469B7AB5AF264A40C92250B
Directory.subfile.filedate=1309058968
Directory.subfile.filedatetext=2011-06-25 21:29:27
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\26052011.rvl
Directory.subfile.size=24708
Directory.subfile.md5=CD3537CC5C9EBEDA0C29561757E95746
Directory.subfile.filedate=1306475914
Directory.subfile.filedatetext=2011-05-26 23:58:33
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\27052011.rvl
Directory.subfile.size=27652
Directory.subfile.md5=91025A48268037E3F860A4A15BAFC17B
Directory.subfile.filedate=1306550026
Directory.subfile.filedatetext=2011-05-27 20:33:46
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\28052011.rvl
Directory.subfile.size=7230
Directory.subfile.md5=AFCC7FC2A5C9D337FAE9A3DE1EBFE330
Directory.subfile.filedate=1306631054
Directory.subfile.filedatetext=2011-05-28 19:04:14
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\29052011.rvl
Directory.subfile.size=5676
Directory.subfile.md5=D2BDEA941D56503A9320B4F531565136
Directory.subfile.filedate=1306725505
Directory.subfile.filedatetext=2011-05-29 21:18:25
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\30052011.rvl
Directory.subfile.size=13988
Directory.subfile.md5=C26232EA85663279D60201874EAFD1D8
Directory.subfile.filedate=1306811875
Directory.subfile.filedatetext=2011-05-30 21:17:55
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\30062011.rvl
Directory.subfile.size=7070
Directory.subfile.md5=E1757B2095F72D936AD3FFB2068CC2F0
Directory.subfile.filedate=1309469509
Directory.subfile.filedatetext=2011-06-30 15:31:48
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\data\M\31052011.rvl
Directory.subfile.size=752
Directory.subfile.md5=5F100678922F7B4BBB60EC71E83B3023
Directory.subfile.filedate=1306855836
Directory.subfile.filedatetext=2011-05-31 09:30:36

RevealerKeylogger: [SBI $7A115701] Program directory (Directory, nothing done)
C:\Documents and Settings\All Users\Datos de programa\rkfree\maps\
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\maps\3082
Directory.subfile.size=7172
Directory.subfile.md5=9D75FAF106E0C4DFE9DF0E58821ED11E
Directory.subfile.filedate=1305843498
Directory.subfile.filedatetext=2011-05-19 16:18:18
Directory.subfile=C:\Documents and Settings\All Users\Datos de programa\rkfree\maps\4106
Directory.subfile.size=7172
Directory.subfile.md5=5F9479DF6E49B2451DAF44959D796225
Directory.subfile.filedate=1305843032
Directory.subfile.filedatetext=2011-05-19 16:10:32

RevealerKeylogger: [SBI $0BDC3C5D] Program directory (Directory, nothing done)
C:\Archivos de programa\RKFree\
Directory.subfile=C:\Archivos de programa\RKFree\rkfree.exe
Directory.subfile.size=70144
Directory.subfile.md5=835D411F8EBAF8F54111784E32318BA6
Directory.subfile.filedate=1305842974
Directory.subfile.filedatetext=2011-05-19 16:09:34

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Documents and Settings\M\Datos de programa\Macromedia\Flash Player\#SharedObjects\DX7ZF6UE\es.mg41.mail.yahoo.com\cookies.sol
Properties.size=67
Properties.md5=703F196989C8E131AFDD521B6A377C71
Properties.filedate=1310360277
Properties.filedatetext=2011-07-10 22:57:57

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Documents and Settings\M\Datos de programa\Macromedia\Flash Player\#SharedObjects\DX7ZF6UE\mail.google.com\wakeup.sol
Properties.size=37
Properties.md5=9A8B669D78B18C8C422C68AADF21639B
Properties.filedate=1310414197
Properties.filedatetext=2011-07-11 13:56:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Documents and Settings\M\Datos de programa\Macromedia\Flash Player\#SharedObjects\DX7ZF6UE\s.ytimg.com\soundData.sol
Properties.size=49
Properties.md5=F2945B8419B125F71FC8FD7CDDB59948
Properties.filedate=1310362368
Properties.filedatetext=2011-07-10 23:32:48

Common Dialogs: [SBI $7F76510F] History (10 files) (Registry Key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: [SBI $7F76510F] Activity: SchedLgU.Txt (File, nothing done)
C:\WINDOWS\SchedLgU.Txt
Properties.size=32438
Properties.md5=CF650189C8ECC3ED39A3F6CB394E057E
Properties.filedate=1310408663
Properties.filedatetext=2011-07-11 12:24:23

Log: [SBI $7F76510F] Install: setupapi.log (File, nothing done)
C:\WINDOWS\setupapi.log
Properties.size=1022
Properties.md5=4E0121718B6B52E04B61B2EFDA1DF89D
Properties.filedate=1310406880
Properties.filedatetext=2011-07-11 11:54:40

Log: [SBI $7F76510F] Shutdown: System32\wbem\logs\wbemess.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log
Properties.size=45206
Properties.md5=4684C79228295D32FCF382925D3BEA59
Properties.filedate=1310411854
Properties.filedatetext=2011-07-11 13:17:34

Log: [SBI $7F76510F] Shutdown: System32\wbem\logs\wbemprox.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log
Properties.size=7452
Properties.md5=66DB75159D0EB263B65AADBD81B94879
Properties.filedate=1310408114
Properties.filedatetext=2011-07-11 12:15:14

Log: [SBI $7F76510F] Shutdown: System32\wbem\logs\wmiprov.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log
Properties.size=565
Properties.md5=1E41DCCE269865F4DA18E7941885ECCA
Properties.filedate=1310407073
Properties.filedatetext=2011-07-11 11:57:52

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 12.0 (Excel): [SBI $546355D5] Recent Cartel List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Office\12.0\Excel\File MRU

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\WinRAR\ArcHistory

WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\WinRAR\General\LastFolder

WinRAR: [SBI $B510882E] Extraction directory history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\WinRAR\DialogEditHistory\ExtrPath

WinZip: [SBI $1059E532] Number of times run (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Nico Mak Computing\WinZip\rrs\Opened

Cookie: [SBI $49804B54] Browser: Cookie (5) (Browser: Cookie, nothing done)


History: [SBI $49804B54] Browser: History (16) (Browser: History, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)


History: [SBI $49804B54] Browser: History (31) (Browser: History, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (177) (Browser: Cookie, nothing done)

--- Spybot - Search & Destroy version: 2.0.4.131 DLL (build: 20110706) ---

:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.



Sorry for the delay but we get quite busy most times, please reply to this thread only by using the SUBMIT REPLY and do not start any new topics



Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)


Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please

ken545: Thank you in advance, here is the report:


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7182

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

17/07/2011 09:33:12 p.m.
mbam-log-2011-07-17 (21-33-11).txt

Scan type: Quick scan
Objects scanned: 166631
Time elapsed: 10 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Lets check further

Please download ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1) by Atribune to your desktop.

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.Your system may start up slower after running ATF Cleaner, this is expected but will be back to normal after the first or second boot up
Please note: If you use online banking or are registered online with any other organizations, ensure you have memorized password and other personal information as removing cookies will temporarily disable the auto-login facility.





Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
http://public.avast.com/~gmerek/aswMBR1.png

On completion of the scan click save log, save it to your desktop and post in your next reply
http://public.avast.com/~gmerek/aswMBR2.png

aswMBR version 0.9.7.777 Copyright(c) 2011 AVAST Software
Run date: 2011-07-18 22:41:06
-----------------------------
22:41:06.468 OS Version: Windows 5.1.2600 Service Pack 2
22:41:06.468 Number of processors: 1 586 0xD08
22:41:06.468 ComputerName: MFP-DELL UserName: M
22:41:08.421 Initialize success
22:41:10.625 AVAST engine defs: 11071800
22:41:40.234 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:41:40.234 Disk 0 Vendor: Hitachi_HTS541060G9AT00 MB3OA61A Size: 55796MB BusType: 3
22:41:40.281 Disk 0 MBR read successfully
22:41:40.281 Disk 0 MBR scan
22:41:40.328 Disk 0 unknown MBR code
22:41:40.375 Disk 0 scanning sectors +114254280
22:41:40.562 Disk 0 scanning C:\WINDOWS\system32\drivers
22:42:01.187 Service scanning
22:42:03.859 Disk 0 trace - called modules:
22:42:03.953 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
22:42:03.953 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83197ab8]
22:42:03.953 3 CLASSPNP.SYS[f861305b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x831997f8]
22:42:04.593 AVAST engine scan C:\WINDOWS
22:42:11.921 AVAST engine scan C:\WINDOWS\system32
22:45:21.437 AVAST engine scan C:\WINDOWS\system32\drivers
22:46:12.921 AVAST engine scan C:\Documents and Settings\M
22:46:49.515 File: C:\Documents and Settings\M\Configuración local\Datos de programa\Google\Google Talk Plugin\googletalkplugin.exe **INFECTED** Win32:Downloader-IQK [Trj]
22:48:19.250 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\M\Escritorio\MBR.dat"
22:48:19.531 The log file has been saved successfully to "C:\Documents and Settings\M\Escritorio\aswMBR.txt"

Looks fine, run this quick scanner and post the log

OTL by OldTimer

Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

OTL logfile created on: 19/07/2011 05:12:54 p.m. - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\M\Escritorio
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000100A | Country: Guatemala | Language: ESG | Date Format: dd/MM/yyyy

503.37 Mb Total Physical Memory | 319.34 Mb Available Physical Memory | 63.44% Memory free
1.20 Gb Paging File | 0.79 Gb Available in Paging File | 65.66% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 54.48 Gb Total Space | 15.06 Gb Free Space | 27.64% Space Free | Partition Type: NTFS
Drive E: | 23.73 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MFP-DELL | User Name: M | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

=== Processes (SafeList) ===

PRC - C:\Documents and Settings\M\Escritorio\OTL.exe (OldTimer Tools)
PRC - C:\Archivos de programa\Spybot - Search & Destroy 2\SDHookSvc.exe (Safer-Networking Ltd.)
PRC - C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Archivos de programa\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Archivos de programa\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Archivos de programa\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\WINDOWS\system32\ChgService.exe ()
PRC - C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Archivos de programa\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation)
PRC - C:\Archivos de programa\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)


=== Modules (SafeList) ===

MOD - C:\Documents and Settings\M\Escritorio\OTL.exe (OldTimer Tools)
MOD - C:\Archivos de programa\Spybot - Search & Destroy 2\SDHook32.dll (Safer-Networking Ltd.)
MOD - C:\Archivos de programa\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\credui.dll (Microsoft Corporation)


=== Win32 Services (SafeList) ===

SRV - (WMPNetworkSvc) -- File not found
SRV - (SDHookService) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDHookSvc.exe (Safer-Networking Ltd.)
SRV - (SDUpdateService) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
SRV - (SDScannerService) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
SRV - (avast! Firewall) -- C:\Archivos de programa\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (ServiceLayer) -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Change Modem Device Service) -- C:\WINDOWS\System32\ChgService.exe ()
SRV - (odserv) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (IDriverT) -- C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (WLANKEEPER) -- C:\Archivos de programa\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation)


=== Driver Services (SafeList) ===

DRV - (SDHookDriver) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDHookDrv32.sys ()
DRV - (aswFW) -- C:\WINDOWS\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswNdis2) -- C:\WINDOWS\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswNdis) -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys (ALWIL Software)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (SASKUTIL) -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Archivos de programa\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (cmnsusbser) -- C:\WINDOWS\system32\drivers\cmnsusbser.sys (Mobile Connector)
DRV - (CamSuiteVAC) -- C:\WINDOWS\system32\drivers\CamSuiteVAC.sys ()
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (SASENUM) -- C:\Archivos de programa\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (PAC207) -- C:\WINDOWS\system32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w29n51) Controlador de la Conexión de red Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (IWCA) -- C:\WINDOWS\system32\drivers\iwca.sys (Intel Corporation)
DRV - (DIGIRPS) -- C:\WINDOWS\system32\drivers\digirlpt.sys (Digi International, Inc.)


=== Standard Registry (SafeList) ===


=== Internet Explorer ===

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\..\URLSearchHook: {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.searchcompletion.com/?si=10197&home=1
IE - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.searchcompletion.com/?si=10197&home=1
IE - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=127.0.0.1:4021

=== FireFox ===


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ei.OurBabyMaker_27.com/Plugin: C:\Archivos de programa\OurBabyMaker_27EI\Installr\2.bin\NP27EISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Archivos de programa\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Archivos de programa\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Archivos de programa\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\LSNPAPI: File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\M\Datos de programa\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Datos de programa\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/04/10 14:52:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/04 20:47:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Archivos de programa\AVAST Software\Avast\WebRep\FF [2011/07/08 18:23:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2011/07/07 22:01:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2011/07/07 22:01:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@easy-hide-ip.com: C:\Archivos de programa\Easy-Hide-IP\ff-extension

[2009/04/10 10:55:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\M\Datos de programa\Mozilla\Extensions
[2009/04/10 10:55:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\M\Datos de programa\Mozilla\Extensions\mozswing@mozswing.org
[2011/07/18 22:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\M\Datos de programa\Mozilla\Firefox\Profiles\o1ov1ejt.default\extensions
[2011/07/16 18:55:31 | 000,000,000 | ---D | M] (AddThis) -- C:\Documents and Settings\M\Datos de programa\Mozilla\Firefox\Profiles\o1ov1ejt.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2009/03/02 10:44:16 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\M\Datos de programa\Mozilla\Firefox\Profiles\o1ov1ejt.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}(2)
[2009/12/02 22:28:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\M\Datos de programa\Mozilla\Firefox\Profiles\o1ov1ejt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2011/07/07 10:36:53 | 000,000,000 | ---D | M] (Awesome screenshot: Capture and Annotate) -- C:\Documents and Settings\M\Datos de programa\Mozilla\Firefox\Profiles\o1ov1ejt.default\extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack
[2011/07/03 20:16:36 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2010/04/22 20:08:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/23 08:26:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/11 23:36:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/28 15:50:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/16 22:56:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/19 23:41:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/06/15 22:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Archivos de programa\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 02:00:00 | 000,002,252 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\bing.xml
[2011/04/09 22:31:58 | 000,003,195 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\Complitly.xml
[2011/04/09 22:31:41 | 000,002,048 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\fcmdSrchaudio.xml

O1 HOSTS File: ([2011/05/11 10:44:51 | 000,434,684 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 14961 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SDHelper) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Archivos de programa\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Archivos de programa\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Archivos de programa\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Archivos de programa\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-790525478-1425521274-1801674531-1003..\Run: [Mobile Partner] C:\Archivos de programa\Internet Movil\Internet Movil.exe ()
O4 - HKU\S-1-5-21-790525478-1425521274-1801674531-1003..\Run: [PC Suite Tray] C:\Archivos de programa\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Expression\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212258837656 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212612815562 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Archivos de programa\Intel\Wireless\Bin\LgNotify.dll - C:\Archivos de programa\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - SDWinLogon.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/23 13:49:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007/11/13 01:41:52 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{1542183c-4c5d-11e0-a0c1-f6abaf7209eb}\Shell - "" = AutoRun
O33 - MountPoints2\{1542183c-4c5d-11e0-a0c1-f6abaf7209eb}\Shell\AutoRun\command - "" = F:\iStudio.exe
O33 - MountPoints2\{1a11f1ec-a72c-11df-9f1e-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{1a11f1ec-a72c-11df-9f1e-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{1a11f1ef-a72c-11df-9f1e-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{1a11f1ef-a72c-11df-9f1e-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{1a11f1f1-a72c-11df-9f1e-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{1a11f1f1-a72c-11df-9f1e-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{1a11f1f5-a72c-11df-9f1e-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{1a11f1f5-a72c-11df-9f1e-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{1a11f1f7-a72c-11df-9f1e-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{1a11f1f7-a72c-11df-9f1e-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{1de2f696-5479-11df-9e4e-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{1de2f696-5479-11df-9e4e-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{46d58351-e84c-11de-9d4f-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{46d58351-e84c-11de-9d4f-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{4f5f1371-6568-11e0-a0fc-afd11c5d1e93}\Shell - "" = AutoRun
O33 - MountPoints2\{4f5f1371-6568-11e0-a0fc-afd11c5d1e93}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{63e045f4-7f61-11e0-a136-89eefc3cf1f1}\Shell - "" = AutoRun
O33 - MountPoints2\{63e045f4-7f61-11e0-a136-89eefc3cf1f1}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{669792a4-2e60-11e0-a07a-b0cadeccb1eb}\Shell - "" = AutoRun
O33 - MountPoints2\{669792a4-2e60-11e0-a07a-b0cadeccb1eb}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{8b749dbf-a819-11e0-afdd-90909c552d7c}\Shell - "" = AutoRun
O33 - MountPoints2\{8b749dbf-a819-11e0-afdd-90909c552d7c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{b117d9bc-a943-11df-9f27-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{b117d9bc-a943-11df-9f27-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{b117d9bf-a943-11df-9f27-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{b117d9bf-a943-11df-9f27-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{b117d9c1-a943-11df-9f27-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{b117d9c1-a943-11df-9f27-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{b117d9c2-a943-11df-9f27-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{b117d9c2-a943-11df-9f27-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c0157fe0-a7c3-11df-9f21-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{c0157fe0-a7c3-11df-9f21-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c4eeb233-da93-11de-9d21-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{c4eeb233-da93-11de-9d21-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{d9021468-a7c4-11df-9f22-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{d9021468-a7c4-11df-9f22-0013cef65285}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fd96b406-356d-11df-9e04-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{fd96b406-356d-11df-9e04-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{fd96b409-356d-11df-9e04-0013cef65285}\Shell - "" = AutoRun
O33 - MountPoints2\{fd96b409-356d-11df-9e04-0013cef65285}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/01/22 11:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

=== Files/Folders - Created Within 30 Days ===

[2011/07/18 22:39:14 | 001,913,344 | ---- | C] (AVAST Software) -- C:\Documents and Settings\M\Escritorio\aswMBR.exe
[2011/07/18 22:36:36 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\M\Escritorio\ATF-Cleaner.exe
[2011/07/17 14:45:22 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\COWON
[2011/07/17 14:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\jetAudio
[2011/07/16 23:48:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\M\Recent
[2011/07/16 20:45:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\M\Mis documentos\VirtualDJ
[2011/07/12 00:30:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Temp
[2011/07/12 00:30:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Datos de programa\Adobe
[2011/07/12 00:30:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Adobe
[2011/07/11 13:16:56 | 000,000,000 | ---D | C] -- C:\ProcAlyzer Dumps
[2011/07/11 11:42:13 | 000,607,017 | R--- | C] (Swearware) -- C:\Documents and Settings\M\Escritorio\dds.scr
[2011/07/11 11:39:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\ERUNT
[2011/07/11 11:39:06 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ERUNT
[2011/07/11 11:38:22 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\M\Escritorio\erunt-setup.exe
[2011/07/11 11:25:39 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\M\Escritorio\OTL.exe
[2011/07/11 11:18:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Rootkit Unhooker LE
[2011/07/11 11:17:41 | 000,000,000 | ---D | C] -- C:\Archivos de programa\RkU3.8.388.590
[2011/07/11 10:39:49 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/11 10:39:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes' Anti-Malware
[2011/07/11 10:39:30 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/11 10:39:30 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
[2011/07/10 23:24:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\M\Escritorio\CARROS
[2011/07/10 22:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/07/10 18:40:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Spybot - Search & Destroy 2
[2011/07/10 18:40:42 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\System32\sdnclean.exe
[2011/07/10 18:40:34 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Spybot - Search & Destroy 2
[2011/07/10 18:19:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\M\Configuración local\Datos de programa\PackageAware
[2011/07/10 18:09:38 | 000,015,592 | ---- | C] (Dll-Files.com) -- C:\WINDOWS\System32\roboot.exe
[2011/07/10 18:09:28 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\framedyn.dll
[2011/07/10 15:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\M\Datos de programa\VSRevoGroup
[2011/07/10 12:37:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\M\Datos de programa\DriverCure
[2011/07/10 12:37:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\M\Datos de programa\ParetoLogic
[2011/07/10 12:31:02 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\ParetoLogic
[2011/07/10 12:30:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\ParetoLogic
[2011/07/10 12:30:48 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ParetoLogic
[2011/07/10 12:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\M\Escritorio\DANIEL
[2011/07/08 00:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\M\Configuración local\Datos de programa\PlanetWerks
[2011/07/07 23:29:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\M\Configuración local\Datos de programa\Airfield Mayhem
[2011/07/07 22:00:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\QuickTime
[2011/07/07 21:59:19 | 000,000,000 | ---D | C] -- C:\Archivos de programa\QuickTime
[2011/07/07 21:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Apple Computer
[2011/07/07 19:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Adobe
[2011/07/07 19:50:46 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2011/07/07 19:50:46 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\digirlpt.dll
[2011/07/07 19:50:46 | 000,042,624 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\drivers\digirlpt.sys
[2011/07/07 19:50:46 | 000,042,624 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2011/07/07 12:15:32 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Apple Software Update
[2011/07/06 20:46:33 | 000,000,000 | ---D | C] -- C:\Archivos de programa\VS Revo Group
[2011/07/06 20:46:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\M\Menú Inicio\Programas\Revo Uninstaller
[2011/07/02 15:10:29 | 001,030,024 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\M\Escritorio\SkypeSetup.exe
[2011/06/20 22:26:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\CCleaner
[2011/06/20 14:12:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\avast! Internet Security
[2011/06/20 14:12:34 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/06/20 14:12:34 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/06/20 14:12:30 | 000,103,384 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011/06/20 14:11:35 | 000,194,264 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011/06/20 14:11:35 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/06/20 14:11:34 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/06/20 14:11:33 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/06/20 14:11:32 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/06/20 14:11:32 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/06/20 14:11:32 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/06/20 14:10:01 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2011/06/20 14:09:59 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/06/20 14:09:58 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/06/20 14:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\AVAST Software
[2011/06/20 14:09:03 | 000,000,000 | ---D | C] -- C:\Archivos de programa\AVAST Software
[2011/06/19 23:43:00 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Java
[2011/06/19 23:41:37 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/19 23:41:36 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/19 23:41:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/19 23:41:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2008/05/31 12:47:56 | 002,585,872 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\WindowsInstaller-KB893803-v2-x86.exe
[2008/05/27 17:00:22 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\PHOTOED.EXE
[2008/05/27 17:00:22 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\TEXTURIZ.DLL
[2008/05/27 17:00:22 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\STAINEDG.DLL
[2008/05/27 17:00:22 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\WATERCOL.DLL
[2008/05/27 17:00:22 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\CHALKCHA.DLL
[2008/05/27 17:00:22 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\NOTEPAPE.DLL
[2008/05/27 17:00:22 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\STAMP.DLL
[2008/05/27 17:00:22 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\GRAPHICP.DLL
[2008/05/27 17:00:22 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Archivos de programa\EMBOSS.DLL
[2006/11/28 16:16:56 | 000,274,432 | ---- | C] (Datasoft Ltd.) -- C:\Archivos de programa\stripmail.exe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

=== Files - Modified Within 30 Days ===

[2011/07/19 16:31:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\Comprobar actualizaciones de Windows Live Toolbar.job
[2011/07/19 16:24:15 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/19 15:25:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\update-sys.job
[2011/07/19 15:24:10 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/19 14:56:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\update-S-1-5-21-790525478-1425521274-1801674531-1003.job
[2011/07/19 09:47:10 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-790525478-1425521274-1801674531-1003.job
[2011/07/19 09:47:09 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-790525478-1425521274-1801674531-1006.job
[2011/07/19 09:47:09 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/07/19 09:46:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/18 22:48:19 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\M\Escritorio\MBR.dat
[2011/07/18 22:40:51 | 001,913,344 | ---- | M] (AVAST Software) -- C:\Documents and Settings\M\Escritorio\aswMBR.exe
[2011/07/18 22:36:52 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\M\Escritorio\ATF-Cleaner.exe
[2011/07/18 20:08:52 | 000,210,432 | ---- | M] () -- C:\Documents and Settings\M\Escritorio\TestTibetano_1.pps
[2011/07/18 10:24:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/17 18:00:13 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/07/17 09:37:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-790525478-1425521274-1801674531-1006.job
[2011/07/17 09:30:51 | 000,313,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/16 11:37:49 | 002,542,080 | ---- | M] () -- C:\Documents and Settings\M\Escritorio\Leopard (X).PPS
[2011/07/15 17:13:07 | 000,006,246 | ---- | M] () -- C:\Documents and Settings\M\Mis documentos\princesatresojos1922785577.xml
[2011/07/15 15:36:29 | 002,597,281 | ---- | M] () -- C:\Documents and Settings\M\Mis documentos\leonkarla1630736252.xml
[2011/07/14 21:18:31 | 000,062,976 | ---- | M] () -- C:\Documents and Settings\M\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/12 13:56:38 | 000,126,241 | ---- | M] () -- C:\Documents and Settings\M\Mis documentos\CV Juan Carlos Ortega.pdf
[2011/07/12 13:24:33 | 000,011,109 | ---- | M] () -- C:\Documents and Settings\M\Escritorio\Contrato Privado de SEL Segunda Clave.pdf
[2011/07/11 13:16:32 | 000,000,314 | RHS- | M] () -- C:\boot.ini
[2011/07/11 12:55:12 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2011/07/11 12:34:43 | 000,004,798 | ---- | M] () -- C:\Documents and Settings\M\Escritorio\attach.zip
[2011/07/11 11:42:17 | 000,607,017 | R--- | M] (Swearware) -- C:\Documents and Settings\M\Escritorio\dds.scr
[2011/07/11 11:38:29 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\M\Escritorio\erunt-setup.exe
[2011/07/11 11:25:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\M\Escritorio\OTL.exe
[2011/07/11 08:36:07 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/10 21:46:33 | 000,001,360 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/07/10 21:41:44 | 000,006,714 | ---- | M] () -- C:\WINDOWS\Jelly.ini
[2011/07/10 12:31:34 | 000,000,454 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/07/08 18:23:54 | 000,002,957 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/07/07 20:11:34 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\M\Mis documentos\litoorellana110942785.xml
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/06 08:50:52 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-790525478-1425521274-1801674531-1003.job
[2011/07/06 08:08:35 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/07/05 13:30:38 | 000,038,439 | ---- | M] () -- C:\Documents and Settings\M\Mis documentos\lgb881128038116.xml
[2011/07/04 05:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/07/04 05:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/07/04 05:37:33 | 000,103,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011/07/04 05:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/07/04 05:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/07/04 05:36:18 | 000,194,264 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011/07/04 05:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/07/04 05:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/07/04 05:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/07/04 05:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/07/04 05:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/07/04 05:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/07/02 15:10:48 | 001,030,024 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\M\Escritorio\SkypeSetup.exe
[2011/07/02 15:08:16 | 000,037,419 | ---- | M] () -- C:\Documents and Settings\M\Escritorio\All My Faves _ Free Online Flash Games _ Category_ Kids Games.htm
[2011/06/24 20:04:19 | 000,013,893 | ---- | M] () -- C:\Documents and Settings\M\Mis documentos\mishaboutique420805931.xml
[2011/06/23 11:01:47 | 000,148,753 | ---- | M] () -- C:\Documents and Settings\M\Mis documentos\moy180863556017.xml
[2011/06/19 22:20:06 | 000,000,019 | ---- | M] () -- C:\Documents and Settings\M\Mis documentos\Liberar.vbe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

=== Files Created - No Company Name ===

[2011/07/18 22:48:19 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\M\Escritorio\MBR.dat
[2011/07/18 20:08:50 | 000,210,432 | ---- | C] () -- C:\Documents and Settings\M\Escritorio\TestTibetano_1.pps
[2011/07/16 11:37:00 | 002,542,080 | ---- | C] () -- C:\Documents and Settings\M\Escritorio\Leopard (X).PPS
[2011/07/14 20:40:58 | 000,006,246 | ---- | C] () -- C:\Documents and Settings\M\Mis documentos\princesatresojos1922785577.xml
[2011/07/12 13:56:37 | 000,126,241 | ---- | C] () -- C:\Documents and Settings\M\Mis documentos\CV Juan Carlos Ortega.pdf
[2011/07/12 13:23:47 | 000,011,109 | ---- | C] () -- C:\Documents and Settings\M\Escritorio\Contrato Privado de SEL Segunda Clave.pdf
[2011/07/11 12:34:43 | 000,004,798 | ---- | C] () -- C:\Documents and Settings\M\Escritorio\attach.zip
[2011/07/11 00:11:55 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2011/07/10 18:40:54 | 000,001,905 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Spybot-S&D Start Center.lnk
[2011/07/10 18:23:16 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/07/10 12:37:52 | 000,000,480 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/07/10 12:31:32 | 000,000,454 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/07/08 00:03:54 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\M\Menú Inicio\Programas\PlanetWerks.lnk
[2011/07/07 23:29:28 | 000,002,205 | ---- | C] () -- C:\Documents and Settings\M\Menú Inicio\Programas\Airfield Mayhem.lnk
[2011/07/07 20:11:34 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\M\Mis documentos\litoorellana110942785.xml
[2011/07/07 12:15:59 | 000,000,298 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/07 12:15:47 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Apple Software Update.lnk
[2011/07/05 13:30:38 | 000,038,439 | ---- | C] () -- C:\Documents and Settings\M\Mis documentos\lgb881128038116.xml
[2011/07/03 20:17:34 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Mozilla Firefox.lnk
[2011/07/02 15:07:34 | 000,037,419 | ---- | C] () -- C:\Documents and Settings\M\Escritorio\All My Faves _ Free Online Flash Games _ Category_ Kids Games.htm
[2011/06/24 20:04:19 | 000,013,893 | ---- | C] () -- C:\Documents and Settings\M\Mis documentos\mishaboutique420805931.xml
[2011/06/20 22:07:53 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011/06/18 11:51:08 | 000,004,416 | ---- | C] () -- C:\Documents and Settings\M\Datos de programa\CamStudio.cfg
[2011/06/10 21:41:42 | 000,037,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamSuiteVAC.sys
[2011/06/10 21:37:25 | 000,000,399 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2011/06/10 21:37:06 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2011/04/09 22:30:14 | 000,000,281 | ---- | C] () -- C:\WINDOWS\MP3Org.ini
[2011/03/27 19:11:54 | 000,214,616 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat
[2011/02/01 16:21:45 | 007,839,744 | ---- | C] () -- C:\Archivos de programa\Nokia_Connectivity_Cable_Driver_spa_co.msi
[2010/08/10 23:21:57 | 000,737,411 | ---- | C] () -- C:\Archivos de programa\Photo Editor.rar
[2010/03/16 10:59:40 | 000,000,045 | ---- | C] () -- C:\WINDOWS\lifeview.ini
[2010/03/09 21:19:15 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/09 21:19:15 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/09 21:19:15 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/03/09 21:19:15 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/09 21:19:15 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/11/24 01:12:33 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\ChgService.exe
[2009/11/04 11:03:26 | 000,000,150 | ---- | C] () -- C:\WINDOWS\MetroTimer.ini
[2009/11/04 10:11:02 | 000,000,033 | ---- | C] () -- C:\WINDOWS\UnitConverter.ini
[2009/10/25 08:50:16 | 000,014,385 | ---- | C] () -- C:\WINDOWS\TW561a.ini
[2009/08/04 17:11:18 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/07/02 09:32:49 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2009/02/05 20:55:51 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS3w.DLL
[2008/12/03 11:37:59 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDELX300+II_Eu.ini
[2008/11/15 17:38:00 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2008/10/17 13:08:37 | 000,000,483 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/08/07 17:58:42 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/07/04 23:40:39 | 000,000,157 | ---- | C] () -- C:\WINDOWS\System32\Monitored3.dat
[2008/07/04 23:40:30 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\ciadvss.exe
[2008/06/27 15:29:16 | 000,096,032 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/06/25 16:55:15 | 000,001,360 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/06/25 16:38:07 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2008/06/25 16:38:07 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2008/06/25 16:38:07 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2008/06/25 16:38:07 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2008/06/22 17:14:29 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\RunSetup.dll
[2008/05/27 17:00:22 | 000,009,902 | ---- | C] () -- C:\Archivos de programa\PHOTOED.SRG
[2008/05/27 16:48:54 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008/05/26 12:13:26 | 000,000,266 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/05/25 22:41:13 | 000,000,433 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/05/25 21:48:58 | 000,006,714 | ---- | C] () -- C:\WINDOWS\Jelly.ini
[2008/05/25 15:51:31 | 000,062,976 | ---- | C] () -- C:\Documents and Settings\M\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/23 22:01:13 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/05/23 20:20:31 | 000,002,009 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/05/23 20:03:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/05/23 16:58:20 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008/05/23 15:06:15 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2008/05/23 13:52:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/05/23 13:44:50 | 000,021,900 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/05/23 06:29:12 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/05/23 06:27:38 | 000,313,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/05/02 16:38:24 | 000,072,444 | ---- | C] () -- C:\WINDOWS\SetBrowser.exe
[2006/05/02 16:38:24 | 000,000,748 | ---- | C] () -- C:\WINDOWS\SetBrowser.ini
[2005/09/11 13:08:36 | 000,548,352 | ---- | C] () -- C:\WINDOWS\System32\imgdecoder.dll
[2004/10/07 05:50:50 | 000,072,704 | ---- | C] () -- C:\WINDOWS\System32\zlibwapi.dll
[2004/08/19 07:58:52 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/19 07:42:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/02 06:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/09/23 06:14:42 | 001,099,264 | ---- | C] () -- C:\WINDOWS\System32\cygxml2-2.dll
[2003/08/10 08:59:20 | 000,980,992 | ---- | C] () -- C:\WINDOWS\System32\cygiconv-2.dll
[2003/08/08 18:28:16 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2001/10/06 05:58:36 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/10/06 05:58:34 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/09/13 12:25:00 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\geOTraySpy.dll
[2001/08/24 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/24 04:00:00 | 000,499,094 | ---- | C] () -- C:\WINDOWS\System32\perfh00A.dat
[2001/08/24 04:00:00 | 000,435,594 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/24 04:00:00 | 000,317,534 | ---- | C] () -- C:\WINDOWS\System32\perfi00A.dat
[2001/08/24 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/24 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/24 04:00:00 | 000,086,962 | ---- | C] () -- C:\WINDOWS\System32\perfc00A.dat
[2001/08/24 04:00:00 | 000,068,490 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/24 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/24 04:00:00 | 000,036,284 | ---- | C] () -- C:\WINDOWS\System32\perfd00A.dat
[2001/08/24 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/24 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

=== LOP Check ===

[2009/03/13 11:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\acccore
[2011/02/02 13:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\agi
[2009/12/25 13:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\AIM
[2011/06/20 14:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\AVAST Software
[2008/05/25 22:34:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Datos de programa\CanonBJ
[2008/05/23 17:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ESET
[2011/03/27 13:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Installations
[2011/06/09 01:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\install_clap
[2008/06/29 18:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\LogMeIn
[2011/03/27 19:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\NokiaMusic
[2011/07/10 12:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ParetoLogic
[2011/03/27 14:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PC Suite
[2011/06/09 07:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PDVD
[2011/05/19 16:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\rkfree
[2008/05/25 22:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ScanSoft
[2008/07/04 10:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Simply Super Software
[2009/05/20 13:16:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Tarma Installer
[2011/06/09 01:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
[2011/05/15 22:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Viewpoint
[2009/04/10 15:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\WinZip
[2011/07/10 22:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/04/09 22:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Datos de programa\GIRDAC
[2008/11/15 17:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\acccore
[2011/02/02 14:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\AGI
[2011/03/30 10:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Aim
[2011/06/24 13:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Any Video Converter
[2009/10/12 20:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\asoftech
[2010/03/19 13:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\BSW
[2008/07/18 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Canon
[2010/04/06 09:39:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\CasinoOnNet
[2008/07/02 08:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/07/17 14:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\COWON
[2011/07/10 12:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\DriverCure
[2011/06/15 09:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\DVDVideoSoft
[2010/03/22 14:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Facebook
[2009/10/12 21:23:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Flash Undelete Software
[2008/11/23 14:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Flickr
[2010/05/09 22:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\full phat
[2011/04/09 22:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\GIRDAC
[2009/02/14 15:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Leawo
[2010/12/12 22:40:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\LimeWire
[2009/02/13 21:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Moyea
[2011/03/27 17:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Nokia
[2011/07/08 15:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Opera
[2011/07/10 12:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\ParetoLogic
[2011/03/27 14:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\PC Suite
[2008/05/25 22:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\ScanSoft
[2009/10/03 10:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Search Settings
[2008/07/04 10:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Simply Super Software
[2011/07/10 22:12:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Uniblue
[2011/07/10 15:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\VSRevoGroup
[2011/02/13 09:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\Webshots
[2011/02/02 14:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M\Datos de programa\WebshotsDailyFeatures.D47BD63EE77CC0AC7AE23BFA386A3F1EDA7C080D.1
[2011/07/11 12:55:12 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
[2011/07/19 16:31:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job
[2011/07/17 18:00:13 | 000,000,480 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration3.job
[2011/07/10 12:31:34 | 000,000,454 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
[2011/07/19 09:47:09 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job
[2011/07/19 14:56:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\update-S-1-5-21-790525478-1425521274-1801674531-1003.job
[2011/07/19 15:25:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\update-sys.job

=== Purity Check ===



=== Alternate Data Streams ===

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:A73B0434
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:9C385FAC
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:CB0AACC9

End of report

OTL Extras logfile created on: 19/07/2011 05:12:55 p.m. - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\M\Escritorio
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000100A | Country: Guatemala | Language: ESG | Date Format: dd/MM/yyyy

503.37 Mb Total Physical Memory | 319.34 Mb Available Physical Memory | 63.44% Memory free
1.20 Gb Paging File | 0.79 Gb Available in Paging File | 65.66% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 54.48 Gb Total Space | 15.06 Gb Free Space | 27.64% Space Free | Partition Type: NTFS
Drive E: | 23.73 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MFP-DELL | User Name: M | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Archivos de programa\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.reg [@ = regfile] -- regedit.exe "%1"

[HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Archivos de programa\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Archivos de programa\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Archivos de programa\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1"
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Archivos de programa\Opera\opera.exe" = C:\Archivos de programa\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Archivos de programa\Skype\Plugin Manager\skypePM.exe" = C:\Archivos de programa\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Archivos de programa\LimeWire\LimeWire.exe" = C:\Archivos de programa\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Archivos de programa\Google\Google Talk\googletalk.exe" = C:\Archivos de programa\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Documents and Settings\M\Escritorio\FLVPlayerSetup.exe" = C:\Documents and Settings\M\Escritorio\FLVPlayerSetup.exe:*:Enabled:InstallCore™
"C:\Documents and Settings\M\Escritorio\Setup-MsgPlus-501.exe" = C:\Documents and Settings\M\Escritorio\Setup-MsgPlus-501.exe:*:Enabled:InstallCore™
"C:\Archivos de programa\Spybot - Search & Destroy 2\SDTray.exe" = C:\Archivos de programa\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Archivos de programa\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Archivos de programa\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{09F55516-AC75-43EA-8127-292E5A28B7DF}" = Monster Trux Extreme - Offroad Edition
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1800_series" = Canon iP1800 series
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1AAF80F4-D21B-4E86-81E4-BE18338BE4CF}" = Adobe PDF JobReady Client
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1EE88B84-7BE5-4FB5-8DEA-B81D5409D62E}" = Opera 11.00
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{29D851C2-048C-4B5E-8D1F-25D473342BB5}" = ScanSoft OmniPage SE 4.0
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D826618-59C6-11D4-976E-00C04F8EEB39}" = Macromedia FreeHand 10
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{69C1F0AC-2017-46B2-9DC9-ED880CDF4E40}" = Administrative Templates for Windows XP
"{6D307F40-5A8B-4248-8CCA-5C8E4FA8753B}" = ADSLNet Navigation Tools
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CD7A451-7224-49C8-95EF-9A1859C66607}" = mZConfig
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85AC0FFA-643D-3103-9310-7086ECB0C36C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0010-0C0A-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Spanish) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0C0A-0000-0000000FF1CE}" = Paquete de compatibilidad para 2007 Office system
"{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web
"{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{92E4A65F-7007-3357-A69A-167F71A337BD}" = Microsoft .NET Framework 3.5 Language Pack SP1 - esn
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95120000-0122-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}" = Broadcom 440x 10/100 Integrated Controller
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A610EEC9-FA61-4DE4-B6BE-3DEB3E65D02B}" = Adobe PDF JobReady 2.0 for americandigitalgraphics.com
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy 2
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = KWC-101
"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE38B24E-4146-4DAC-AD4E-4EC8BF24C261}" = OpenOffice.org Installer 1.0
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic VX
"{E4423F16-0E98-4855-BFF4-3EF016C55D67}" = Nokia_Multimedia_Common_Components_2_5
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"4569969E1360D2854474C661EF9B4D54F143EB16" = Paquete de controladores de Windows - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"504244733D18C8F63FF584AEB290E3904E791693" = Paquete de controladores de Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Paquete de controladores de Windows - Nokia Modem (10/07/2010 4.6)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0.1
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Any Video Converter_is1" = Any Video Converter 2.7.1
"avast" = avast! Internet Security
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Cool Edit Pro 2.1" = Cool Edit Pro 2.1
"E5372C32E8562C76C24DBA6525002B1031495F34" = Paquete de controladores de Windows - Nokia Modem (06/09/2010 7.01.0.8)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"FLV Player" = FLV Player 2.0 (build 25)
"GIRDAC Free PDF Creator" = GIRDAC Free PDF Creator
"GIRDAC Port" = GIRDAC Port
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Internet Movil" = Internet Movil
"iRecover_is1" = DIY DataRecovery iRecover 3
"JellyFish Light 3.5" = JellyFish Light 3.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 Language Pack SP1 - esn" = Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"Opera 11.50.1074" = Opera 11.50
"PRJPRO" = Microsoft Office Project Professional 2007
"ProInst" = Intel(R) PROSet/Wireless Software
"PROPLUS" = Microsoft Office Professional Plus 2007
"Revo Uninstaller" = Revo Uninstaller 1.92
"Rightdown SoftwareRightdown Software SearchBar" = Rightdown Software - Toolbar
"VISPRO" = Microsoft Office Visio Professional 2007
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WebDesigner" = Microsoft Expression Web
"WIC" = Windows Imaging Component
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = Compresor WinRAR
"Wisdom-soft ScreenHunter 4.0 Free" = Wisdom-soft ScreenHunter 4.0 Free
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-790525478-1425521274-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Airfield Mayhem" = Airfield Mayhem
"Facebook Plug-In" = Facebook Plug-In
"PlanetWerks" = PlanetWerks

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 16/07/2011 10:33:26 p.m. | Computer Name = MFP-DELL | Source = PerfNet | ID = 2004
Description = No se puede abrir el servicio Servidor. No se devolverán datos de rendimiento
del servidor. El código de error devuelto está en los datos DWORD 0.

Error - 16/07/2011 10:33:31 p.m. | Computer Name = MFP-DELL | Source = SecurityCenter | ID = 1802
Description = El Servicio de Centro de seguridad de Windows no puede establecer
consultas de suceso con WMI para supervisar antivirus y servidores de seguridad
de terceros.

Error - 17/07/2011 11:32:50 a.m. | Computer Name = MFP-DELL | Source = PerfNet | ID = 2004
Description = No se puede abrir el servicio Servidor. No se devolverán datos de rendimiento
del servidor. El código de error devuelto está en los datos DWORD 0.

Error - 17/07/2011 11:32:55 a.m. | Computer Name = MFP-DELL | Source = SecurityCenter | ID = 1802
Description = El Servicio de Centro de seguridad de Windows no puede establecer
consultas de suceso con WMI para supervisar antivirus y servidores de seguridad
de terceros.

Error - 18/07/2011 12:24:50 p.m. | Computer Name = MFP-DELL | Source = PerfNet | ID = 2004
Description = No se puede abrir el servicio Servidor. No se devolverán datos de rendimiento
del servidor. El código de error devuelto está en los datos DWORD 0.

Error - 18/07/2011 12:24:55 p.m. | Computer Name = MFP-DELL | Source = SecurityCenter | ID = 1802
Description = El Servicio de Centro de seguridad de Windows no puede establecer
consultas de suceso con WMI para supervisar antivirus y servidores de seguridad
de terceros.

Error - 18/07/2011 09:42:29 p.m. | Computer Name = MFP-DELL | Source = SecurityCenter | ID = 1802
Description = El Servicio de Centro de seguridad de Windows no puede establecer
consultas de suceso con WMI para supervisar antivirus y servidores de seguridad
de terceros.

Error - 18/07/2011 09:42:32 p.m. | Computer Name = MFP-DELL | Source = PerfNet | ID = 2004
Description = No se puede abrir el servicio Servidor. No se devolverán datos de rendimiento
del servidor. El código de error devuelto está en los datos DWORD 0.

Error - 19/07/2011 11:47:32 a.m. | Computer Name = MFP-DELL | Source = PerfNet | ID = 2004
Description = No se puede abrir el servicio Servidor. No se devolverán datos de rendimiento
del servidor. El código de error devuelto está en los datos DWORD 0.

Error - 19/07/2011 11:47:40 a.m. | Computer Name = MFP-DELL | Source = SecurityCenter | ID = 1802
Description = El Servicio de Centro de seguridad de Windows no puede establecer
consultas de suceso con WMI para supervisar antivirus y servidores de seguridad
de terceros.

[ OSession Events ]
Error - 28/08/2010 06:27:48 p.m. | Computer Name = MFP-DELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session
lasted 1014 seconds with 60 seconds of active time. This session ended with a crash.

Error - 09/09/2010 11:55:24 a.m. | Computer Name = MFP-DELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session
lasted 126 seconds with 0 seconds of active time. This session ended with a crash.

Error - 18/11/2010 04:58:28 p.m. | Computer Name = MFP-DELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6300.5000, Microsoft Office Version: 12.0.6021.5000. This session lasted 6945
seconds with 2280 seconds of active time. This session ended with a crash.

Error - 25/11/2010 05:17:18 p.m. | Computer Name = MFP-DELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session
lasted 36 seconds with 0 seconds of active time. This session ended with a crash.

Error - 06/01/2011 01:12:22 p.m. | Computer Name = MFP-DELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session
lasted 110 seconds with 0 seconds of active time. This session ended with a crash.

Error - 28/02/2011 12:51:52 a.m. | Computer Name = MFP-DELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session
lasted 153 seconds with 0 seconds of active time. This session ended with a crash.

Error - 15/04/2011 02:43:34 p.m. | Computer Name = MFP-DELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session
lasted 169 seconds with 60 seconds of active time. This session ended with a crash.

Error - 09/05/2011 10:26:41 p.m. | Computer Name = MFP-DELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session
lasted 10 seconds with 0 seconds of active time. This session ended with a crash.

Error - 23/06/2011 02:08:37 p.m. | Computer Name = MFP-DELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6300.5000, Microsoft Office Version: 12.0.6021.5000. This session lasted 2228
seconds with 1260 seconds of active time. This session ended with a crash.

Error - 05/07/2011 10:46:00 p.m. | Computer Name = MFP-DELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session
lasted 71 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 17/07/2011 04:57:37 p.m. | Computer Name = MFP-DELL | Source = Service Control Manager | ID = 7034
Description = El servicio ServiceLayer se terminó de manera inesperada. Esto ha
sucedido 1 veces.

Error - 18/07/2011 12:26:28 p.m. | Computer Name = MFP-DELL | Source = Service Control Manager | ID = 7023
Description = El servicio Acceso a dispositivo de interfaz humana terminó con el
error: %%2

Error - 18/07/2011 09:43:52 p.m. | Computer Name = MFP-DELL | Source = Service Control Manager | ID = 7023
Description = El servicio Acceso a dispositivo de interfaz humana terminó con el
error: %%2

Error - 18/07/2011 11:56:18 p.m. | Computer Name = MFP-DELL | Source = Service Control Manager | ID = 7034
Description = El servicio ServiceLayer se terminó de manera inesperada. Esto ha
sucedido 1 veces.

Error - 18/07/2011 11:56:18 p.m. | Computer Name = MFP-DELL | Source = Service Control Manager | ID = 7034
Description = El servicio Spybot-S&D 2 Scanner Service se terminó de manera inesperada.
Esto ha sucedido 1 veces.

Error - 18/07/2011 11:56:18 p.m. | Computer Name = MFP-DELL | Source = Service Control Manager | ID = 7034
Description = El servicio Spybot-S&D 2 Hooks Service se terminó de manera inesperada.
Esto ha sucedido 1 veces.

Error - 18/07/2011 11:56:18 p.m. | Computer Name = MFP-DELL | Source = Service Control Manager | ID = 7034
Description = El servicio Spybot-S&D 2 Updating Service se terminó de manera inesperada.
Esto ha sucedido 1 veces.

Error - 19/07/2011 11:49:06 a.m. | Computer Name = MFP-DELL | Source = Service Control Manager | ID = 7023
Description = El servicio Acceso a dispositivo de interfaz humana terminó con el
error: %%2

Error - 19/07/2011 07:02:25 p.m. | Computer Name = MFP-DELL | Source = Service Control Manager | ID = 7011
Description = Intervalo de espera (30000 ms.) para la respuesta de transacción del
servicio stisvc.

Error - 19/07/2011 07:07:04 p.m. | Computer Name = MFP-DELL | Source = Print | ID = 6161
Description = No se puede imprimir el documento Slow everything (system, firefox,
office, etc) Part 1 - Safer-Networking Forums propiedad de M en la impresora Canon
MP160 Printer. Tipo de datos: NT EMF 1.008. Tamaño del archivo de cola de impresión
en bytes: 524288. Número de bytes impresos: 323948. Número de páginas en el documento:
1. Número de páginas impresas: 0. Equipo cliente: \\MFP-DELL. Código de error Win32
devuelto por el procesador de impresión: 0 (0x0).


< End of report >

Lets try this

Please download TDSSKiller.zip (http://support.kaspersky.com/downloads/utils/tdsskiller.zip)
Extract it to your desktop
Double click TDSSKiller.exe
Press Start Scan

Only if Malicious objects are found then ensure Cure is selected
Then click Continue > Reboot now

Copy and paste the log in your next reply

A copy of the log will be saved automatically to the root of the drive (typically C:\)

2011/07/19 23:37:50.0656 3756 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/19 23:37:52.0843 3756 ================================================================================
2011/07/19 23:37:52.0843 3756 SystemInfo:
2011/07/19 23:37:52.0843 3756
2011/07/19 23:37:52.0843 3756 OS Version: 5.1.2600 ServicePack: 2.0
2011/07/19 23:37:52.0843 3756 Product type: Workstation
2011/07/19 23:37:52.0843 3756 ComputerName: MFP-DELL
2011/07/19 23:37:52.0843 3756 UserName: M
2011/07/19 23:37:52.0843 3756 Windows directory: C:\WINDOWS
2011/07/19 23:37:52.0843 3756 System windows directory: C:\WINDOWS
2011/07/19 23:37:52.0843 3756 Processor architecture: Intel x86
2011/07/19 23:37:52.0843 3756 Number of processors: 1
2011/07/19 23:37:52.0843 3756 Page size: 0x1000
2011/07/19 23:37:52.0843 3756 Boot type: Normal boot
2011/07/19 23:37:52.0843 3756 ================================================================================
2011/07/19 23:38:39.0531 3756 Initialize success
2011/07/19 23:38:47.0718 1340 ================================================================================
2011/07/19 23:38:47.0718 1340 Scan started
2011/07/19 23:38:47.0718 1340 Mode: Manual;
2011/07/19 23:38:47.0718 1340 ================================================================================
2011/07/19 23:38:50.0015 1340 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/07/19 23:38:50.0171 1340 ACPI (33d1373ee875ce8b063777f7e77815b7) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/19 23:38:50.0265 1340 ACPIEC (1c905333c0b9f3d7c68ddf25e54b00f9) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/19 23:38:50.0531 1340 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2011/07/19 23:38:50.0796 1340 AegisP (2c5c22990156a1063e19ad162191dc1d) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/07/19 23:38:51.0187 1340 AFD (944ca435bfcfc82cc1ed9e3a7d731aa9) C:\WINDOWS\System32\drivers\afd.sys
2011/07/19 23:38:53.0328 1340 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/07/19 23:38:53.0812 1340 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/07/19 23:38:55.0171 1340 aswFW (e87019bdb5a06a096d7cec7aacd0ee40) C:\WINDOWS\system32\drivers\aswFW.sys
2011/07/19 23:38:56.0218 1340 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/07/19 23:38:56.0968 1340 aswNdis (7b948e3657bea62e437bc46ca6ef6012) C:\WINDOWS\system32\DRIVERS\aswNdis.sys
2011/07/19 23:38:57.0421 1340 aswNdis2 (07ff8c2ba038764cdeb4ffd1331ad29c) C:\WINDOWS\system32\drivers\aswNdis2.sys
2011/07/19 23:38:58.0593 1340 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/07/19 23:38:59.0312 1340 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/07/19 23:38:59.0906 1340 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/07/19 23:39:00.0531 1340 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/07/19 23:39:00.0718 1340 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/19 23:39:00.0890 1340 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/19 23:39:01.0140 1340 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/19 23:39:01.0453 1340 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/19 23:39:01.0687 1340 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
2011/07/19 23:39:01.0812 1340 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/19 23:39:02.0281 1340 CamSuiteVAC (e292176878f933e6a3cc46d6109ef1bb) C:\WINDOWS\system32\DRIVERS\CamSuiteVAC.sys
2011/07/19 23:39:03.0265 1340 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/19 23:39:03.0515 1340 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/19 23:39:04.0125 1340 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/19 23:39:04.0453 1340 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/19 23:39:04.0703 1340 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/19 23:39:05.0515 1340 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/07/19 23:39:05.0609 1340 cmnsusbser (675d67423980fc1784b93aa47d350a31) C:\WINDOWS\system32\DRIVERS\cmnsusbser.sys
2011/07/19 23:39:05.0656 1340 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/07/19 23:39:05.0828 1340 DIGIRPS (589bc0a7d166873598bc6238970ce5b3) C:\WINDOWS\system32\DRIVERS\digirlpt.sys
2011/07/19 23:39:05.0875 1340 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/19 23:39:06.0015 1340 dmboot (9fb634a0ed429aa64de57c53dd10ccf9) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/19 23:39:06.0125 1340 dmio (67decfaf3b6cdb34b3fa77d965281bb5) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/19 23:39:06.0156 1340 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/19 23:39:06.0234 1340 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/19 23:39:06.0359 1340 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/19 23:39:06.0468 1340 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/19 23:39:06.0515 1340 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
2011/07/19 23:39:06.0562 1340 Fips (6e9d149cfae2af4783f85dbd6cedf7a1) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/19 23:39:06.0609 1340 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/07/19 23:39:06.0703 1340 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/07/19 23:39:06.0796 1340 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/19 23:39:06.0984 1340 Ftdisk (cc5f3af5711a1c7c8fa1d43bb16b401a) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/19 23:39:07.0015 1340 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/19 23:39:07.0171 1340 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/19 23:39:07.0234 1340 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/19 23:39:07.0468 1340 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
2011/07/19 23:39:07.0578 1340 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
2011/07/19 23:39:07.0687 1340 HTTP (cb77bb47e67e84deb17ba29632501730) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/19 23:39:07.0781 1340 hwdatacard (8adf5ef39e896a65beded878494ee2b6) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2011/07/19 23:39:07.0921 1340 i8042prt (0cab3ee361cfeab260b3906c8b6fb2be) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/19 23:39:08.0281 1340 ialm (643162fbc619e35d3f1a90a095a5bb42) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/07/19 23:39:08.0546 1340 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/19 23:39:08.0718 1340 IntelIde (161b54c8200663ada2c145d87e8d4340) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/19 23:39:08.0812 1340 intelppm (98bbc0e8efa90fff1ec9456ee7b0b1f1) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/19 23:39:08.0828 1340 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/07/19 23:39:08.0906 1340 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/19 23:39:08.0984 1340 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/19 23:39:09.0156 1340 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/19 23:39:09.0250 1340 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/19 23:39:09.0468 1340 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/19 23:39:09.0578 1340 isapnp (90bc6118193b4e8a76f0fc0d4a3572de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/19 23:39:09.0671 1340 IWCA (872d090ca5c306f62d1982bce6302376) C:\WINDOWS\system32\DRIVERS\iwca.sys
2011/07/19 23:39:09.0796 1340 Kbdclass (71bfdda7b3006b45b18d8bac92bc9993) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/19 23:39:09.0921 1340 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/19 23:39:10.0218 1340 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/19 23:39:10.0500 1340 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/07/19 23:39:10.0578 1340 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/19 23:39:10.0687 1340 Modem (b65f57d37e8d43089b701ed16e22d0e9) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/19 23:39:10.0750 1340 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
2011/07/19 23:39:10.0859 1340 Mouclass (05e9c75c6797145a4983e9d0a4778bc3) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/19 23:39:10.0906 1340 mouhid (8ee532e516b2d23d686cfc1cc0a15c25) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/19 23:39:11.0156 1340 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/19 23:39:11.0406 1340 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/19 23:39:11.0718 1340 MRxSmb (025af03ce51645c62f3b6907a7e2be5e) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/19 23:39:11.0906 1340 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/19 23:39:12.0000 1340 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/19 23:39:12.0078 1340 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/19 23:39:12.0140 1340 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/19 23:39:12.0375 1340 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/19 23:39:12.0531 1340 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/19 23:39:12.0578 1340 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/19 23:39:12.0765 1340 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/19 23:39:12.0906 1340 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/19 23:39:12.0984 1340 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/19 23:39:13.0109 1340 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/19 23:39:13.0390 1340 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/19 23:39:13.0453 1340 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/19 23:39:13.0484 1340 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/19 23:39:13.0546 1340 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/19 23:39:13.0687 1340 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/19 23:39:13.0828 1340 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/07/19 23:39:13.0968 1340 nmwcd (48fb907b069524f2dc7ba62a0762850c) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/07/19 23:39:14.0000 1340 nmwcdc (2914ceb789964141ac6e22c6bc980c42) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/07/19 23:39:14.0203 1340 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/19 23:39:14.0468 1340 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/19 23:39:14.0718 1340 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/19 23:39:14.0796 1340 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/19 23:39:14.0890 1340 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/19 23:39:14.0984 1340 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/07/19 23:39:15.0500 1340 PAC207 (4a410c7aea51123519c20d43a20bce96) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
2011/07/19 23:39:15.0906 1340 Parport (0df0b83c90473ccfdc3dc882cbb6e4a9) C:\WINDOWS\system32\drivers\Parport.sys
2011/07/19 23:39:16.0015 1340 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/19 23:39:16.0171 1340 ParVdm (fad44d704ecd7d39ad01415b8bb34204) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/19 23:39:16.0359 1340 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/07/19 23:39:16.0531 1340 PCI (a566b8da5e70b3237274d418853a87e0) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/19 23:39:16.0578 1340 PCIIde (33d63f0a9021acb4d75d83b646b93a30) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/19 23:39:16.0718 1340 Pcmcia (6374a34b03aea7971c976982a391ad07) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/19 23:39:17.0031 1340 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/19 23:39:17.0062 1340 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/19 23:39:17.0140 1340 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/19 23:39:17.0250 1340 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/19 23:39:17.0875 1340 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/19 23:39:17.0968 1340 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/19 23:39:18.0031 1340 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/19 23:39:18.0218 1340 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/19 23:39:18.0390 1340 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/19 23:39:18.0640 1340 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/19 23:39:18.0828 1340 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/19 23:39:19.0187 1340 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/19 23:39:19.0578 1340 redbook (28531a950381da67fc6412dfebcc8c5c) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/19 23:39:19.0953 1340 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2011/07/19 23:39:20.0328 1340 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
2011/07/19 23:39:20.0687 1340 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
2011/07/19 23:39:20.0828 1340 s24trans (9c40cb317400f2cf643b8706147dd06d) C:\WINDOWS\system32\DRIVERS\s24trans.sys
2011/07/19 23:39:21.0062 1340 SASDIFSV (bfbc4be8d6ac6d33ad93f3f5f2e11499) C:\Archivos de programa\SUPERAntiSpyware\SASDIFSV.SYS
2011/07/19 23:39:21.0484 1340 SASENUM (e9c2d75c748c3f0a4c34d6cf2ae1d754) C:\Archivos de programa\SUPERAntiSpyware\SASENUM.SYS
2011/07/19 23:39:21.0593 1340 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.sys
2011/07/19 23:39:22.0078 1340 sdbus (02fc71b020ec8700ee8a46c58bc6f276) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/07/19 23:39:22.0328 1340 SDHookDriver (5ea313de81fd07a084ca5b3c7a71b427) C:\Archivos de programa\Spybot - Search & Destroy 2\SDHookDrv32.sys
2011/07/19 23:39:22.0500 1340 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/19 23:39:22.0953 1340 Serial (fa9c4c4ac544301fa13c5c00a270399f) C:\WINDOWS\system32\drivers\Serial.sys
2011/07/19 23:39:23.0156 1340 sffdisk (1d9f1bec651815741f088a8fb88e17ee) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/07/19 23:39:23.0375 1340 sffp_sd (586499fd312ffd7f78553f408e71682e) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/07/19 23:39:23.0609 1340 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/19 23:39:23.0859 1340 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/19 23:39:23.0984 1340 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/19 23:39:24.0093 1340 sr (3c151d50cf3ae1683c6e3ec201b2ad3d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/19 23:39:24.0234 1340 Srv (ea554a3ffc3f536fe8320eb38f5e4843) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/19 23:39:24.0656 1340 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
2011/07/19 23:39:24.0875 1340 StillCam (4e634ba97c122f84a6c2595af4d2dc62) C:\WINDOWS\system32\DRIVERS\serscan.sys
2011/07/19 23:39:25.0000 1340 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/19 23:39:25.0078 1340 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/19 23:39:25.0203 1340 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/19 23:39:25.0484 1340 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/19 23:39:25.0625 1340 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/19 23:39:25.0796 1340 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/19 23:39:25.0859 1340 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/19 23:39:25.0968 1340 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/19 23:39:26.0406 1340 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/19 23:39:26.0562 1340 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/19 23:39:26.0671 1340 upperdev (e526a166e6acafd0a9b3841d3941669e) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/07/19 23:39:26.0828 1340 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/19 23:39:26.0906 1340 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/19 23:39:26.0968 1340 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/19 23:39:27.0015 1340 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/19 23:39:27.0109 1340 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/19 23:39:27.0218 1340 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/19 23:39:27.0312 1340 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\drivers\usbser.sys
2011/07/19 23:39:27.0375 1340 UsbserFilt (6f3e3c6811b930d2414552a2e4a40f36) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/07/19 23:39:27.0468 1340 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/19 23:39:27.0531 1340 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/19 23:39:27.0609 1340 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/07/19 23:39:27.0750 1340 VolSnap (d6ec4aff061665a10f0b1a9517d338e3) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/19 23:39:28.0156 1340 w29n51 (adb2f5af36155c9f1fbfd66a3acacbe6) C:\WINDOWS\system32\DRIVERS\w29n51.sys
2011/07/19 23:39:28.0375 1340 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/19 23:39:28.0515 1340 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/07/19 23:39:28.0625 1340 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/19 23:39:28.0796 1340 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
2011/07/19 23:39:29.0328 1340 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/07/19 23:39:29.0515 1340 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/19 23:39:29.0640 1340 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/19 23:39:29.0687 1340 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/19 23:39:29.0828 1340 MBR (0x1B8) (792f61657fece3d17a9122b4ee282847) \Device\Harddisk0\DR0
2011/07/19 23:39:30.0046 1340 Boot (0x1200) (cf0b84bde36c837e8005c9e6216897a4) \Device\Harddisk0\DR0\Partition0
2011/07/19 23:39:30.0062 1340 ================================================================================
2011/07/19 23:39:30.0062 1340 Scan finished
2011/07/19 23:39:30.0062 1340 ================================================================================
2011/07/19 23:39:30.0078 1092 Detected object count: 0
2011/07/19 23:39:30.0078 1092 Actual detected object count: 0

Forgot to mention earlier, are you aware you have a key-logger installed on your system ?

http://download.cnet.com/Revealer-Keylogger-Free-Edition/3000-2162_4-10586804.html

Dear ken545, yes I am, I installed it; right now its not in the startup list... but its not paid, so it only work "local".

In the aswMBR scan results, it mentioned the following:

File: C:\Documents and Settings\M\Configuración local\Datos de programa\Google\Google Talk Plugin\googletalkplugin.exe **INFECTED** Win32:Downloader-IQK [Trj]

I didnt click to delete it, did I have to?

Rgds
Moy

I was looking for a newer variant of a rootkit, lets do this

You need to enable windows to show all files and folders, instructions Here (http://www.bleepingcomputer.com/tutorials/tutorial62.html)

Go to VirusTotal (http://www.virustotal.com/) and submit this file for analysis, just use the browse feature and then Send File, you will get a report back, post the report into this thread for me to see. If the site says this file has been checked before, have them check it again

C:\Documents and Settings\M\Configuración local\Datos de programa\Google\Google Talk Plugin\googletalkplugin.exe <--This file

If the site is busy you can try this one
http://virusscan.jotti.org/en

File name:
googletalkplugin.exe
Submission date:
2011-07-20 19:15:03 (UTC)
Current status:
finished
Result:
0/ 43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.07.21.00 2011.07.20 -
AntiVir 7.11.12.21 2011.07.20 -
Antiy-AVL 2.0.3.7 2011.07.20 -
Avast 4.8.1351.0 2011.07.20 -
Avast5 5.0.677.0 2011.07.20 -
AVG 10.0.0.1190 2011.07.20 -
BitDefender 7.2 2011.07.20 -
CAT-QuickHeal 11.00 2011.07.20 -
ClamAV 0.97.0.0 2011.07.20 -
Commtouch 5.3.2.6 2011.07.20 -
Comodo 9450 2011.07.20 -
DrWeb 5.0.2.03300 2011.07.20 -
Emsisoft 5.1.0.8 2011.07.20 -
eSafe 7.0.17.0 2011.07.20 -
eTrust-Vet 36.1.8455 2011.07.20 -
F-Prot 4.6.2.117 2011.07.20 -
F-Secure 9.0.16440.0 2011.07.20 -
Fortinet 4.2.257.0 2011.07.20 -
GData 22 2011.07.20 -
Ikarus T3.1.1.104.0 2011.07.20 -
Jiangmin 13.0.900 2011.07.20 -
K7AntiVirus 9.108.4929 2011.07.20 -
Kaspersky 9.0.0.837 2011.07.20 -
McAfee 5.400.0.1158 2011.07.20 -
McAfee-GW-Edition 2010.1D 2011.07.20 -
Microsoft 1.7000 2011.07.20 -
NOD32 6311 2011.07.20 -
Norman 6.07.10 2011.07.20 -
nProtect 2011-07-20.01 2011.07.20 -
Panda 10.0.3.5 2011.07.20 -
PCTools 8.0.0.5 2011.07.20 -
Prevx 3.0 2011.07.20 -
Rising 23.67.02.03 2011.07.20 -
Sophos 4.67.0 2011.07.20 -
SUPERAntiSpyware 4.40.0.1006 2011.07.20 -
Symantec 20111.1.0.186 2011.07.20 -
TheHacker 6.7.0.1.258 2011.07.20 -
TrendMicro 9.200.0.1012 2011.07.20 -
TrendMicro-HouseCall 9.200.0.1012 2011.07.20 -
VBA32 3.12.16.4 2011.07.20 -
VIPRE 9904 2011.07.19 -
ViRobot 2011.7.20.4579 2011.07.20 -
VirusBuster 14.0.132.0 2011.07.20 -
Additional information
MD5 : d27110f959b9bdb03513fbfbde061733
SHA1 : 096ae75f6384a94e2d12da6d40c4702d0c91dcfd
SHA256: 8bb8b647062db3430f84e04956db770fc902c9e091ab1fb00c949497a23f040d
ssdeep: 1536:cTEVYaQW8Tl2nTb8Liifk0/NiximTw5583QbyHvaDC:b78NLiR0/NOiEw558pC
File size : 161336 bytes
First seen: 2011-04-15 00:26:41
Last seen : 2011-07-20 19:15:03
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Google
copyright....: Copyright (c) 2005-2011 Google, Inc.
product......: Google Talk Plugin
description..: Google Talk Plugin
original name: googletalkplugin.exe
internal name: n/a
file version.: 2.0.0.0
comments.....: n/a
signers......: Google Inc
VeriSign Class 3 Code Signing 2009-2 CA
Class 3 Public Primary Certification Authority
signing date.: 17:42 30/03/2011
verified.....: -
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x12F9
timedatestamp....: 0x4D934F5B (Wed Mar 30 15:42:19 2011)
machinetype......: 0x14c (I386)

[[ 5 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x15DCF, 0x16000, 5.84, 05abdfd3c3500b482df5c9b8dd52a02a
.rdata, 0x17000, 0x377E, 0x4000, 3.22, 1c9563b7adeff5289be8400d758ca57c
.data, 0x1B000, 0x1CD0, 0x2000, 1.19, 83deb928d8298f9850964782ff8f88a9
.idata, 0x1D000, 0xA72, 0x1000, 3.42, 94f83e12c8423c872b28954a13d2bdea
.rsrc, 0x1E000, 0x7663, 0x8000, 4.12, 92fa16012af1a429f5c4f0467f82fbca

[[ 1 import(s) ]]
KERNEL32.dll: FreeLibrary, GetProcAddress, LoadLibraryW, GetCommandLineA, HeapFree, GetVersionExA, HeapAlloc, GetProcessHeap, GetStartupInfoA, SetUnhandledExceptionFilter, GetModuleHandleA, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetLastError, GetEnvironmentStringsW, SetHandleCount, GetFileType, DeleteCriticalSection, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, GetCurrentThreadId, InterlockedDecrement, GetCurrentThread, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, LeaveCriticalSection, FatalAppExitA, EnterCriticalSection, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, IsDebuggerPresent, SetConsoleCtrlHandler, InterlockedExchange, LoadLibraryA, InitializeCriticalSection, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, Sleep, VirtualAlloc, HeapReAlloc, RtlUnwind, HeapSize, MultiByteToWideChar, GetLocaleInfoA, GetLocaleInfoW, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, GetTimeFormatA, GetDateFormatA, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, GetTimeZoneInformation, CompareStringA, CompareStringW, SetEnvironmentVariableA
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 90112
CompanyName: Google
EntryPoint: 0x12f9
FileDescription: Google Talk Plugin
FileFlagsMask: 0x0000
FileOS: Win32
FileSize: 158 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 2.0.0.0
FileVersionNumber: 2.0.0.0
ImageVersion: 0.0
InitializedDataSize: 61440
LanguageCode: English (U.S.)
LegalCopyright: Copyright 2005-2011 Google, Inc.
LinkerVersion: 8.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
ObjectFileType: Executable application
OriginalFilename: googletalkplugin.exe
PEType: PE32
ProductName: Google Talk Plugin
ProductVersion: 2.0.0.0
ProductVersionNumber: 2.0.0.0
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2011:03:30 17:42:19+02:00
UninitializedDataSize: 0

That file looks ok, it may have been a false positive. How are things running now ?

Well, when using Firefox everything go slower; when browsing and/or changing tabs it hangs for a couple of minutes, also uses lots of memory; in the other hand, frequently (2 or 3 times a day) pops up this kind of MSG:


http://img38.imageshack.us/img38/8297/sh2fi.jpg

Then I click Stop script.

Thanks for your patience.

Moy

Open Firefox and go to Help > Restart with Add-Ons Disabled and see if it makes a difference

I didnt reply earlier because i wanted to browse for a while and reboot a couple of times with your last instructions, but, Its the same thing, firefox hangs now and then.

Make sure Firefox is up todate. The latest version is 5.0
http://support.mozilla.com/en-US/kb/Updating%20Firefox?s=update+firefox&as=s#w_how-do-i-manually-check-for-updates


Are you having problems with IE as well or just Firefox ?

My firefox 5.0 is up to date. I dont use IE, as a matter of fact, I think I uninstalled it. sometimes I use Opera

Why dont you post over at the Firefox forum and let them help you, they know more about there product than I do

http://forums.mozillazine.org/viewforum.php?f=38

Post back and let me know how it went