Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old August 6th, 2011, 11:58 AM
KINGCRIMSON1 KINGCRIMSON1 is offline
New Member
 
Join Date: Aug 2011
O/S: Windows XP Pro
Location: Barcelona (Spain)
Posts: 4
Infected with Fissa and searchqu

Hi.

My PC goes very slowly, the start is endless. Into my Firefox I cannot change the homepage that always is searchqu.com.
Also I have tried to eliminate the program Fissa and it does not allow it to me.

Can someone help me?
Reply With Quote
  #2  
Old August 6th, 2011, 07:35 PM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
Welckme to the Forum, KINGCRIMSON1.


Let's do scan as step one to have a closer look at your system.


Click this link to download OldTimer's OTL to your desktop.
http://oldtimer.geekstogo.com/OTL.exe

Next, click OTL.exe to open the scan display.(Vista and windows7 Users, right click on OTL.exe and click on Run As Administrator) At the top check "Scan All Users", then click "Run Scan". Make no other changes at this time.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please.
Reply With Quote
  #3  
Old August 7th, 2011, 06:45 PM
KINGCRIMSON1 KINGCRIMSON1 is offline
New Member
 
Join Date: Aug 2011
O/S: Windows XP Pro
Location: Barcelona (Spain)
Posts: 4
Thank you for your response.

Here you have the files for that you have asked me. During the scanning Avira has bloked the access to Autorun.inf two times.

OTL logfile created on: 07/08/2011 19:32:13 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Documents and Settings\Juan Manuel\Escritorio
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

1023,11 Mb Total Physical Memory | 565,07 Mb Available Physical Memory | 55,23% Memory free
3,90 Gb Paging File | 3,49 Gb Available in Paging File | 89,57% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Archivos de programa
Drive C: | 152,66 Gb Total Space | 33,03 Gb Free Space | 21,64% Space Free | Partition Type: NTFS
Drive D: | 111,78 Gb Total Space | 4,04 Gb Free Space | 3,61% Space Free | Partition Type: NTFS

Computer Name: JUAN-MANUEL | User Name: Juan Manuel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/07 19:29:04 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Juan Manuel\Escritorio\OTL.exe
PRC - [2011/08/07 01:19:19 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- D:\WINDOWS\system32\AEADISRV.EXE
PRC - [2011/07/04 15:29:24 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- D:\Archivos de programa\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2011/05/26 11:29:03 | 000,800,768 | ---- | M] (Yuna Software) -- D:\Archivos de programa\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2011/05/23 17:26:16 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- D:\Archivos de programa\Uniblue\SpeedUpMyPC\spmonitor.exe
PRC - [2011/05/16 11:22:26 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- D:\Archivos de programa\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2011/04/29 06:57:27 | 000,136,360 | ---- | M] (Avira GmbH) -- D:\Archivos de programa\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- D:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe
PRC - [2011/04/03 06:19:19 | 000,269,480 | ---- | M] (Avira GmbH) -- D:\Archivos de programa\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/08/17 14:38:24 | 000,281,768 | ---- | M] (Avira GmbH) -- D:\Archivos de programa\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 23:11:07 | 000,076,968 | ---- | M] (Avira GmbH) -- D:\Archivos de programa\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- D:\Archivos de programa\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/06/09 16:30:08 | 002,303,216 | ---- | M] (Ono) -- D:\Archivos de programa\Ono\Centro de Servicios\CSO.exe
PRC - [2009/03/05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- D:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 04:18:57 | 001,036,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2004/10/08 12:52:32 | 000,221,184 | ---- | M] (Logitech Inc.) -- D:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2003/06/20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- D:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE


========== Modules (SafeList) ==========

MOD - [2011/08/07 19:29:04 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Juan Manuel\Escritorio\OTL.exe
MOD - [2010/08/23 18:12:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/07 01:19:19 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- D:\WINDOWS\system32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2011/04/29 06:57:27 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Archivos de programa\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/04/03 06:19:19 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Archivos de programa\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/08/27 13:58:46 | 000,680,960 | ---- | M] () [Auto | Stopped] -- D:\Archivos de programa\ActiveXperts\Network Monitor\AxsNmSvc.exe -- (AxsNmSvc)
SRV - [2010/02/07 13:24:56 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- D:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- D:\Archivos de programa\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


========== Driver Services (SafeList) ==========

DRV - [2011/07/28 21:00:27 | 000,073,576 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2011/07/28 21:00:27 | 000,026,104 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2011/07/28 20:54:13 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/04/03 06:19:20 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/21 03:04:52 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 16:27:42 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 16:27:32 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Archivos de programa\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/01/14 21:21:32 | 000,022,944 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\RTLVLAN.SYS -- (RTLVLAN)
DRV - [2010/01/14 21:20:58 | 000,034,208 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\RTLTEAMING.SYS -- (RTLTEAMING)
DRV - [2010/01/14 21:19:54 | 000,027,424 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\RtNdPt5x.sys -- (RtNdPt5x)
DRV - [2006/12/17 04:50:29 | 001,918,464 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/07 17:00:00 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/01/31 12:20:04 | 000,211,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005/01/31 12:12:46 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2001/06/22 06:39:02 | 000,073,728 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1004336348-1677128483-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1004336348-1677128483-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1004336348-1677128483-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1004336348-1677128483-682003330-1003\..\URLSearchHook: {0974848a-b5bc-49f2-9778-307742b4a55d} - D:\Archivos de programa\softonic.com4\tbsof1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1004336348-1677128483-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={s earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.es/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {0974848a-b5bc-49f2-9778-307742b4a55d}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Archivos de programa\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Archivos de programa\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Archivos de programa\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Archivos de programa\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Archivos de programa\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: D:\Archivos de programa\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: D:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: D:\Archivos de programa\Ono\Centro de Servicios\nprpspa.dll (Radialpoint Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Archivos de programa\Google\Update\1.3.21.65\npGoogleUpdate3.d ll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Archivos de programa\Google\Update\1.3.21.65\npGoogleUpdate3.d ll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: D:\Archivos de programa\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: D:\Archivos de programa\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: D:\Archivos de programa\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Archivos de programa\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: D:\Archivos de programa\Mozilla Firefox\components [2011/07/28 01:05:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: D:\Archivos de programa\Mozilla Firefox\plugins [2011/07/28 01:05:55 | 000,000,000 | ---D | M]

[2010/04/10 21:29:38 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Juan Manuel\Datos de programa\Mozilla\Extensions
[2011/08/04 13:10:51 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Juan Manuel\Datos de programa\Mozilla\Firefox\Profiles\eozcxnsa.default \extensions
[2011/06/25 02:51:59 | 000,000,000 | ---D | M] (softonic.com4 Community Toolbar) -- D:\Documents and Settings\Juan Manuel\Datos de programa\Mozilla\Firefox\Profiles\eozcxnsa.default \extensions\{0974848a-b5bc-49f2-9778-307742b4a55d}
[2010/04/28 19:00:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Juan Manuel\Datos de programa\Mozilla\Firefox\Profiles\eozcxnsa.default \extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/25 02:51:47 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- D:\Documents and Settings\Juan Manuel\Datos de programa\Mozilla\Firefox\Profiles\eozcxnsa.default \extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/06/25 02:51:36 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- D:\Documents and Settings\Juan Manuel\Datos de programa\Mozilla\Firefox\Profiles\eozcxnsa.default \extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/03/27 21:53:59 | 000,000,000 | ---D | M] (Conduit Engine) -- D:\Documents and Settings\Juan Manuel\Datos de programa\Mozilla\Firefox\Profiles\eozcxnsa.default \extensions\engine@conduit.com
[2010/12/29 14:42:13 | 000,001,747 | ---- | M] () -- D:\Documents and Settings\Juan Manuel\Datos de programa\Mozilla\Firefox\Profiles\eozcxnsa.default \searchplugins\ask.uk.xml
[2010/04/17 11:32:41 | 000,000,903 | ---- | M] () -- D:\Documents and Settings\Juan Manuel\Datos de programa\Mozilla\Firefox\Profiles\eozcxnsa.default \searchplugins\conduit.xml
[2011/06/11 02:02:37 | 000,000,000 | ---D | M] (No name found) -- D:\Archivos de programa\Mozilla Firefox\extensions
[2010/05/01 15:44:51 | 000,000,000 | ---D | M] (Java Console) -- D:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/28 20:04:44 | 000,000,000 | ---D | M] (Java Console) -- D:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/14 20:54:55 | 000,000,000 | ---D | M] (Java Console) -- D:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/01 15:40:49 | 000,000,000 | ---D | M] (Java Console) -- D:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/17 00:15:07 | 000,000,000 | ---D | M] (Java Console) -- D:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/11 02:02:37 | 000,000,000 | ---D | M] (Java Console) -- D:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2010/05/01 15:44:32 | 000,000,000 | ---D | M] (Java Quick Starter) -- D:\ARCHIVOS DE PROGRAMA\JAVA\JRE6\LIB\DEPLOY\JQS\FF
() (No name found) -- D:\DOCUMENTS AND SETTINGS\JUAN MANUEL\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\EOZCXNSA.DEFAULT \EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- D:\DOCUMENTS AND SETTINGS\JUAN MANUEL\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\EOZCXNSA.DEFAULT \EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/06/25 02:50:05 | 000,142,296 | ---- | M] (Mozilla Foundation) -- D:\Archivos de programa\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Archivos de programa\mozilla firefox\plugins\npdeployJava1.dll
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- D:\Archivos de programa\mozilla firefox\plugins\npOGAPlugin.dll
[2011/05/02 21:11:21 | 000,002,252 | ---- | M] () -- D:\Archivos de programa\mozilla firefox\searchplugins\bing.xml
[2011/05/02 21:11:21 | 000,003,996 | ---- | M] () -- D:\Archivos de programa\mozilla firefox\searchplugins\drae.xml
[2011/05/02 21:11:21 | 000,001,143 | ---- | M] () -- D:\Archivos de programa\mozilla firefox\searchplugins\eBay-es.xml
[2010/07/28 15:15:32 | 000,002,036 | ---- | M] () -- D:\Archivos de programa\mozilla firefox\searchplugins\fcmdSrchCcd2.xml
[2010/09/02 10:09:41 | 000,005,529 | ---- | M] () -- D:\Archivos de programa\mozilla firefox\searchplugins\SearchquWebSearch.xml
[2011/05/02 21:11:21 | 000,001,178 | ---- | M] () -- D:\Archivos de programa\mozilla firefox\searchplugins\wikipedia-es.xml
[2011/05/02 21:11:21 | 000,001,102 | ---- | M] () -- D:\Archivos de programa\mozilla firefox\searchplugins\yahoo-es.xml

O1 HOSTS File: ([2010/01/28 21:03:30 | 000,000,906 | R--- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (softonic.com4 Toolbar) - {0974848a-b5bc-49f2-9778-307742b4a55d} - D:\Archivos de programa\softonic.com4\tbsof1.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Archivos de programa\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Archivos de programa\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (MessengerPlusLive Spain TB Toolbar) - {68d6c015-c699-4b66-800f-5709bdeddd8b} - D:\Archivos de programa\MessengerPlusLive_Spain_TB\prxtbMes2.dll (Conduit Ltd.)
O2 - BHO: (no name) - {7FF99715-3016-4381-84CE-E4E4C9673020} - No CLSID value found.
O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.6406.164 2\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (softonic.com4 Toolbar) - {0974848a-b5bc-49f2-9778-307742b4a55d} - D:\Archivos de programa\softonic.com4\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Archivos de programa\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MessengerPlusLive Spain TB Toolbar) - {68d6c015-c699-4b66-800f-5709bdeddd8b} - D:\Archivos de programa\MessengerPlusLive_Spain_TB\prxtbMes2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1004336348-1677128483-682003330-1003\..\Toolbar\WebBrowser: (softonic.com4 Toolbar) - {0974848A-B5BC-49F2-9778-307742B4A55D} - D:\Archivos de programa\softonic.com4\tbsof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1004336348-1677128483-682003330-1003\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Archivos de programa\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1004336348-1677128483-682003330-1003\..\Toolbar\WebBrowser: (MessengerPlusLive Spain TB Toolbar) - {68D6C015-C699-4B66-800F-5709BDEDDD8B} - D:\Archivos de programa\MessengerPlusLive_Spain_TB\prxtbMes2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] D:\Archivos de programa\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CSO.exe] D:\Archivos de programa\Ono\Centro de Servicios\CSO.exe (Ono)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Logitech Utility] D:\WINDOWS\Logi_MwX.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [PlusService] D:\Archivos de programa\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] D:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1004336348-1677128483-682003330-1003..\Run: [SpybotSD TeaTimer] D:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: D:\Documents and Settings\Ariadna\Menú Inicio\Programas\Inicio\OpenOffice.org 3.2.lnk = D:\Archivos de programa\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1004336348-1677128483-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - D:\Archivos de programa\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5 B381380DB17F.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Archivos de programa\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary...r.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messen.../GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.81.29.254 62.42.230.24
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (d:\archiv~1\wi9130~1\datamngr\datamngr.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - D:\Archivos de programa\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/22 07:57:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/11/19 05:29:30 | 000,001,705 | ---- | M] () - C:\AUTORUN.APM -- [ NTFS ]
O32 - AutoRun File - [2010/04/04 11:23:54 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/03/14 03:14:02 | 000,000,000 | ---D | M] - D:\AUTOBIOGRAFIA RAQUEL -- [ NTFS ]
O32 - AutoRun File - [2010/04/04 11:23:54 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/07 19:29:02 | 000,579,584 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Juan Manuel\Escritorio\OTL.exe
[2011/08/07 01:20:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Datos de programa\SonicFocus
[2011/08/07 01:19:19 | 000,364,544 | ---- | C] (Andrea Electronics Corporation) -- D:\WINDOWS\System32\AEADIExt.dll
[2011/08/07 01:19:19 | 000,208,896 | ---- | C] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXProc.dll
[2011/08/07 01:19:19 | 000,139,264 | ---- | C] (Andrea Electronics Corporation) -- D:\WINDOWS\System32\AEADIAPO.dll
[2011/08/07 01:19:19 | 000,122,880 | ---- | C] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXCPStr.dll
[2011/08/07 01:19:19 | 000,090,112 | ---- | C] (Andrea Electronics Corporation) -- D:\WINDOWS\System32\AEADISRV.EXE
[2011/08/07 01:19:19 | 000,070,144 | ---- | C] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXSAPO.dll
[2011/08/07 01:19:19 | 000,069,632 | ---- | C] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXHAPO.dll
[2011/08/07 01:19:19 | 000,069,632 | ---- | C] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXDAPO.dll
[2011/08/07 01:19:19 | 000,062,464 | ---- | C] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXComm.dll
[2011/08/07 01:19:19 | 000,053,760 | ---- | C] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXMAPO.dll
[2011/08/07 01:19:19 | 000,050,176 | ---- | C] (Andrea Electronics Corporation) -- D:\WINDOWS\System32\AEADIAPR.dll
[2011/08/07 01:19:19 | 000,034,304 | ---- | C] (Analog Devices, Inc.) -- D:\WINDOWS\System32\SmaxCo.dll
[2011/08/07 01:19:18 | 000,156,672 | ---- | C] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXCPBL.dll
[2011/08/07 00:59:02 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Juan Manuel\Recent
[2011/08/05 01:42:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Juan Manuel\Menú Inicio\Programas\Revo Uninstaller
[2011/08/05 01:05:44 | 001,915,904 | ---- | C] (AVAST Software) -- D:\Documents and Settings\Juan Manuel\Escritorio\aswMBR.exe
[2011/08/05 00:59:21 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- D:\Documents and Settings\Juan Manuel\Escritorio\HiJackThis.exe
[2011/08/01 11:53:55 | 000,000,000 | ---D | C] -- D:\Archivos de programa\Yuna Software
[2011/07/28 21:00:27 | 000,073,576 | ---- | C] (Logitech, Inc.) -- D:\WINDOWS\System32\drivers\LMouFlt2.Sys
[2011/07/28 21:00:27 | 000,026,104 | ---- | C] (Logitech, Inc.) -- D:\WINDOWS\System32\drivers\LHidFlt2.Sys
[2011/07/28 21:00:27 | 000,019,968 | ---- | C] (Logitech Inc.) -- D:\WINDOWS\Logi_MwX.Exe
[2011/07/28 20:54:13 | 000,102,416 | ---- | C] (Realtek Semiconductor Corporation) -- D:\WINDOWS\System32\RTNUninst32.dll
[2011/07/28 20:42:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\intelide.sys
[2011/07/28 20:27:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Uniblue
[2011/07/28 20:18:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menú Inicio\Programas\Uniblue
[2011/07/28 19:54:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Juan Manuel\Datos de programa\Uniblue
[2011/07/28 19:53:40 | 000,000,000 | ---D | C] -- D:\Archivos de programa\Uniblue
[2011/07/28 19:52:44 | 000,000,000 | ---D | C] -- D:\INSTALAR
[2011/07/28 19:37:28 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Datos de programa\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2011/07/28 19:10:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Juan Manuel\Configuración local\Datos de programa\PackageAware
[2011/07/28 19:04:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Juan Manuel\Datos de programa\Download Manager
[2011/07/22 02:09:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Juan Manuel\Mis documentos\PELICULAS
[2011/07/08 23:41:01 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[20 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/07 19:33:00 | 000,000,492 | -H-- | M] () -- D:\WINDOWS\tasks\User_Feed_Synchronization-{29E7E046-7EB6-4AEE-B711-3706FCD5908F}.job
[2011/08/07 19:32:00 | 000,000,500 | -H-- | M] () -- D:\WINDOWS\tasks\User_Feed_Synchronization-{6D52C113-A381-4B00-85B5-D0B76712D4B9}.job
[2011/08/07 19:29:04 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Juan Manuel\Escritorio\OTL.exe
[2011/08/07 19:06:02 | 000,001,102 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/07 18:51:18 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2011/08/07 18:50:48 | 000,001,098 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/07 18:50:47 | 000,000,286 | ---- | M] () -- D:\WINDOWS\tasks\DriverScanner.job
[2011/08/07 18:50:43 | 000,000,290 | ---- | M] () -- D:\WINDOWS\tasks\RegistryBooster.job
[2011/08/07 18:50:40 | 000,000,282 | ---- | M] () -- D:\WINDOWS\tasks\SpeedUpMyPC.job
[2011/08/07 18:49:39 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2011/08/07 01:19:19 | 000,364,544 | ---- | M] (Andrea Electronics Corporation) -- D:\WINDOWS\System32\AEADIExt.dll
[2011/08/07 01:19:19 | 000,208,896 | ---- | M] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXProc.dll
[2011/08/07 01:19:19 | 000,156,672 | ---- | M] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXCPBL.dll
[2011/08/07 01:19:19 | 000,139,264 | ---- | M] (Andrea Electronics Corporation) -- D:\WINDOWS\System32\AEADIAPO.dll
[2011/08/07 01:19:19 | 000,122,880 | ---- | M] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXCPStr.dll
[2011/08/07 01:19:19 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- D:\WINDOWS\System32\AEADISRV.EXE
[2011/08/07 01:19:19 | 000,070,144 | ---- | M] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXSAPO.dll
[2011/08/07 01:19:19 | 000,069,632 | ---- | M] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXHAPO.dll
[2011/08/07 01:19:19 | 000,069,632 | ---- | M] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXDAPO.dll
[2011/08/07 01:19:19 | 000,062,464 | ---- | M] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXComm.dll
[2011/08/07 01:19:19 | 000,053,760 | ---- | M] (Sonic Focus, Inc.) -- D:\WINDOWS\System32\SFFXMAPO.dll
[2011/08/07 01:19:19 | 000,050,176 | ---- | M] (Andrea Electronics Corporation) -- D:\WINDOWS\System32\AEADIAPR.dll
[2011/08/07 01:19:19 | 000,034,304 | ---- | M] (Analog Devices, Inc.) -- D:\WINDOWS\System32\SmaxCo.dll
[2011/08/06 00:58:14 | 000,102,400 | ---- | M] () -- D:\Documents and Settings\Juan Manuel\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/06 00:57:40 | 000,001,049 | ---- | M] () -- D:\Documents and Settings\Juan Manuel\Escritorio\Dropbox.lnk
[2011/08/05 01:42:49 | 000,000,966 | ---- | M] () -- D:\Documents and Settings\Juan Manuel\Escritorio\Revo Uninstaller.lnk
[2011/08/05 01:06:38 | 001,915,904 | ---- | M] (AVAST Software) -- D:\Documents and Settings\Juan Manuel\Escritorio\aswMBR.exe
[2011/08/05 00:59:22 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- D:\Documents and Settings\Juan Manuel\Escritorio\HiJackThis.exe
[2011/08/05 00:56:28 | 000,625,664 | ---- | M] () -- D:\Documents and Settings\Juan Manuel\Escritorio\dds.scr
[2011/08/01 17:14:58 | 000,001,722 | ---- | M] () -- D:\Documents and Settings\All Users\Escritorio\SpeedUpMyPC.lnk
[2011/08/01 12:30:00 | 000,000,298 | ---- | M] () -- D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/08/01 11:51:44 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/07/28 21:00:27 | 000,073,576 | ---- | M] (Logitech, Inc.) -- D:\WINDOWS\System32\drivers\LMouFlt2.Sys
[2011/07/28 21:00:27 | 000,026,104 | ---- | M] (Logitech, Inc.) -- D:\WINDOWS\System32\drivers\LHidFlt2.Sys
[2011/07/28 21:00:27 | 000,019,968 | ---- | M] (Logitech Inc.) -- D:\WINDOWS\Logi_MwX.Exe
[2011/07/28 20:54:13 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation ) -- D:\WINDOWS\System32\drivers\Rtenicxp.sys
[2011/07/28 20:54:13 | 000,102,416 | ---- | M] (Realtek Semiconductor Corporation) -- D:\WINDOWS\System32\RTNUninst32.dll
[2011/07/28 20:54:13 | 000,081,936 | ---- | M] () -- D:\WINDOWS\System32\RtNicProp32.dll
[2011/07/28 20:21:17 | 000,000,799 | ---- | M] () -- D:\Documents and Settings\All Users\Escritorio\DriverScanner.lnk
[2011/07/28 20:18:20 | 000,001,543 | ---- | M] () -- D:\Documents and Settings\Juan Manuel\Escritorio\Uniblue RegistryBooster.lnk
[2011/07/28 18:05:47 | 000,001,665 | ---- | M] () -- D:\Documents and Settings\Juan Manuel\Escritorio\Mozilla Firefox.lnk
[2011/07/28 01:08:25 | 000,000,833 | ---- | M] () -- D:\Documents and Settings\All Users\Escritorio\Malwarebytes' Anti-Malware.lnk
[2011/07/28 01:05:53 | 000,010,809 | ---- | M] () -- D:\WINDOWS\System32\QuickTime.qtp
[2011/07/26 21:03:28 | 000,000,731 | ---- | M] () -- D:\Documents and Settings\All Users\Escritorio\CCleaner.lnk
[2011/07/15 03:03:31 | 000,001,876 | ---- | M] () -- D:\Documents and Settings\All Users\Escritorio\Google Chrome.lnk
[2011/07/13 07:13:17 | 000,380,832 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[20 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/05 00:56:27 | 000,625,664 | ---- | C] () -- D:\Documents and Settings\Juan Manuel\Escritorio\dds.scr
[2011/08/01 17:15:06 | 000,000,282 | ---- | C] () -- D:\WINDOWS\tasks\SpeedUpMyPC.job
[2011/08/01 17:14:58 | 000,001,722 | ---- | C] () -- D:\Documents and Settings\All Users\Escritorio\SpeedUpMyPC.lnk
[2011/07/28 20:54:13 | 000,081,936 | ---- | C] () -- D:\WINDOWS\System32\RtNicProp32.dll
[2011/07/28 20:21:23 | 000,000,286 | ---- | C] () -- D:\WINDOWS\tasks\DriverScanner.job
[2011/07/28 20:21:17 | 000,000,799 | ---- | C] () -- D:\Documents and Settings\All Users\Escritorio\DriverScanner.lnk
[2011/07/28 20:18:20 | 000,001,543 | ---- | C] () -- D:\Documents and Settings\Juan Manuel\Escritorio\Uniblue RegistryBooster.lnk
[2011/07/28 19:54:17 | 000,000,290 | ---- | C] () -- D:\WINDOWS\tasks\RegistryBooster.job
[2011/07/28 01:08:25 | 000,000,833 | ---- | C] () -- D:\Documents and Settings\All Users\Escritorio\Malwarebytes' Anti-Malware.lnk
[2011/06/10 22:57:19 | 001,110,093 | ---- | C] () -- D:\WINDOWS\System32\Vfw.dll
[2011/06/10 22:57:17 | 000,056,832 | ---- | C] () -- D:\WINDOWS\System32\Iyvu9_32.dll
[2011/06/10 22:57:13 | 000,151,056 | ---- | C] () -- D:\WINDOWS\System32\IR32.DLL
[2011/06/10 22:57:13 | 000,077,664 | ---- | C] () -- D:\WINDOWS\System32\IR21.DLL
[2011/06/10 22:57:12 | 004,767,232 | ---- | C] () -- D:\WINDOWS\System32\GFXLIB32.DLL
[2011/06/10 22:57:11 | 000,194,726 | ---- | C] () -- D:\WINDOWS\System32\Audio.dll
[2011/06/10 22:57:11 | 000,128,111 | ---- | C] () -- D:\WINDOWS\System32\Audio32.dll
[2011/05/22 13:00:41 | 000,063,488 | R--- | C] () -- D:\WINDOWS\xobglu16.dll
[2011/05/22 13:00:41 | 000,053,248 | ---- | C] () -- D:\WINDOWS\bspnet.dll
[2011/05/22 13:00:41 | 000,023,552 | R--- | C] () -- D:\WINDOWS\xobglu32.dll
[2011/03/26 16:17:57 | 000,008,273 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2011/03/08 00:46:28 | 000,165,376 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2011/03/08 00:46:27 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini
[2011/03/08 00:46:22 | 000,810,496 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2011/03/08 00:46:22 | 000,183,808 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2011/03/08 00:46:18 | 000,080,896 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2011/02/08 01:53:22 | 000,000,286 | ---- | C] () -- D:\WINDOWS\reimage.ini
[2010/11/14 20:21:54 | 000,000,036 | ---- | C] () -- D:\Documents and Settings\Juan Manuel\Configuración local\Datos de programa\housecall.guid.cache
[2010/10/02 15:03:16 | 000,000,382 | ---- | C] () -- D:\WINDOWS\Disney.ini
[2010/06/03 00:21:28 | 000,484,352 | ---- | C] () -- D:\WINDOWS\System32\lame_enc.dll
[2010/04/24 18:51:54 | 000,003,654 | ---- | C] () -- D:\WINDOWS\System32\drivers\Sonyhcp.dll
[2010/04/10 21:29:24 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2010/02/22 21:04:55 | 000,053,248 | R--- | C] () -- D:\WINDOWS\System32\InstMed.exe
[2010/02/22 21:04:44 | 000,009,255 | ---- | C] () -- D:\WINDOWS\System32\lvcoinst.ini
[2010/02/22 21:03:53 | 000,000,272 | ---- | C] () -- D:\WINDOWS\_delis32.ini
[2010/02/07 12:33:00 | 000,520,192 | ---- | C] () -- D:\WINDOWS\System32\ati2sgag.exe
[2010/01/27 21:48:18 | 000,004,096 | ---- | C] () -- D:\WINDOWS\d3dx.dat
[2010/01/25 21:30:11 | 000,000,379 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2010/01/25 20:33:07 | 000,102,400 | ---- | C] () -- D:\Documents and Settings\Juan Manuel\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/23 23:09:33 | 000,000,050 | ---- | C] () -- D:\WINDOWS\MegaManager.INI
[2010/01/23 16:50:35 | 000,001,324 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010/01/23 01:57:07 | 000,081,092 | -H-- | C] () -- D:\WINDOWS\System32\mlfcache.dat
[2010/01/22 17:38:27 | 000,000,000 | ---- | C] () -- D:\WINDOWS\ativpsrm.bin
[2010/01/22 17:35:15 | 000,887,724 | R--- | C] () -- D:\WINDOWS\System32\ativva6x.dat
[2010/01/22 17:35:14 | 003,107,788 | R--- | C] () -- D:\WINDOWS\System32\ativva5x.dat
[2010/01/22 17:35:14 | 000,142,347 | ---- | C] () -- D:\WINDOWS\System32\atiicdxx.dat
[2010/01/22 08:00:01 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2010/01/22 07:54:36 | 000,021,900 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010/01/22 04:01:21 | 000,004,205 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2010/01/22 04:00:06 | 000,380,832 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- D:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- D:\WINDOWS\System32\OGAEXEC.exe
[2008/05/26 23:23:18 | 000,016,892 | ---- | C] () -- D:\WINDOWS\System32\gthrctr.ini
[2008/05/26 23:23:16 | 000,023,640 | ---- | C] () -- D:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 23:23:14 | 000,016,164 | ---- | C] () -- D:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- D:\WINDOWS\System32\structuredqueryschematrivial.b in
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- D:\WINDOWS\System32\structuredqueryschema.bin
[2006/12/17 04:30:22 | 003,107,788 | ---- | C] () -- D:\WINDOWS\System32\ativvaxx.dat
[2006/03/06 11:41:02 | 000,073,728 | ---- | C] () -- D:\WINDOWS\System32\AMV_DecDLL.dll
[2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- D:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/08/19 17:58:52 | 000,001,804 | ---- | C] () -- D:\WINDOWS\System32\dcache.bin
[2004/08/02 16:20:40 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2001/09/28 15:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2001/09/28 15:00:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2001/09/28 15:00:00 | 000,522,798 | ---- | C] () -- D:\WINDOWS\System32\perfh00A.dat
[2001/09/28 15:00:00 | 000,435,818 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2001/09/28 15:00:00 | 000,317,534 | ---- | C] () -- D:\WINDOWS\System32\perfi00A.dat
[2001/09/28 15:00:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2001/09/28 15:00:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2001/09/28 15:00:00 | 000,096,438 | ---- | C] () -- D:\WINDOWS\System32\perfc00A.dat
[2001/09/28 15:00:00 | 000,068,714 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2001/09/28 15:00:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2001/09/28 15:00:00 | 000,036,284 | ---- | C] () -- D:\WINDOWS\System32\perfd00A.dat
[2001/09/28 15:00:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2001/09/28 15:00:00 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2001/09/28 15:00:00 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat

< End of report >
Reply With Quote
  #4  
Old August 7th, 2011, 06:45 PM
KINGCRIMSON1 KINGCRIMSON1 is offline
New Member
 
Join Date: Aug 2011
O/S: Windows XP Pro
Location: Barcelona (Spain)
Posts: 4
OTL Extras logfile created on: 07/08/2011 19:32:13 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Documents and Settings\Juan Manuel\Escritorio
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

1023,11 Mb Total Physical Memory | 565,07 Mb Available Physical Memory | 55,23% Memory free
3,90 Gb Paging File | 3,49 Gb Available in Paging File | 89,57% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Archivos de programa
Drive C: | 152,66 Gb Total Space | 33,03 Gb Free Space | 21,64% Space Free | Partition Type: NTFS
Drive D: | 111,78 Gb Total Space | 4,04 Gb Free Space | 3,61% Space Free | Partition Type: NTFS

Computer Name: JUAN-MANUEL | User Name: Juan Manuel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1004336348-1677128483-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Archivos de programa\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNetisabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNetisabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"D:\Archivos de programa\Metin2_Spain\metin2client.bin" = D:\Archivos de programa\Metin2_Spain\metin2client.bin:*:Enabled:m etin2client -- ()
"D:\Archivos de programa\Mozilla Firefox\firefox.exe" = D:\Archivos de programa\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"D:\Archivos de programa\Metin2_Spain\metin2.bin" = D:\Archivos de programa\Metin2_Spain\metin2.bin:*:Enabled:metin2 -- ()
"D:\Archivos de programa\Ares\Ares.exe" = D:\Archivos de programa\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)
"D:\Archivos de programa\Google\Google Earth\plugin\geplugin.exe" = D:\Archivos de programa\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"D:\Archivos de programa\Azureus\Azureus.exe" = D:\Archivos de programa\Azureus\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.)
"D:\Documents and Settings\Raquel\Mis documentos\Downloads\SweetImSetup (1).exe" = D:\Documents and Settings\Raquel\Mis documentos\Downloads\SweetImSetup (1).exe:*:Enabled:SweetIM Installer


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05E33475-46B5-4273-A1ED-46C531A90692}" = SweetIM for Messenger 3.5
"{06C5169E-EFD9-7016-68EA-EBAB513CE0D9}" = CCC Help Turkish
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19CC1D81-82D4-FB57-A834-7B0F06E2F366}" = Catalyst Control Center Graphics Full Existing
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Herramienta de carga de Windows Live
"{2251C5D3-5396-A579-5CC9-EDE9E8738A3D}" = CCC Help Swedish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{274BFAD7-FEFC-50E8-9062-A0F40E9E70CB}" = CCC Help Italian
"{2B83A043-BA8C-4164-98AA-29529D0BE756}" = Windows Live Essentials
"{2F51344C-B044-FD27-5823-89D815EC134E}" = CCC Help Dutch
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39479B5A-5531-45E7-83D3-12BED7778037}" = OpenOffice.org 3.2
"{405C32CF-9C6F-49B3-9436-3F5FDBE7B3CE}" = Microsoft .NET Framework 2.0 Language Pack - ESN
"{43EE08A7-81C3-36CC-B357-8DE7DB91ADDE}" = CCC Help Russian
"{45EFD831-03AD-16D9-7C96-123A03473F27}" = ccc-core-preinstall
"{494D7224-DFC8-5667-1190-6E9118BAC032}" = CCC Help Thai
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A130128-1FC5-5D76-5053-9EFD94A309DF}" = CCC Help Japanese
"{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}" = Fissa
"{4CCAE73B-92EF-4EF9-86C5-1207E45B79CF}" = AlgoWorks BDV ep7f_e0_770_03
"{501B1EC2-C96E-11D6-80DE-000103C1AB28}" = AlgoWorks
"{53FD4AF2-59DC-48E0-B345-CF8491D34460}" = ActiveXperts Network Monitor 7.2
"{5783F2D7-6009-040A-0002-0060B0CE6BBA}" = AutoCAD LT 2008 - Español
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5B4C46CE-18BF-4319-D286-C7B641041366}" = CCC Help English
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{620627BB-90E1-3E69-0D84-D1A25F6E8594}" = CCC Help Korean
"{648B6DC0-47AF-7E29-1EB8-35BD9B1C0DA1}" = Catalyst Control Center Graphics Full New
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{704ADC50-CBD9-2537-44BC-CEC4A1C5DDE5}" = CCC Help German
"{70CA6A92-B1C6-7218-B759-DD8088BE9C86}" = CCC Help Czech
"{7593234B-2AEB-4FC9-B02D-C9B30D86084C}" = Windows Live Asistente para el inicio de sesión
"{76B807CC-1332-7263-786A-8ABB57CC4BD8}" = CCC Help Portuguese
"{773D5AF0-F344-4944-8F2A-F0330F637C6A}" = Ya sé leer
"{7884DDEE-FBC7-4B39-A521-033FC662CAFE}" = CCC Help Polish
"{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}" = Sentinel System Driver
"{80DDFD23-9F4B-491E-ADEE-1324E901350F}" = ccc-core-static
"{84D57213-6C95-C1D2-D00E-8EBD7DF8A5EB}" = CCC Help Chinese Standard
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8924FD04-AFF1-4387-B08B-6A979485F2BD}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.21
"{8BE9E14E-C390-C0F8-4FD2-E5E374E699EB}" = Catalyst Control Center Graphics Light
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0C0A-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Spanish) 12
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007
"{90120000-0044-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2007
"{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90B26E30-CE19-E266-1CE4-3166A099FFD2}" = CCC Help Finnish
"{914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}" = Windows Live Sync
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-00FF-0403-0000-0000000FF1CE}" = Microsoft Office Language Interface Pack 2007 - Català
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE6403B-762F-8CF3-08BC-CCF10FFCFB25}" = ccc-utility
"{A0D93FF8-0523-9607-BCDC-FD87AA6B3592}" = CCC Help French
"{A1194237-547A-461d-BD44-B97B1574A7DA}" = SweetIM Toolbar for Internet Explorer 4.1
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2713384-7398-43E9-9D43-565B3A7FEFEE}" = Asesor de Seguridad
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A41D4E9F-7D8F-893C-B68A-FC62EC96C1EC}" = CCC Help Chinese Traditional
"{A7BBE3D6-F19A-40E6-96EC-84E1DC88F262}" = Galería fotográfica de Windows Live
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A961C6FD-C583-45F6-A0A4-5E4376C29E41}" = Catalyst Control Center - Branding
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-1034-7B44-A94000000001}" = Adobe Reader 9.4.5 - Español
"{ACCADCE8-AA5E-4933-92C2-A88FAFCC1790}" = AlgoRex Standard Embedded SW 773
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AF60423E-DC50-5CA4-4D8A-15FCE656D2DD}" = CCC Help Greek
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7769987-9CC5-5A62-5515-163BE7643131}" = CCC Help Hungarian
"{B7777E08-1344-42E8-975B-6F541F9ADBD8}" = ATI Catalyst Control Center
"{BEC001F9-0451-4396-92D7-E1A4E7854BF3}" = Windows Live Mail
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C4156B59-DD7E-40DF-AF08-E568A27A6409}" = Windows Live Messenger
"{C430EBB5-41D7-9269-9E09-710F3A4E3E89}" = CCC Help Spanish
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DE1A2837-40A1-1999-A2BE-568BAA9C5AED}" = CCC Help Danish
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E691840E-6ABF-0843-0853-D702C5030DBE}" = Catalyst Control Center Localization All
"{E90BCB3E-1712-C7ED-4804-D9E92811F4C7}" = Skins
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEE5745D-67A3-63D6-969E-E8AD1A7E2F9A}" = Catalyst Control Center Core Implementation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FEB72DDC-A66D-43DD-B091-4699E08208C6}" = BBC Pingu i els seus amics
"{FF3E7DBA-C199-25DA-80B4-CD81A13B4741}" = CCC Help Norwegian
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"Any Video Converter_is1" = Any Video Converter 3.1.2
"Ares" = Ares 2.1.6
"ARescate" = Acción Rescate
"Argente Utilities_is1" = Argente Utilities 1.0.4.0
"ATI Display Driver" = ATI Display Driver
"AutoCAD LT 2008 - Español" = AutoCAD LT 2008 - Español
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Azureus" = Azureus
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = Instalación de DivX
"Easy Audio Cutter_is1" = Easy Audio Cutter V1.9
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"Google Chrome" = Google Chrome
"Hamster Free Video Converter_is1" = HamsterFreeVideoConverter
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Full)
"Locura de juegos" = Locura de juegos de Disney
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware versión 1.51.1.1800
"McAfee Security Scan" = McAfee Security Scan
"Messenger Plus!" = Messenger Plus! 5
"MessengerPlusLive_Spain_TB Toolbar" = MessengerPlusLive Spain TB Toolbar
"Microsoft .NET Framework 2.0 Language Pack - ESN" = Paquete de idioma de Microsoft .NET Framework 2.0 - ESN
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 5.0 (x86 es-ES)" = Mozilla Firefox 5.0 (x86 es-ES)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"QcDrv" = Controlador de Logitech® Camera
"RadialpointClientGateway_is1" = Centro de Servicios ONO 1.5.24
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.92
"softonic.com4 Toolbar" = softonic.com4 Toolbar
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Veetle TV" = Veetle TV 0.9.18
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Reproductor de Windows Media 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = Compresor WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1004336348-1677128483-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall]
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29/07/2011 10:29:11 | Computer Name = JUAN-MANUEL | Source = crypt32 | ID = 131083
Description = Error en la extracción de la lista raíz de terceros del archivo .CAB
actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
con el error: Un certificado requerido no se encuentra dentro del periodo de validez
cuando se ha realizado la comprobación con el reloj de sistema actual o con la
marca de fecha y hora en el archivo firmado.

Error - 29/07/2011 10:29:11 | Computer Name = JUAN-MANUEL | Source = crypt32 | ID = 131083
Description = Error en la extracción de la lista raíz de terceros del archivo .CAB
actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
con el error: Un certificado requerido no se encuentra dentro del periodo de validez
cuando se ha realizado la comprobación con el reloj de sistema actual o con la
marca de fecha y hora en el archivo firmado.

Error - 29/07/2011 19:57:36 | Computer Name = JUAN-MANUEL | Source = WmiAdapter | ID = 4099
Description = Error al abrir el servicio.

Error - 30/07/2011 0:49:13 | Computer Name = JUAN-MANUEL | Source = WmiAdapter | ID = 4099
Description = Error al abrir el servicio.

Error - 31/07/2011 7:00:06 | Computer Name = JUAN-MANUEL | Source = Application Error | ID = 1000
Description = Aplicación con errores: sump.exe, versión: 5.1.1.1, módulo con error:
user32.dll, versión 5.1.2600.5512, dirección de error 0x00017b5e.

Error - 02/08/2011 13:52:49 | Computer Name = JUAN-MANUEL | Source = WmiAdapter | ID = 4099
Description = Error al abrir el servicio.

Error - 03/08/2011 16:48:23 | Computer Name = JUAN-MANUEL | Source = WmiAdapter | ID = 4099
Description = Error al abrir el servicio.

Error - 04/08/2011 18:39:42 | Computer Name = JUAN-MANUEL | Source = MsiInstaller | ID = 11720
Description = Product: Fissa -- Error 1720.There is a problem with this Windows
Installer package. A script required for this install to complete could not be run.
Contact your support personnel or package vendor. Custom action RestoreFirefoxSettings
script error -2147024894, WshShell.RegRead: Raíz no válida en la clave del registro
"HKEY_CURRENT_USER\Software\FissaSearch\FF\oldHome Page". Line 67, Column 1,

Error - 04/08/2011 19:44:16 | Computer Name = JUAN-MANUEL | Source = MsiInstaller | ID = 11720
Description = Product: Fissa -- Error 1720.There is a problem with this Windows
Installer package. A script required for this install to complete could not be run.
Contact your support personnel or package vendor. Custom action RestoreFirefoxSettings
script error -2147024894, WshShell.RegRead: Raíz no válida en la clave del registro
"HKEY_CURRENT_USER\Software\FissaSearch\FF\oldHome Page". Line 67, Column 1,

Error - 06/08/2011 6:00:03 | Computer Name = JUAN-MANUEL | Source = WmiAdapter | ID = 4099
Description = Error al abrir el servicio.

[ Application Events ]
Error - 29/07/2011 10:29:11 | Computer Name = JUAN-MANUEL | Source = crypt32 | ID = 131083
Description = Error en la extracción de la lista raíz de terceros del archivo .CAB
actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
con el error: Un certificado requerido no se encuentra dentro del periodo de validez
cuando se ha realizado la comprobación con el reloj de sistema actual o con la
marca de fecha y hora en el archivo firmado.

Error - 29/07/2011 10:29:11 | Computer Name = JUAN-MANUEL | Source = crypt32 | ID = 131083
Description = Error en la extracción de la lista raíz de terceros del archivo .CAB
actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
con el error: Un certificado requerido no se encuentra dentro del periodo de validez
cuando se ha realizado la comprobación con el reloj de sistema actual o con la
marca de fecha y hora en el archivo firmado.

Error - 29/07/2011 19:57:36 | Computer Name = JUAN-MANUEL | Source = WmiAdapter | ID = 4099
Description = Error al abrir el servicio.

Error - 30/07/2011 0:49:13 | Computer Name = JUAN-MANUEL | Source = WmiAdapter | ID = 4099
Description = Error al abrir el servicio.

Error - 31/07/2011 7:00:06 | Computer Name = JUAN-MANUEL | Source = Application Error | ID = 1000
Description = Aplicación con errores: sump.exe, versión: 5.1.1.1, módulo con error:
user32.dll, versión 5.1.2600.5512, dirección de error 0x00017b5e.

Error - 02/08/2011 13:52:49 | Computer Name = JUAN-MANUEL | Source = WmiAdapter | ID = 4099
Description = Error al abrir el servicio.

Error - 03/08/2011 16:48:23 | Computer Name = JUAN-MANUEL | Source = WmiAdapter | ID = 4099
Description = Error al abrir el servicio.

Error - 04/08/2011 18:39:42 | Computer Name = JUAN-MANUEL | Source = MsiInstaller | ID = 11720
Description = Product: Fissa -- Error 1720.There is a problem with this Windows
Installer package. A script required for this install to complete could not be run.
Contact your support personnel or package vendor. Custom action RestoreFirefoxSettings
script error -2147024894, WshShell.RegRead: Raíz no válida en la clave del registro
"HKEY_CURRENT_USER\Software\FissaSearch\FF\oldHome Page". Line 67, Column 1,

Error - 04/08/2011 19:44:16 | Computer Name = JUAN-MANUEL | Source = MsiInstaller | ID = 11720
Description = Product: Fissa -- Error 1720.There is a problem with this Windows
Installer package. A script required for this install to complete could not be run.
Contact your support personnel or package vendor. Custom action RestoreFirefoxSettings
script error -2147024894, WshShell.RegRead: Raíz no válida en la clave del registro
"HKEY_CURRENT_USER\Software\FissaSearch\FF\oldHome Page". Line 67, Column 1,

Error - 06/08/2011 6:00:03 | Computer Name = JUAN-MANUEL | Source = WmiAdapter | ID = 4099
Description = Error al abrir el servicio.

[ OSession Events ]
Error - 16/11/2010 16:06:03 | Computer Name = JUAN-MANUEL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 22/11/2010 20:16:10 | Computer Name = JUAN-MANUEL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 91 seconds with 0 seconds of active time. This session ended with a crash.

Error - 06/02/2011 9:37:10 | Computer Name = JUAN-MANUEL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 14 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 05/08/2011 4:54:30 | Computer Name = JUAN-MANUEL | Source = Service Control Manager | ID = 7022
Description = El servicio Avira AntiVir Guard permanece en inicio.

Error - 05/08/2011 4:55:46 | Computer Name = JUAN-MANUEL | Source = Service Control Manager | ID = 7009
Description = Intervalo de espera (30000 ms.) para la conexión con el servicio Servicio
de descubrimientos SSDP.

Error - 05/08/2011 4:55:47 | Computer Name = JUAN-MANUEL | Source = Service Control Manager | ID = 7000
Description = El servicio Servicio de descubrimientos SSDP no pudo iniciarse debido
al siguiente error: %%1053

Error - 05/08/2011 4:58:14 | Computer Name = JUAN-MANUEL | Source = DCOM | ID = 10005
Description = DCOM ha obtenido un error "%1058" al intentar iniciar el servicio
WSearch con argumentos "" para ejecutar el servidor: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 05/08/2011 13:17:39 | Computer Name = JUAN-MANUEL | Source = Service Control Manager | ID = 7038
Description = El servicio AxsNmSvc no se pudo iniciarse como .\Juan Manuel con la
contraseña configurada actualmente debido al siguiente error: %%1326 Para asegurarse
de que el servicio esté correctamente configurado, use el complemento Servicios
en Microsoft Management Console (MMC).

Error - 06/08/2011 5:57:16 | Computer Name = JUAN-MANUEL | Source = Service Control Manager | ID = 7038
Description = El servicio AxsNmSvc no se pudo iniciarse como .\Juan Manuel con la
contraseña configurada actualmente debido al siguiente error: %%1326 Para asegurarse
de que el servicio esté correctamente configurado, use el complemento Servicios
en Microsoft Management Console (MMC).

Error - 06/08/2011 6:43:10 | Computer Name = JUAN-MANUEL | Source = DCOM | ID = 10005
Description = DCOM ha obtenido un error "%1058" al intentar iniciar el servicio
WSearch con argumentos "" para ejecutar el servidor: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 06/08/2011 11:47:49 | Computer Name = JUAN-MANUEL | Source = Service Control Manager | ID = 7038
Description = El servicio AxsNmSvc no se pudo iniciarse como .\Juan Manuel con la
contraseña configurada actualmente debido al siguiente error: %%1326 Para asegurarse
de que el servicio esté correctamente configurado, use el complemento Servicios
en Microsoft Management Console (MMC).

Error - 06/08/2011 11:49:31 | Computer Name = JUAN-MANUEL | Source = Service Control Manager | ID = 7022
Description = El servicio Avira AntiVir Guard permanece en inicio.

Error - 07/08/2011 7:22:56 | Computer Name = JUAN-MANUEL | Source = Service Control Manager | ID = 7038
Description = El servicio AxsNmSvc no se pudo iniciarse como .\Juan Manuel con la
contraseña configurada actualmente debido al siguiente error: %%1326 Para asegurarse
de que el servicio esté correctamente configurado, use el complemento Servicios
en Microsoft Management Console (MMC).


< End of report >
Reply With Quote
  #5  
Old August 9th, 2011, 08:45 PM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
You have Windows installed on the D: drive. That's not the usual setup. What's on C: please, another operating system or are you using it for storage?

I see some things to remove. But I am also concerned about the fact that you have such a small amount of free space on your hard drive.

Let's see what eset finds and then we'll take the next step.

Disable your antivirus program and go here and run an online scan using ESET Online Scanner (you will need to use Internet Explorer for this scan, or download the installer to run it in a different browser).


Note: It is easiest if you use Internet explorer for this scan. (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)
Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
Afer the scan is complete and you see scan completed in the window, there will be a link labeled List of found threats. You want to click it . When that next page opens, you have a choice of copying to clipboard or exporting to text file. choose export to text file. Name the file eset results.txt Save it on your desktop and post its contents into your next reply here.
Reply With Quote
  #6  
Old August 11th, 2011, 10:23 AM
KINGCRIMSON1 KINGCRIMSON1 is offline
New Member
 
Join Date: Aug 2011
O/S: Windows XP Pro
Location: Barcelona (Spain)
Posts: 4
Really the unit c: I use her only for storage, Can gain space in the unit D: erasing files of downloads that still I have not erased.
Do you want that I do this now?

Here you have the results of the scanner.

C:\Super Todo En Uno V8\BOOTCD\WINTOOLS\VDEFS.EXE probably a variant of Win32/TrojanDownloader.Agent.IPMCVMF trojan cleaned by deleting - quarantined
C:\Super Todo En Uno V8\DVD5\TEU_V8_DVD1\BOOTCD\WINTOOLS\VDEFS.EXE probably a variant of Win32/TrojanDownloader.Agent.IPMCVMF trojan cleaned by deleting - quarantined
C:\Super Todo En Uno V8\DVD5\TEU_V8_DVD2\AUTOPLAY\DOCS\BURNING\ALCOHOL\ KEYMAKER.EXE probably a variant of Win32/Agent.CWORLZS trojan cleaned by deleting - quarantined
C:\Super Todo En Uno V8\DVD5\TEU_V8_DVD2\AUTOPLAY\DOCS\BURNING\NERO\NER O-7.7.5.1_ESP_TRIAL.EXE Win32/Toolbar.AskSBar application deleted - quarantined
C:\Super Todo En Uno V8\DVD5\TEU_V8_DVD2\AUTOPLAY\DOCS\VARIAS\SERVU\SER V-U.V6.3.0.1.CORPORATE.EDITION-PATCH.EXE a variant of Win32/Packed.CrackPack.A application cleaned by deleting - quarantined
C:\Super Todo En Uno V8\DVD5\TEU_V8_DVD2\AUTOPLAY\DOCS\VARIAS\SERVU\SER VUSETUP.EXE multiple threats deleted - quarantined
D:\Archivos de programa\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application cleaned by deleting - quarantined
D:\Archivos de programa\Uniblue\RegistryBooster\rbmonitor.exe Win32/RegistryBooster application cleaned by deleting - quarantined
D:\Archivos de programa\Uniblue\RegistryBooster\rbnotifier.exe Win32/RegistryBooster application cleaned by deleting - quarantined
D:\Archivos de programa\Uniblue\RegistryBooster\rb_move_serial.ex e Win32/RegistryBooster application cleaned by deleting - quarantined
D:\Archivos de programa\Uniblue\RegistryBooster\rb_ubm.exe Win32/RegistryBooster application cleaned by deleting - quarantined
D:\Archivos de programa\Uniblue\RegistryBooster\registrybooster.e xe Win32/RegistryBooster application cleaned by deleting - quarantined
D:\Archivos de programa\Uniblue\SpeedUpMyPC\Launcher.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
D:\Archivos de programa\Uniblue\SpeedUpMyPC\spmonitor.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
D:\Archivos de programa\Uniblue\SpeedUpMyPC\spnotifier.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
D:\Archivos de programa\Uniblue\SpeedUpMyPC\sp_move_serial.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
D:\Archivos de programa\Uniblue\SpeedUpMyPC\sump.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
D:\Documents and Settings\Ariadna\Mis documentos\Descargas\MsgPlusLive-490.exe a variant of Win32/MessengerPlus application cleaned by deleting - quarantined
D:\Documents and Settings\Juan Manuel\Datos de programa\Uniblue\RegistryBooster\_temp\ub.exe Win32/RegistryBooster application deleted - quarantined
D:\Documents and Settings\Juan Manuel\Datos de programa\Uniblue\SpeedUpMyPC\_temp\ub.exe Win32/SpeedUpMyPC application deleted - quarantined
D:\Documents and Settings\Juan Manuel\Escritorio\Setup_FreeConverter.exe Win32/Adware.Toolbar.Dealio application deleted - quarantined
D:\Documents and Settings\Juan Manuel\Mis documentos\Azureus Downloads\Super Todo En Uno V3 [DVD9] [Spanish] [www.topetorrent.com]\Super Todo En Uno V3 [DVD9] [Spanish] [www.topetorrent.com].iso multiple threats deleted - quarantined
D:\Documents and Settings\Juan Manuel\Mis documentos\Azureus Downloads\Uniblue RegistryBooster 2011 5.0.12.1 + serial [TrT-TcT]\Uniblue RegistryBooster 2011 5.0.12.1 + serial [TrT-TcT].rar Win32/RegistryBooster application deleted - quarantined
D:\Documents and Settings\Juan Manuel\Mis documentos\Azureus Downloads\Uniblue SpeedUpMyPC 2010 v4.2.7.7 +Serial-[HB]\speedupmypc.exe Win32/SpeedUpMyPC application deleted - quarantined
D:\Documents and Settings\Juan Manuel\Mis documentos\Azureus Downloads\Uniblue SpeedUpMyPC 2011 5.1.0.6 + Serial-[HB]\speedupmypc.exe multiple threats deleted - quarantined
D:\Documents and Settings\Juan Manuel\Mis documentos\Azureus Downloads\Uniblue SpeedUpMyPC 2011 5.1.1.1 + Serial-[HB]\speedupmypc.exe Win32/SpeedUpMyPC application deleted - quarantined
D:\Documents and Settings\Juan Manuel\Mis documentos\Azureus Downloads\Uniblue SpeedUpMyPC 2011 v5.1.1+Serial [ kk ]\Uniblue SpeedUpMyPC 2011 v5.1.1+Serial [ kk ].rar Win32/SpeedUpMyPC application deleted - quarantined
D:\Documents and Settings\Juan Manuel\Mis documentos\Descargas\registrybooster.exe Win32/RegistryBooster application deleted - quarantined
D:\INSTALAR\Uniblue RegistryBooster 2011 5.0.12.1 + serial [TrT-TcT]\registrybooster.exe Win32/RegistryBooster application deleted - quarantined
Reply With Quote
  #7  
Old August 11th, 2011, 03:20 PM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
Your logs show evidence of file sharing activities. Not only are a lot of those files illegally obtained, but they contain trojans.

Please read this page for the reasons why:
http://www.cybertechhelp.com/forums/...d.php?t=157952


File sharing is a great way to become infected.

And read this too. So many of the infections now steal private, sensitive information. They are dangerous!

http://www.cybertechhelp.com/forums/...d.php?t=189705

Unfortunately, you have downloaded some pirated software.


From the CTH Terms of Service:

The posting of links or references to warez or any other type of illegal software is strictly forbidden. By doing so you risk having your user account terminated without warning. We will NOT help anyone we suspect of having obtained their software illegally.

Support for your issues is withdrawn. I can no longer assist you.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Help with removal of searchqu 20Quinn Malware Removal 29 October 15th, 2012 06:52 PM
iLivid/Searchqu Searchqusupport Open Discussion 6 February 15th, 2012 02:58 AM
www.searchqu.com/406 GrahamyHill Malware Removal 9 December 29th, 2011 06:35 PM
Browser Hijack - http://www.searchqu.com/406 giradman Malware Removal 21 December 4th, 2011 02:11 PM
Infected, Or not infected. That's the question. xxLulu_Axisxx Malware Removal 6 February 18th, 2006 10:29 PM


All times are GMT +1. The time now is 10:18 PM.