Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #1  
Old June 21st, 2013, 11:53 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
Posible Virus that starts writing text

Can someone infect you wile you chat? I use Trillian (from Cerulean Studios) as a account manager for several social networks and chat applications. This person from Ghana contacted me through ICQ and asked several questions (I later blocked her). But after that brief chat, I opened my bank page on Chrome, and after the AhnLab Online Security Personal application executed itself automatically, my LapTop started to act very weirdly: text characters started to appear in the application that was on top of the Desktop; if I changed application, the text characters started to appear on the new one.
I had to re-start my LapTop in order to stop the process.
What do you need from me to make a diagnostic. Thank you.

Hijack This Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:57:49, on 21/06/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.e xe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Archivos comunes\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\Archivos de programa\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Java\jre6\bin\jqs.exe
C:\Archivos de programa\Archivos comunes\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Xobni\XobniService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Trusteer\Rapport\bin\RapportService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe
C:\Archivos de programa\ESET\ESET Smart Security\egui.exe
C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
C:\Archivos de programa\iTunes\iTunesHelper.exe
C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe
C:\Archivos de programa\Logitech\QuickCam10\QuickCam10.exe
C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
C:\Archivos de programa\ACT\SideACT.exe
C:\Archivos de programa\Windows Desktop Search\WindowsSearch.exe
C:\Archivos de programa\iPod\bin\iPodService.exe
C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe
C:\Archivos de programa\AhnLab\ASP\Smart Update i\aos2svc.exe
C:\Archivos de programa\Archivos comunes\Logishrd\LQCVFX\COCIManager.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqimzone.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Archivos de programa\AhnLab\ASP\AOSPersonal\aosmain.exe
C:\Archivos de programa\AhnLab\ASP\MyFirewall 4.0\mf40nt.exe
C:\Archivos de programa\AhnLab\ASP\Smart Update i\aoslog.exe
C:\Archivos de programa\AhnLab\ASP\MyFirewall 4.0\aosrts.exe
C:\Archivos de programa\Google\Chrome\Application\chrome.exe
C:\Archivos de programa\Google\Chrome\Application\chrome.exe
C:\Archivos de programa\Trillian\trillian.exe
c:\archivos de programa\trillian\plugins\skypekit.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Archivos de programa\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.contactognp.com.mx/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Archivos de programa\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dl l
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Archivos de programa\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HP Software Update] C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AhnLab Online Security Personal] "C:\Archivos de programa\AhnLab\ASP\AOSPersonal\aosrun.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Archivos de programa\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe "
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Archivos de programa\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Dropbox.lnk = C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Trillian.lnk = C:\Archivos de programa\Trillian\trillian.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Dropbox.lnk = C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe (User 'Default user')
O4 - .DEFAULT Startup: Trillian.lnk = C:\Archivos de programa\Trillian\trillian.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe
O4 - Startup: Trillian.lnk = C:\Archivos de programa\Trillian\trillian.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Inicio rápido de HP Photosmart Premier.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: SideACT!.lnk = C:\Archivos de programa\ACT\SideACT.exe
O4 - Global Startup: Windows Search.lnk = C:\Archivos de programa\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Archivos de programa\Messenger\msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Archivos de programa\Messenger\msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARCHIV~1\ARCHIV~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: RailNotification - C:\WINDOWS\SYSTEM32\winlogonnotification.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe
O23 - Service: AOS2Service - AhnLab, Inc. - C:\Archivos de programa\AhnLab\ASP\Smart Update i\aos2svc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Archivos de programa\Bonjour\mDNSResponder.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Archivos de programa\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Archivos de programa\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Archivos de programa\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Archivos de programa\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Archivos de programa\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Archivos de programa\Archivos comunes\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Archivos de programa\Archivos comunes\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Archivos de programa\Archivos comunes\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.e xe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Archivos de programa\Archivos comunes\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Archivos de programa\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Archivos de programa\Skype\Updater\Updater.exe
O23 - Service: XobniService - Xobni Corporation - C:\Archivos de programa\Xobni\XobniService.exe

--
End of file - 10641 bytes

Last edited by rrodulfo; June 22nd, 2013 at 12:03 AM. Reason: Post Hijack this Log
Reply With Quote


  #2  
Old June 22nd, 2013, 01:26 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 41
Posts: 5,017
Hello, rrodulfo
Welcome to the CyberTechHelp Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.



Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Please set your system to show all files.
    Click Start, open My Computer, select the Tools menu and click Folder Options.
    Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
    Uncheck: Hide file extensions for known file types
    Uncheck the Hide protected operating system files (recommended) option.
    Click Yes to confirm.




  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Push the Quick Scan button.
  5. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized



Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.
Reply With Quote
  #3  
Old June 22nd, 2013, 05:37 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
OTL.txt

OTL logfile created on: 22/06/2013 11:20:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Mis documentos\Dropbox\Downloads\OTL
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy

1.98 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 42.09% Memory free
3.83 Gb Paging File | 2.75 Gb Available in Paging File | 71.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 29.29 Gb Total Space | 11.77 Gb Free Space | 40.17% Space Free | Partition Type: NTFS
Drive D: | 44.02 Gb Total Space | 6.55 Gb Free Space | 14.89% Space Free | Partition Type: NTFS

Computer Name: OFICINA-9FDFA55 | User Name: Rafael Rodulfo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/22 11:08:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Mis documentos\Dropbox\Downloads\OTL\OTL.exe
PRC - [2013/06/17 13:59:43 | 005,306,880 | ---- | M] () -- c:\Archivos de programa\Trillian\plugins\skypekit.exe
PRC - [2013/06/17 00:00:00 | 002,606,448 | ---- | M] (Cerulean Studios) -- C:\Archivos de programa\Trillian\trillian.exe
PRC - [2013/06/14 20:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Archivos de programa\Google\Chrome\Application\chrome.exe
PRC - [2013/06/05 12:50:52 | 027,370,808 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe
PRC - [2013/04/30 01:28:38 | 002,115,864 | ---- | M] (Trusteer Ltd.) -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportService.exe
PRC - [2013/04/30 01:28:38 | 001,124,632 | ---- | M] (Trusteer Ltd.) -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.e xe
PRC - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Archivos de programa\ESET\ESET Smart Security\ekrn.exe
PRC - [2013/03/21 15:19:40 | 005,078,504 | ---- | M] (ESET) -- C:\Archivos de programa\ESET\ESET Smart Security\egui.exe
PRC - [2013/01/25 13:06:00 | 000,335,792 | ---- | M] (AhnLab, Inc.) -- C:\Archivos de programa\AhnLab\ASP\Smart Update i\aoslog.exe
PRC - [2012/12/21 16:27:46 | 000,057,008 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012/11/01 05:55:00 | 000,429,496 | ---- | M] (AhnLab, Inc.) -- C:\Archivos de programa\AhnLab\ASP\MyFirewall 4.0\aosrts.exe
PRC - [2012/10/12 04:08:00 | 001,093,064 | ---- | M] (AhnLab, Inc.) -- C:\Archivos de programa\AhnLab\ASP\MyFirewall 4.0\mf40nt.exe
PRC - [2012/09/17 12:41:54 | 000,254,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe
PRC - [2012/08/24 06:29:00 | 000,155,128 | ---- | M] (AhnLab, Inc.) -- C:\Archivos de programa\AhnLab\ASP\Smart Update i\aos2svc.exe
PRC - [2012/08/08 01:58:00 | 000,519,680 | ---- | M] (AhnLab, Inc.) -- C:\Archivos de programa\AhnLab\ASP\AOSPersonal\aosmain.exe
PRC - [2012/04/09 19:32:06 | 000,062,184 | ---- | M] (Xobni Corporation) -- C:\Archivos de programa\Xobni\XobniService.exe
PRC - [2011/07/12 15:33:58 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/02/27 06:55:20 | 000,909,312 | ---- | M] (Intel(R) Corporation) -- C:\Archivos de programa\Intel\WiFi\bin\S24EvMon.exe
PRC - [2007/05/17 10:53:02 | 000,780,312 | ---- | M] () -- C:\Archivos de programa\Logitech\QuickCam10\QuickCam10.exe
PRC - [2007/05/17 10:52:04 | 000,505,368 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/05/17 10:51:30 | 000,232,472 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2007/05/11 17:30:50 | 000,133,920 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/05/11 17:28:56 | 000,187,168 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2006/02/10 07:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Archivos de programa\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2003/04/24 04:21:56 | 000,278,589 | ---- | M] () -- C:\Archivos de programa\ACT\SideACT.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/17 13:59:43 | 005,306,880 | ---- | M] () -- c:\Archivos de programa\Trillian\plugins\skypekit.exe
MOD - [2013/06/17 00:00:00 | 000,187,392 | ---- | M] () -- C:\Archivos de programa\Trillian\libpng15.dll
MOD - [2013/06/17 00:00:00 | 000,065,536 | ---- | M] () -- C:\Archivos de programa\Trillian\libungif.dll
MOD - [2013/06/17 00:00:00 | 000,059,904 | ---- | M] () -- C:\Archivos de programa\Trillian\zlib1.dll
MOD - [2013/06/17 00:00:00 | 000,010,752 | ---- | M] () -- c:\Archivos de programa\Trillian\languages\en\buddy.dll
MOD - [2013/06/17 00:00:00 | 000,007,168 | ---- | M] () -- c:\Archivos de programa\Trillian\languages\en\talk.dll
MOD - [2013/06/17 00:00:00 | 000,006,656 | ---- | M] () -- c:\Archivos de programa\Trillian\languages\en\trillian.dll
MOD - [2013/06/17 00:00:00 | 000,006,656 | ---- | M] () -- c:\Archivos de programa\Trillian\languages\en\events.dll
MOD - [2013/06/17 00:00:00 | 000,003,584 | ---- | M] () -- c:\Archivos de programa\Trillian\languages\en\toolkit.dll
MOD - [2013/06/14 20:28:42 | 000,393,168 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\27.0.1453.116\p pgooglenaclpluginchrome.dll
MOD - [2013/06/14 20:28:41 | 013,140,432 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\27.0.1453.116\P epperFlash\pepflashplayer.dll
MOD - [2013/06/14 20:28:40 | 004,051,408 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\27.0.1453.116\p df.dll
MOD - [2013/06/14 20:27:48 | 001,597,392 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\27.0.1453.116\f fmpegsumo.dll
MOD - [2013/06/12 17:33:03 | 000,557,368 | ---- | M] () -- C:\Documents and Settings\All Users\Datos de programa\Trusteer\Rapport\store\exts\RapportMS\bas eline\RapportMS.dll
MOD - [2013/06/12 16:55:59 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\custmon32.dll
MOD - [2013/06/12 12:44:54 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll
MOD - [2013/06/12 12:38:51 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf580 3f4c3827\hpqisrtb.dll
MOD - [2013/06/12 12:38:50 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0 _es_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2013/06/12 12:38:31 | 000,376,832 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_ es_a53cf5803f4c3827\hpqedit.resources.dll
MOD - [2013/06/12 12:38:29 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803 f4c3827\hpqedit.dll
MOD - [2013/06/12 12:38:23 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf580 3f4c3827\hpqbakup.dll
MOD - [2013/06/12 12:38:22 | 000,258,048 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0 _es_a53cf5803f4c3827\hpqbakup.resources.dll
MOD - [2013/06/12 12:38:05 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf580 3f4c3827\hpqvideo.dll
MOD - [2013/06/12 12:37:54 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0 _es_a53cf5803f4c3827\hpqprrsc.resources.dll
MOD - [2013/06/12 12:37:53 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf580 3f4c3827\hpqprrsc.dll
MOD - [2013/06/12 12:37:53 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf580 3f4c3827\hpqovskn.dll
MOD - [2013/06/12 12:37:52 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803 f4c3827\hpqmdmr.dll
MOD - [2013/06/12 12:37:40 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9 cf889f53ea9b907\lead.wrapper.dll
MOD - [2013/06/12 12:37:40 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53 ea9b907\lead.dll
MOD - [2013/06/12 12:37:39 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawing container\13.0.0.113__9cf889f53ea9b907\lead.window s.forms.drawingcontainer.dll
MOD - [2013/06/12 12:37:39 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0. 113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2013/06/12 12:37:38 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9 cf889f53ea9b907\lead.drawing.dll
MOD - [2013/06/12 12:37:37 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.image processing\13.0.0.113__9cf889f53ea9b907\lead.drawi ng.imaging.imageprocessing.dll
MOD - [2013/06/12 12:37:36 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codec s\13.0.0.113__9cf889f53ea9b907\lead.drawing.imagin g.codecs.dll
MOD - [2013/06/12 12:37:22 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__ a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2013/06/12 12:37:22 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a 53cf5803f4c3827\interop.hprblog.dll
MOD - [2013/06/12 12:37:17 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a 53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2013/06/12 12:37:13 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__ a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2013/06/12 12:37:10 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf580 3f4c3827\hpqntrop.dll
MOD - [2013/06/12 12:37:08 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf580 3f4c3827\hpqimvlt.dll
MOD - [2013/06/12 12:37:08 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf580 3f4c3827\hpqimgrc.dll
MOD - [2013/06/12 12:37:06 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf580 3f4c3827\hpqthumb.dll
MOD - [2013/06/12 12:37:06 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf580 3f4c3827\hpqimlib.dll
MOD - [2013/06/12 12:37:05 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf580 3f4c3827\hpqglutl.dll
MOD - [2013/06/12 12:37:04 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803 f4c3827\hpqtray.dll
MOD - [2013/06/12 12:37:04 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_ es_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2013/06/12 12:37:03 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0 _es_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2013/06/12 12:37:03 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf580 3f4c3827\hpqiface.dll
MOD - [2013/06/12 12:37:02 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf580 3f4c3827\hpqfmrsc.dll
MOD - [2013/06/12 12:37:02 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf580 3f4c3827\hpqasset.dll
MOD - [2013/06/12 12:37:00 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf580 3f4c3827\hpqutils.dll
MOD - [2013/06/12 12:36:59 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf580 3f4c3827\hpqcprsc.dll
MOD - [2013/06/12 12:36:59 | 000,094,208 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0 _es_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2013/06/12 12:36:58 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_e s_a53cf5803f4c3827\hpqcc2.resources.dll
MOD - [2013/06/12 12:36:57 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f 4c3827\hpqcc2.dll
MOD - [2013/06/11 09:34:06 | 000,224,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\Utilities\2.0.4.13741__ 6298d2d1fcfb5d85\Utilities.dll
MOD - [2013/06/08 22:20:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceProce#\7e0c607a1081484aea71696a33a8f94f \System.ServiceProcess.ni.dll
MOD - [2013/06/08 22:08:26 | 007,989,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Sys tem\913f30e6782d6d07a7e5084726a88cc5\System.ni.dll
MOD - [2013/06/08 22:08:15 | 011,495,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\msc orlib\da64a56d9a0c73b4d4e33ca88fe45bd7\mscorlib.ni .dll
MOD - [2013/06/08 20:07:28 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorl ib\1.0.5000.0__b77a5c561934e089_f32e5476\mscorlib. dll
MOD - [2013/06/08 20:07:25 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system .drawing\1.0.5000.0__b03f5f7f11d50a3a_04108107\sys tem.drawing.dll
MOD - [2013/06/08 20:07:19 | 002,117,632 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system .xml\1.0.5000.0__b77a5c561934e089_7413e3ea\system. xml.dll
MOD - [2013/06/08 20:07:14 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system .windows.forms\1.0.5000.0__b77a5c561934e089_84393e 7c\system.windows.forms.dll
MOD - [2013/06/08 20:07:06 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system \1.0.5000.0__b77a5c561934e089_37fc7894\system.dll
MOD - [2013/06/08 20:06:56 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c5 61934e089\system.dll
MOD - [2013/06/08 20:06:55 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0_ _b03f5f7f11d50a3a\system.drawing.dll
MOD - [2013/06/08 20:06:54 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5 000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2013/06/08 11:52:40 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000. 0_es_b77a5c561934e089\system.resources.dll
MOD - [2013/06/08 11:51:49 | 001,359,872 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77 a5c561934e089\system.xml.dll
MOD - [2013/06/08 11:51:48 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__ b03f5f7f11d50a3a\accessibility.dll
MOD - [2013/06/08 11:50:23 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess .resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Serv iceProcess.resources.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\libxml2.dll
MOD - [2013/03/13 15:48:52 | 024,978,944 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\libcef.dll
MOD - [2012/11/13 18:32:50 | 003,558,400 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/06/27 15:09:06 | 000,557,056 | ---- | M] () -- C:\Archivos de programa\Trusteer\Rapport\bin\js32.dll
MOD - [2011/03/02 12:40:51 | 000,139,776 | ---- | M] () -- C:\Archivos de programa\WinRAR\RarExt.dll
MOD - [2009/02/27 06:51:14 | 000,200,704 | ---- | M] () -- C:\Archivos de programa\Intel\WiFi\bin\iWMSProv.dll
MOD - [2008/04/14 00:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/05/17 10:57:12 | 001,136,152 | ---- | M] () -- C:\Archivos de programa\Logitech\QuickCam10\LAppRes.DLL
MOD - [2007/05/17 10:53:02 | 000,780,312 | ---- | M] () -- C:\Archivos de programa\Logitech\QuickCam10\QuickCam10.exe
MOD - [2007/05/11 17:29:18 | 000,068,384 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\LogiShrd\LVCOMSER\LVCSPS.dll
MOD - [2006/11/15 13:01:50 | 000,192,512 | ---- | M] () -- C:\Archivos de programa\HP\Digital Imaging\bin\HpqUtil.dll
MOD - [2003/04/27 12:10:26 | 000,671,788 | ---- | M] () -- C:\Archivos de programa\ACT\adal.dll
MOD - [2003/04/24 09:21:06 | 000,360,499 | ---- | M] () -- C:\Archivos de programa\ACT\actole.dll
MOD - [2003/04/24 09:19:10 | 000,131,123 | ---- | M] () -- C:\Archivos de programa\ACT\faxreq.dll
MOD - [2003/04/24 04:21:56 | 000,278,589 | ---- | M] () -- C:\Archivos de programa\ACT\SideACT.exe
MOD - [2003/04/24 03:51:20 | 000,102,453 | ---- | M] () -- C:\Archivos de programa\ACT\actparse.dll
MOD - [2003/04/24 03:50:28 | 000,622,645 | ---- | M] () -- C:\Archivos de programa\ACT\exchange.dll
MOD - [2003/04/24 03:49:26 | 000,098,353 | ---- | M] () -- C:\Archivos de programa\ACT\idal.dll
MOD - [2003/04/24 03:49:00 | 000,598,068 | ---- | M] () -- C:\Archivos de programa\ACT\shareui.dll
MOD - [2003/04/24 03:48:30 | 000,069,685 | ---- | M] () -- C:\Archivos de programa\ACT\Snprompt.dll
MOD - [2003/04/24 03:47:26 | 000,045,142 | ---- | M] () -- C:\Archivos de programa\ACT\ActABCache.dll
MOD - [2003/04/24 03:47:20 | 000,286,773 | ---- | M] () -- C:\Archivos de programa\ACT\sharenui.dll
MOD - [1999/03/23 14:39:04 | 000,307,870 | ---- | M] () -- C:\Archivos de programa\ACT\icdllw32.dll
MOD - [1999/03/23 14:32:24 | 000,200,578 | ---- | M] () -- C:\Archivos de programa\ACT\pddllw32.dll


========== Services (SafeList) ==========

SRV - [2013/06/12 11:49:08 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Archivos de programa\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/30 01:28:38 | 001,124,632 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.e xe -- (RapportMgmtService)
SRV - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Archivos de programa\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2012/12/21 16:27:46 | 000,057,008 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2012/08/24 06:29:00 | 000,155,128 | ---- | M] (AhnLab, Inc.) [On_Demand | Running] -- C:\Archivos de programa\AhnLab\ASP\Smart Update i\aos2svc.exe -- (AOS2Service)
SRV - [2012/04/09 19:32:06 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Archivos de programa\Xobni\XobniService.exe -- (XobniService)
SRV - [2011/07/20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2009/02/27 07:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Archivos de programa\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2009/02/27 06:55:20 | 000,909,312 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Archivos de programa\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2009/02/27 06:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Archivos de programa\Archivos comunes\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2007/05/11 17:32:22 | 000,142,112 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Archivos de programa\Archivos comunes\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/05/11 17:30:50 | 000,133,920 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/05/11 17:28:56 | 000,187,168 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/06/12 17:32:59 | 000,317,112 | ---- | M] () [Kernel | System | Running] -- C:\Documents and Settings\All Users\Datos de programa\Trusteer\Rapport\store\exts\RapportCerber us\baseline\RapportCerberus32_51755.sys -- (RapportCerberus_51755)
DRV - [2013/06/08 12:01:32 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2013/04/30 01:28:50 | 000,174,320 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2013/04/30 01:28:50 | 000,103,120 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2013/04/30 01:28:50 | 000,102,448 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2013/02/14 12:21:04 | 000,062,512 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2013/01/26 06:37:00 | 000,095,504 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV - [2013/01/10 09:25:22 | 000,150,080 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2013/01/10 09:25:22 | 000,040,376 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2013/01/10 09:25:20 | 000,161,368 | ---- | M] (ESET) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2013/01/10 09:25:20 | 000,122,240 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012/11/13 02:52:00 | 000,127,064 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mkd2kfnt.sys -- (Mkd2kfNt)
DRV - [2012/09/24 20:50:00 | 000,187,224 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Archivos de programa\AhnLab\ASP\Smart Update i\atamptnt.sys -- (ATamptNt_aos)
DRV - [2012/09/23 22:30:00 | 000,062,784 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AhnRghNT.sys -- (AhnRghNt)
DRV - [2012/09/23 22:30:00 | 000,021,824 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AhnRec2k.sys -- (AhnRec2K)
DRV - [2012/09/14 02:58:00 | 000,096,936 | ---- | M] (AhnLab, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmonTDNt.sys -- (AMonTDnt)
DRV - [2011/08/22 09:50:00 | 000,053,088 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AhnFlt2k.sys -- (AhnFlt2K)
DRV - [2011/07/12 15:37:00 | 000,009,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dumpdrv.sys -- (DumpDrv)
DRV - [2011/05/10 16:44:12 | 000,013,616 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mvxxmm.sys -- (mvxxmm)
DRV - [2011/05/10 16:44:12 | 000,013,616 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mv61xxmm.sys -- (mv61xxmm)
DRV - [2011/05/10 16:44:12 | 000,005,632 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mv64xxmm.sys -- (mv64xxmm)
DRV - [2010/06/28 02:54:11 | 000,121,536 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Archivos de programa\AhnLab\ASP\MyFirewall 4.0\MfIPSENt.sys -- (MfIPSEnt)
DRV - [2010/06/28 02:54:04 | 000,101,368 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Archivos de programa\AhnLab\ASP\MyFirewall 4.0\MfFWENt.sys -- (MfFWEnt)
DRV - [2009/07/20 20:13:13 | 000,019,616 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CdmDrvNT.sys -- (CdmDrvNt)
DRV - [2008/08/13 17:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/01/07 14:36:16 | 002,216,064 | R--- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2007/10/28 12:09:22 | 000,004,096 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\rdummy.sys -- (RDUMMY)
DRV - [2007/05/11 19:31:20 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/05/11 17:30:16 | 000,025,888 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/05/11 17:29:54 | 002,142,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/05/11 17:27:58 | 002,107,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/05/09 23:46:58 | 001,276,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2007/05/09 23:46:46 | 000,014,112 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2006/07/21 12:42:08 | 000,055,808 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm.sys -- (tifm)
DRV - [2005/05/03 15:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS -- (HSF_DPV)
DRV - [2005/05/03 15:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2005/05/03 15:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97)
DRV - [2004/05/26 15:18:18 | 000,044,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source? }

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.contactognp.com.mx/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ES
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A5 26 D1 94 A8 64 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {7D160F3A-3A4E-425E-B66A-64E8C40DD192}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7D160F3A-3A4E-425E-B66A-64E8C40DD192}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Archivos de programa\AhnLab\ASP\Components\aosmgr\conflict_491 \npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Archivos de programa\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_45: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Archivos de programa\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Archivos de programa\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.145\npGoogleUpdate3. dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.145\npGoogleUpdate3. dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Archivos de programa\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Archivos de programa\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Ex tensions\\eplgTb@eset.com: C:\Archivos de programa\ESET\ESET Smart Security\Mozilla Thunderbird [2013/06/10 17:43:49 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ }{google:originalQueryForSuggestion}{google:assist edQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instant ExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}client=chrome&q={searchTerms}&{googl e:cursorPosition}sugkey={google:suggestAPIKeyParam eter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Archivos de programa\Google\Chrome\Application\27.0.1453.116\P epperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Archivos de programa\Google\Chrome\Application\27.0.1453.116\p pGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Archivos de programa\Google\Chrome\Application\27.0.1453.116\p df.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Archivos de programa\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Archivos de programa\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Archivos de programa\Google\Update\1.3.21.145\npGoogleUpdate3. dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Archivos de programa\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\

O1 HOSTS File: ([2013/06/14 15:15:29 | 000,000,792 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AhnLab Online Security Personal] C:\Archivos de programa\AhnLab\ASP\AOSPersonal\aosrun.exe (AhnLab, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] C:\Archivos de programa\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Archivos de programa\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Inicio rápido de HP Photosmart Premier.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\SideACT!.lnk = C:\Archivos de programa\ACT\SideACT.exe ()
O4 - Startup: C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio\Dropbox.lnk = C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio\Trillian.lnk = C:\Archivos de programa\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_45)
O16 - DPF: {CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA} http://java.sun.com/products/plugin/...ndows-i586.cab (Java Plug-in 1.4.2_08)
O16 - DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_45)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.128.128.128
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{359CD5EF-F2FB-484B-BED8-BF08008BB8B3}: DhcpNameServer = 10.128.128.128
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\RailNotification: DllName - (Reg Error: Invalid data type.) - Reg Error: Invalid data type. File not found
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Felicidad.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Felicidad.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Archivos de programa\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/06/08 11:43:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/21 17:56:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\HijackThis
[2013/06/21 17:56:55 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Trend Micro
[2013/06/21 11:57:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Rafael Rodulfo\Recent
[2013/06/20 11:35:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Sun
Reply With Quote
  #4  
Old June 22nd, 2013, 05:40 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
Cont. OTL.txt

[2013/06/20 11:35:22 | 000,477,616 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\npdeployJava1.dll
[2013/06/20 11:35:22 | 000,473,520 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/20 11:35:22 | 000,162,224 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2013/06/20 11:35:22 | 000,149,936 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2013/06/20 11:35:22 | 000,149,936 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2013/06/20 11:35:22 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2013/06/18 13:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\TuVidaWS
[2013/06/18 13:07:04 | 000,000,000 | ---D | C] -- C:\Archivos de programa\TuVidaWS
[2013/06/18 13:06:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\TuSaludWS
[2013/06/18 13:06:28 | 000,000,000 | ---D | C] -- C:\Archivos de programa\TuSaludWS
[2013/06/18 13:06:27 | 000,000,000 | -H-D | C] -- C:\Archivos de programa\Zero G Registry
[2013/06/18 13:06:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Rafael Rodulfo\InstallAnywhere
[2013/06/18 13:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Sun
[2013/06/18 13:05:10 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Java
[2013/06/18 13:05:09 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Java
[2013/06/18 13:04:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\{7148F0A6-6813-11D6-A77B-00B0D0142080}
[2013/06/18 12:59:24 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Business Objects
[2013/06/18 12:58:27 | 000,000,000 | ---D | C] -- C:\Cotizador_Unico
[2013/06/17 02:04:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2013/06/17 02:03:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013/06/17 02:03:07 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2013/06/17 02:03:07 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2013/06/17 02:03:06 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2013/06/17 02:03:05 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2013/06/17 01:56:21 | 001,276,832 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\LV302V32.SYS
[2013/06/17 01:56:21 | 000,490,272 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LVUI2.dll
[2013/06/17 01:56:21 | 000,465,696 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LVUI2RC.dll
[2013/06/17 01:56:21 | 000,416,544 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LVCodec2.dll
[2013/06/17 01:56:20 | 000,195,360 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\lvci1100.dll
[2013/06/17 01:56:20 | 000,041,888 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\LVUSBSta.sys
[2013/06/17 01:56:20 | 000,014,112 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\lv302af.sys
[2013/06/17 01:55:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Logitech
[2013/06/17 01:53:38 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Logitech
[2013/06/17 01:53:38 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\LogiShrd
[2013/06/17 00:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Datos de programa\AhnLab
[2013/06/17 00:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Logishrd
[2013/06/17 00:44:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Logitech
[2013/06/16 23:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Skype
[2013/06/16 23:52:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Skype
[2013/06/16 23:52:44 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Skype
[2013/06/16 23:52:43 | 000,000,000 | R--D | C] -- C:\Archivos de programa\Skype
[2013/06/16 23:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Skype
[2013/06/15 12:32:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Windows Search
[2013/06/14 17:27:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2013/06/14 17:27:53 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2013/06/13 20:17:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Cotizadores
[2013/06/13 13:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Canon
[2013/06/13 13:58:03 | 000,679,936 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNAS0MOK.DLL
[2013/06/13 13:57:46 | 000,188,416 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCLSU38b.DLL
[2013/06/13 13:57:46 | 000,102,400 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCLST38b.DLL
[2013/06/13 13:57:45 | 000,135,168 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCLSD38b.DLL
[2013/06/13 13:57:45 | 000,102,400 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCLSI38b.DLL
[2013/06/13 13:57:45 | 000,094,208 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCLSC38b.DLL
[2013/06/13 13:57:43 | 000,122,880 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCL4400.DLL
[2013/06/13 13:57:43 | 000,053,248 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCLSO38b.dll
[2013/06/13 13:57:42 | 000,303,104 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCC4400.DLL
[2013/06/13 13:57:42 | 000,086,016 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCI4400.DLL
[2013/06/13 12:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Apple Computer
[2013/06/13 12:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Apple Computer
[2013/06/13 12:34:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\iTunes
[2013/06/13 12:32:42 | 000,000,000 | ---D | C] -- C:\Archivos de programa\iPod
[2013/06/13 12:32:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/06/13 12:32:29 | 000,000,000 | ---D | C] -- C:\Archivos de programa\iTunes
[2013/06/13 12:32:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Apple Computer
[2013/06/13 12:31:42 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Apple Software Update
[2013/06/13 12:31:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Datos de programa\Apple Computer
[2013/06/13 12:31:02 | 006,112,864 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2013/06/13 12:30:22 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Bonjour
[2013/06/13 12:29:07 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Apple
[2013/06/13 09:56:55 | 000,096,936 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AmonTDNt.sys
[2013/06/13 09:56:54 | 000,134,024 | ---- | C] (Copyright (C) Korea University C.I.S.T) -- C:\WINDOWS\System32\drivers\klb32mkd.sys
[2013/06/13 09:56:54 | 000,127,064 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\mkd2kfnt.sys
[2013/06/13 09:56:54 | 000,095,504 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\Mkd2Nadr.sys
[2013/06/13 09:56:54 | 000,080,728 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\Mkd2BthF.sys
[2013/06/13 09:56:53 | 000,200,192 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\mkd25hk.dll
[2013/06/13 09:56:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\AhnLab
[2013/06/13 09:56:36 | 002,274,544 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\btscan.exe
[2013/06/13 09:51:07 | 000,062,784 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AhnRghNT.sys
[2013/06/13 09:51:07 | 000,053,088 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AhnFlt2k.sys
[2013/06/13 09:51:07 | 000,021,824 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AhnRec2k.sys
[2013/06/13 09:51:07 | 000,019,616 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\CdmDrvNT.sys
[2013/06/13 09:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\AhnLab
[2013/06/13 09:50:49 | 000,077,921 | ---- | C] (Ahnlab, Inc.) -- C:\WINDOWS\System32\v3w32se2.dll
[2013/06/13 09:50:48 | 000,000,000 | ---D | C] -- C:\Archivos de programa\AhnLab
[2013/06/13 09:35:49 | 000,000,000 | ---D | C] -- D:\Mis documentos\Recurso Humano
[2013/06/13 09:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\CUSTPDF Writer
[2013/06/13 01:17:05 | 000,000,000 | ---D | C] -- D:\Mis documentos\Mis álbumes
[2013/06/12 19:43:58 | 000,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll64X.dll
[2013/06/12 19:36:04 | 000,057,344 | R--- | C] (Oki Data Corporation) -- C:\WINDOWS\System32\OPSTDMON.DLL
[2013/06/12 17:44:02 | 000,000,000 | ---D | C] -- C:\OKIDATA
[2013/06/12 17:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuracin local
[2013/06/12 17:31:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Trusteer
[2013/06/12 17:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Trusteer Rapport
[2013/06/12 17:31:06 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Trusteer
[2013/06/12 17:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Trusteer
[2013/06/12 16:57:12 | 000,000,000 | ---D | C] -- C:\MetLife Cotizadores
[2013/06/12 16:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\PDF Writer
[2013/06/12 16:56:28 | 000,000,000 | ---D | C] -- C:\Archivos de programa\GPLGS
[2013/06/12 16:56:14 | 000,000,000 | ---D | C] -- C:\Archivos de programa\TechTools
[2013/06/12 14:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\IsolatedStorage
[2013/06/12 14:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\HP
[2013/06/12 13:59:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\ApplicationHistory
[2013/06/12 12:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\pdf995
[2013/06/12 12:44:54 | 001,672,192 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\System32\pdfmona.dll
[2013/06/12 12:44:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Software995
[2013/06/12 12:44:48 | 000,000,000 | ---D | C] -- C:\Archivos de programa\pdf995
[2013/06/12 12:40:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Sonic
[2013/06/12 12:40:09 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Sonic Shared
[2013/06/12 12:20:17 | 000,000,000 | ---D | C] -- C:\Archivos de programa\HP R837 SW
[2013/06/12 11:47:15 | 008,610,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/06/12 11:02:59 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Canon
[2013/06/12 11:01:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonMF Uninstaller Information
[2013/06/12 11:01:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Canon
[2013/06/12 11:00:03 | 000,000,000 | -H-D | C] -- C:\CanonMF
[2013/06/12 10:17:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\com.ynab.YNAB4.LiveCaptive
[2013/06/12 10:17:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\YNAB 4
[2013/06/12 10:16:50 | 000,000,000 | ---D | C] -- C:\Archivos de programa\YNAB 4[2013/06/12 08:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Servicios de impresión de Bonjour
[2013/06/12 08:55:18 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Bonjour Print Services
[2013/06/12 08:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Apple
[2013/06/12 08:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Apple
[2013/06/11 18:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\HP
[2013/06/11 18:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\HP
[2013/06/11 18:05:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\WEBREG
[2013/06/11 18:00:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\HP
[2013/06/11 18:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\HP Product Assistant
[2013/06/11 18:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\HP
[2013/06/11 18:00:00 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\HP
[2013/06/11 17:59:22 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Hewlett-Packard
[2013/06/11 17:58:56 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Hewlett-Packard
[2013/06/11 17:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Hewlett-Packard
[2013/06/11 17:57:32 | 000,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll5ha.dll
[2013/06/11 17:56:09 | 000,271,704 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
[2013/06/11 17:55:59 | 000,364,544 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hppldcoi.dll
[2013/06/11 17:55:59 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2013/06/11 17:55:59 | 000,303,104 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst10.dll
[2013/06/11 17:55:58 | 000,675,840 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpowiax3.dll
[2013/06/11 17:55:58 | 000,569,344 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl3.dll
[2013/06/11 17:55:35 | 000,000,000 | ---D | C] -- C:\Archivos de programa\HP
[2013/06/11 17:54:20 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2013/06/11 13:56:34 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Business Objects
[2013/06/11 13:11:50 | 000,000,000 | ---D | C] -- D:\Mis documentos\Personal
[2013/06/11 12:18:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Trillian
[2013/06/11 12:17:20 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Trillian
[2013/06/11 11:55:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Help
[2013/06/11 11:55:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Help
[2013/06/11 10:45:57 | 000,047,104 | ---- | C] (Windswept Software LLC http://www.photoact.net) -- C:\WINDOWS\System32\ActiveActX.NLD
[2013/06/11 10:45:44 | 000,000,000 | -H-D | C] -- C:\Archivos de programa\InstallShield Installation Information
[2013/06/11 10:45:11 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\InstallShield
[2013/06/11 10:38:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Interact Commerce
[2013/06/11 10:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Application Data
[2013/06/11 10:33:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\ACT! 6
[2013/06/11 10:32:46 | 000,176,128 | ---- | C] (Interact Commerce Corporation) -- C:\WINDOWS\System32\ActAB32.dll
[2013/06/11 10:32:46 | 000,151,552 | ---- | C] (Interact Commerce Corporation) -- C:\WINDOWS\System32\ActExt.dll
[2013/06/11 10:32:44 | 000,329,840 | ---- | C] (Preview Systems, Inc.) -- C:\WINDOWS\System32\vboxs430.dll
[2013/06/11 10:32:44 | 000,096,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Modem.cpl
[2013/06/11 10:32:42 | 000,893,440 | ---- | C] (Windswept Software LLC http://www.photoact.net) -- C:\WINDOWS\System32\ActiveActX.ocx
[2013/06/11 10:32:42 | 000,133,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcans32.dll
[2013/06/11 10:32:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcuiw32.dll
[2013/06/11 10:32:42 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcuia32.dll
[2013/06/11 10:32:42 | 000,048,640 | ---- | C] (Windswept Software LLC, 508-540-5458, www.windsweptsoftware.net) -- C:\WINDOWS\System32\ActiveActX.DEU
[2013/06/11 10:32:42 | 000,047,104 | ---- | C] (Windswept Software LLC, 508-540-5458, www.windsweptsoftware.net) -- C:\WINDOWS\System32\ActiveActX.ESP
[2013/06/11 10:32:42 | 000,043,520 | ---- | C] (Windswept Software LLC, 508-540-5458, www.windsweptsoftware.net) -- C:\WINDOWS\System32\activeactx.ITA
[2013/06/11 10:32:31 | 000,000,000 | ---D | C] -- D:\Mis documentos\ACT
[2013/06/11 10:32:31 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ACT
[2013/06/11 10:30:32 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2013/06/11 09:34:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Xobni
[2013/06/11 09:34:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Xobni
[2013/06/11 09:33:08 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Xobni
[2013/06/10 19:23:22 | 000,000,000 | R--D | C] -- D:\Mis documentos\Dropbox
[2013/06/10 19:20:32 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Dropbox
[2013/06/10 19:20:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Dropbox
[2013/06/10 19:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox
[2013/06/10 19:02:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Adobe
[2013/06/10 18:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Google
[2013/06/10 18:08:04 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Google
[2013/06/10 18:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Deployment
[2013/06/10 17:47:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\ESET
[2013/06/10 17:47:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\ESET
[2013/06/10 17:46:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\ESET
[2013/06/10 17:43:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\ESET
[2013/06/10 17:43:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\ESET
[2013/06/10 17:43:09 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ESET
[2013/06/10 13:33:22 | 000,000,000 | R--D | C] -- D:\Mis documentos\Mi música
[2013/06/10 13:33:22 | 000,000,000 | ---D | C] -- D:\Mis documentos\DriverGenius
[2013/06/10 13:33:21 | 000,000,000 | R--D | C] -- D:\Mis documentos\Mis vídeos
[2013/06/10 13:33:21 | 000,000,000 | R--D | C] -- D:\Mis documentos\Mis imágenes
[2013/06/10 13:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\CCleaner
[2013/06/10 13:13:11 | 000,000,000 | ---D | C] -- C:\Archivos de programa\CCleaner
[2013/06/10 13:09:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Grupo Nacional Provincial
[2013/06/10 13:09:07 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Grupo Nacional Provincial
[2013/06/10 10:13:25 | 000,000,000 | ---D | C] -- C:\Archivos de programa\MSECache
[2013/06/10 10:06:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013/06/10 10:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Intel
[2013/06/10 10:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Datos de programa\Intel
[2013/06/10 10:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Datos de programa\Intel
[2013/06/10 10:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Intel PROSet Wireless
[2013/06/10 10:04:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Intel
[2013/06/10 10:04:03 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Intel
[2013/06/10 10:04:03 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Intel
[2013/06/10 09:51:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2013/06/09 09:34:58 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/06/09 09:33:52 | 000,000,000 | ---D | C] -- C:\Archivos de programa\AVAST Software
[2013/06/09 09:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Microsoft Office
[2013/06/09 09:27:11 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Works
[2013/06/09 09:26:55 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Visual Studio
[2013/06/09 09:26:54 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\DESIGNER
[2013/06/09 09:24:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2013/06/09 09:24:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Microsoft Help
[2013/06/09 09:23:59 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Office
[2013/06/09 09:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Microsoft Help
[2013/06/09 09:23:21 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/06/09 09:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\WinRAR
[2013/06/09 08:52:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Mis vídeos
[2013/06/09 08:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\WinRAR
[2013/06/09 08:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\WinRAR
[2013/06/09 08:50:40 | 000,000,000 | ---D | C] -- C:\Archivos de programa\WinRAR
[2013/06/08 22:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\AVAST Software
[2013/06/08 20:48:49 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013/06/08 20:14:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/06/08 19:53:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/06/08 19:51:57 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll
[2013/06/08 19:51:47 | 001,044,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2013/06/08 19:51:41 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2013/06/08 19:51:34 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2013/06/08 19:51:30 | 000,387,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2013/06/08 19:51:27 | 008,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2013/06/08 19:51:12 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2013/06/08 19:51:10 | 000,552,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2013/06/08 19:51:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.dll
[2013/06/08 19:51:07 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmm.dll
[2013/06/08 19:51:06 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll
[2013/06/08 19:51:02 | 001,288,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole32.dll
[2013/06/08 19:51:00 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2013/06/08 19:50:54 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2013/06/08 19:50:52 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2013/06/08 19:50:50 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2013/06/08 19:50:47 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imagehlp.dll
[2013/06/08 19:50:45 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2013/06/08 19:50:41 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2013/06/08 19:50:41 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browser.dll
[2013/06/08 19:50:39 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2013/06/08 19:50:37 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2013/06/08 19:50:25 | 002,152,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013/06/08 19:50:24 | 002,195,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013/06/08 19:50:24 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013/06/08 19:50:24 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013/06/08 19:50:17 | 001,876,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2013/06/08 19:49:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2013/06/08 19:47:14 | 000,457,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2013/06/08 19:47:13 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/06/08 19:47:13 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/06/08 19:47:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/06/08 19:47:12 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/06/08 19:47:12 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/06/08 19:47:12 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013/06/08 19:47:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/06/08 19:47:11 | 001,215,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013/06/08 19:47:11 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013/06/08 19:47:11 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/06/08 19:47:11 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/06/08 19:47:11 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/06/08 19:47:11 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/06/08 19:47:11 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/06/08 19:47:10 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/06/08 19:47:09 | 011,112,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/06/08 19:47:09 | 002,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/06/08 19:47:09 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/06/08 19:44:24 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2013/06/08 19:44:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2013/06/08 19:43:31 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2013/06/08 19:43:30 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2013/06/08 19:43:27 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/06/08 19:43:17 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013/06/08 19:43:17 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013/06/08 19:40:15 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2013/06/08 19:40:15 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2013/06/08 19:40:15 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2013/06/08 19:40:15 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2013/06/08 19:40:15 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2013/06/08 19:40:15 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado28.tlb
[2013/06/08 19:40:15 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2013/06/08 19:40:15 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2013/06/08 19:40:15 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2013/06/08 19:40:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2013/06/08 19:40:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2013/06/08 19:40:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2013/06/08 19:38:52 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013/06/08 19:37:45 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Adobe
[2013/06/08 19:37:45 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Adobe
[2013/06/08 19:37:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Adobe
[2013/06/08 19:35:43 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2013/06/08 19:34:08 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/08 19:32:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Adobe
[2013/06/08 19:30:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/06/08 19:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Macromedia
[2013/06/08 19:30:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Adobe
[2013/06/08 19:29:08 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/06/08 19:29:07 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2013/06/08 19:26:30 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Synaptics
[2013/06/08 19:25:11 | 000,000,000 | ---D | C] -- C:\Archivos de programa\CONEXANT
[2013/06/08 19:24:19 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2013/06/08 19:24:19 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2013/06/08 19:24:19 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2013/06/08 19:24:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2013/06/08 19:14:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2013/06/08 19:11:19 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Rafael Rodulfo\IECompatCache
[2013/06/08 19:11:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Rafael Rodulfo\PrivacIE
[2013/06/08 13:10:53 | 000,000,000 | --SD | C] -- C:\WINDOWS\Offline Web Pages
[2013/06/08 13:10:53 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-es
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF\es-ES
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\es-ES
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRM
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2013/06/08 13:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3082
[2013/06/08 13:10:52 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2013/06/08 13:10:52 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2013/06/08 13:10:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2013/06/08 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2013/06/08 12:25:50 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2013/06/08 12:25:33 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2013/06/08 12:25:17 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2013/06/08 12:24:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Mi música
[2013/06/08 12:23:25 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2013/06/08 12:23:24 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\ODBC
[2013/06/08 12:23:21 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\SpeechEngines
[2013/06/08 12:23:20 | 000,000,000 | R--D | C] -- C:\Archivos de programa
[2013/06/08 12:23:20 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared
[2013/06/08 12:23:20 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes
[2013/06/08 12:22:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013/06/08 12:22:33 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2013/06/08 12:22:33 | 000,085,532 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2013/06/08 12:22:33 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013/06/08 12:22:32 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2013/06/08 12:22:32 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2013/06/08 12:22:32 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2013/06/08 12:22:32 | 000,009,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2013/06/08 12:22:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2013/06/08 12:22:32 | 000,004,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2013/06/08 12:22:32 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2013/06/08 12:22:32 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2013/06/08 12:22:32 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2013/06/08 12:22:31 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2013/06/08 12:22:31 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2013/06/08 12:22:31 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2013/06/08 12:22:31 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2013/06/08 12:22:31 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2013/06/08 12:22:30 | 000,073,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2013/06/08 12:22:30 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2013/06/08 12:22:30 | 000,025,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2013/06/08 12:22:29 | 000,033,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2013/06/08 12:22:29 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2013/06/08 12:22:29 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2013/06/08 12:22:28 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2013/06/08 12:22:28 | 000,070,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2013/06/08 12:22:28 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2013/06/08 12:22:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2013/06/08 12:22:26 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2013/06/08 12:22:26 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2013/06/08 12:22:26 | 000,070,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2013/06/08 12:22:11 | 000,000,000 | R--D | C] -- C:\Documents andSettings\All Users\Menú Inicio
[2013/06/08 12:22:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
[2013/06/08 12:22:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos
[2013/06/08 12:22:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Plantillas
[2013/06/08 12:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoritos
[2013/06/08 12:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Escritorio
[2013/06/08 12:21:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013/06/08 12:21:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2013/06/08 12:21:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Datos de programa\Microsoft
[2013/06/08 12:21:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Datos de programa
[2013/06/08 12:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2013/06/08 12:20:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/06/08 12:07:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Identities
[2013/06/08 12:07:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Windows Desktop Search
[2013/06/08 12:07:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Identities
[2013/06/08 12:07:26 | 000,000,000 | -H-D | C] -- C:\Archivos de programa\Uninstall Information
[2013/06/08 12:05:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Windows Genuine Advantage
[2013/06/08 12:05:43 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Microsoft
[2013/06/08 12:05:43 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Microsoft
[2013/06/08 12:05:43 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Rafael Rodulfo\Cookies
[2013/06/08 12:05:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Rafael Rodulfo\Configuración local
[2013/06/08 12:05:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\7ZipSfx.000
[2013/06/08 12:05:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Rafael Rodulfo\SendTo
[2013/06/08 12:05:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa
[2013/06/08 12:05:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio
[2013/06/08 12:05:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio
[2013/06/08 12:05:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Rafael Rodulfo\Favoritos
[2013/06/08 12:05:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Accesorios
[2013/06/08 12:05:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Rafael Rodulfo\IETldCache
[2013/06/08 12:05:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Rafael Rodulfo\Plantillas
[2013/06/08 12:05:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Rafael Rodulfo\Impresoras
[2013/06/08 12:05:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Rafael Rodulfo\Entorno de red
[2013/06/08 12:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rafael Rodulfo\Escritorio
Reply With Quote
  #5  
Old June 22nd, 2013, 05:42 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
Cont. OTL.txt

[2013/06/08 12:03:27 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2013/06/08 12:03:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/06/08 12:03:15 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Datos de programa\Microsoft
[2013/06/08 12:03:15 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft
[2013/06/08 11:51:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2013/06/08 11:50:50 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Datos de programa\Microsoft
[2013/06/08 11:50:50 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft
[2013/06/08 11:50:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013/06/08 11:50:35 | 000,000,000 | ---D | C] -- C:\Archivos de programa\MSBuild
[2013/06/08 11:50:33 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Reference Assemblies
[2013/06/08 11:45:06 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/06/08 11:44:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013/06/08 11:44:49 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft.NET
[2013/06/08 11:44:39 | 000,150,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rgb9rast_2.dll
[2013/06/08 11:43:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2013/06/08 11:43:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache
[2013/06/08 11:43:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Microsoft Silverlight
[2013/06/08 11:42:59 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Silverlight
[2013/06/08 11:41:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2013/06/08 11:41:04 | 000,000,000 | -H-D | C] -- C:\Archivos de programa\WindowsUpdate
[2013/06/08 11:40:59 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Servicios en línea
[2013/06/08 11:40:15 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/08 11:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2013/06/08 11:39:53 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013/06/08 11:39:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013/06/08 11:39:33 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013/06/08 11:39:31 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Services
[2013/06/08 11:39:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013/06/08 11:39:20 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2013/06/08 11:39:17 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\MSSoap
[2013/06/08 11:39:14 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll.mui
[2013/06/08 11:39:13 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll.mui
[2013/06/08 11:39:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe.mui
[2013/06/08 11:39:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2013/06/08 11:39:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2013/06/08 11:38:56 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2013/06/08 11:38:55 | 000,195,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2013/06/08 11:38:55 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2013/06/08 11:38:54 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013/06/08 11:38:54 | 000,175,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2013/06/08 11:38:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013/06/08 11:38:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2013/06/08 11:38:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2013/06/08 11:38:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2013/06/08 11:38:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/06/08 11:38:47 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Movie Maker
[2013/06/08 11:37:48 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2013/06/08 11:37:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2013/06/08 11:37:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2013/06/08 11:37:47 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2013/06/08 11:37:41 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2013/06/08 11:37:40 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2013/06/08 11:37:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2013/06/08 11:37:39 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2013/06/08 11:37:39 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2013/06/08 11:37:38 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2013/06/08 11:37:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2013/06/08 11:37:37 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2013/06/08 11:37:34 | 000,000,000 | ---D | C] -- C:\Archivos de programa\NetMeeting
[2013/06/08 11:37:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2013/06/08 11:37:32 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2013/06/08 11:37:30 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2013/06/08 11:37:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2013/06/08 11:37:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Outlook Express
[2013/06/08 11:37:25 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2013/06/08 11:37:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2013/06/08 11:37:25 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2013/06/08 11:37:25 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2013/06/08 11:37:05 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\System
[2013/06/08 11:37:03 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Internet Explorer
[2013/06/08 11:37:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Mis imágenes
[2013/06/08 11:36:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Juegos
[2013/06/08 11:36:15 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ComPlus Applications
[2013/06/08 11:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Herramientas administrativas
[2013/06/08 11:36:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2013/06/08 11:35:58 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Windows Media Player
[2013/06/08 11:35:46 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Messenger
[2013/06/08 11:35:41 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pwrshplugin.dll
[2013/06/08 11:35:41 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PSCustomSetupUtil.exe
[2013/06/08 11:35:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2013/06/08 11:35:18 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\UncDMS.dll
[2013/06/08 11:35:18 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\UncNE.dll
[2013/06/08 11:35:18 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\UncCplExt.dll
[2013/06/08 11:35:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\UncRes.dll
[2013/06/08 11:35:17 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oeph.dll
[2013/06/08 11:35:17 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\UncPH.dll
[2013/06/08 11:35:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oephRes.dll
[2013/06/08 11:35:09 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Windows Desktop Search
[2013/06/08 11:35:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013/06/08 11:35:05 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srchadmin.dll
[2013/06/08 11:35:05 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtffilt.dll
[2013/06/08 11:35:04 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlfilter.dll
[2013/06/08 11:35:03 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshsq.dll
[2013/06/08 11:35:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshooks.dll
[2013/06/08 11:35:01 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tquery.dll
[2013/06/08 11:35:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscb.dll
[2013/06/08 11:35:00 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssrch.dll
[2013/06/08 11:35:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\propdefs.dll
[2013/06/08 11:35:00 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msstrc.dll
[2013/06/08 11:34:59 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssph.dll
[2013/06/08 11:34:59 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssphtb.dll
[2013/06/08 11:34:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssprxy.dll
[2013/06/08 11:34:58 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssitlb.dll
[2013/06/08 11:34:58 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscntrs.dll
[2013/06/08 11:34:57 | 000,000,000 | ---D | C] -- C:\Archivos de programa\MSXML 4.0
[2013/06/08 11:34:48 | 000,000,000 | ---D | C] -- C:\Archivos de programa\MSN Gaming Zone
[2013/06/08 11:34:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013/06/08 11:34:04 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013/06/08 11:34:04 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013/06/08 11:34:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013/06/08 11:34:02 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013/06/08 11:34:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013/06/08 11:34:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013/06/08 11:33:35 | 000,652,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013/06/08 11:33:34 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013/06/08 11:33:33 | 000,967,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013/06/08 11:33:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2013/06/08 11:33:32 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2013/06/08 11:33:32 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2013/06/08 11:33:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2013/06/08 11:33:29 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013/06/08 11:33:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013/06/08 11:33:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013/06/08 11:33:28 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013/06/08 11:33:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013/06/08 11:33:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013/06/08 11:33:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013/06/08 11:33:26 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013/06/08 11:33:26 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013/06/08 11:33:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013/06/08 11:33:26 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013/06/08 11:33:25 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013/06/08 11:33:25 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013/06/08 11:33:25 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013/06/08 11:33:01 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2013/06/08 11:33:00 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2013/06/08 11:33:00 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2013/06/08 11:33:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2013/06/08 11:32:59 | 000,353,280 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2013/06/08 11:32:59 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Windows NT
[2013/06/08 11:32:58 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2013/06/08 11:32:58 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2013/06/08 11:32:58 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2013/06/08 11:32:54 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013/06/08 11:32:54 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2013/06/08 11:32:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013/06/08 11:32:53 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013/06/08 11:32:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2013/06/08 11:32:52 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2013/06/08 11:32:51 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013/06/08 11:32:50 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013/06/08 11:32:50 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013/06/08 11:32:50 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013/06/08 11:32:50 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013/06/08 11:32:49 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013/06/08 11:32:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013/06/08 11:32:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2013/06/08 11:32:47 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013/06/08 11:32:47 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013/06/08 11:32:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013/06/08 11:32:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013/06/08 11:32:44 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013/06/08 11:32:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013/06/08 11:32:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013/06/08 11:32:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013/06/08 11:32:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2013/06/08 11:32:43 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013/06/08 11:32:43 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013/06/08 11:32:42 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2013/06/08 11:32:42 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2013/06/08 11:32:42 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013/06/08 11:32:40 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2013/06/08 11:32:40 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013/06/08 11:32:24 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2013/06/08 11:32:23 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2013/06/08 11:32:23 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2013/06/08 11:32:22 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2013/06/08 11:31:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Accesorios
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/22 11:13:05 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/21 18:47:00 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/21 18:13:00 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/21 17:56:57 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\HijackThis.lnk
[2013/06/21 16:14:25 | 000,000,792 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts_tmp
[2013/06/21 15:51:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/21 15:46:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/20 17:24:46 | 000,001,883 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Google Chrome.lnk
[2013/06/20 11:35:00 | 000,162,224 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2013/06/20 11:34:59 | 000,149,936 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2013/06/20 11:34:59 | 000,149,936 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2013/06/20 11:34:59 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2013/06/20 11:34:58 | 000,477,616 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\npdeployJava1.dll
[2013/06/20 11:34:58 | 000,473,520 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/20 11:10:40 | 000,001,872 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Cotizador único.lnk
[2013/06/20 11:10:40 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Acceso directo a Papelera de reciclaje.lnk
[2013/06/19 13:04:50 | 000,000,059 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2013/06/17 20:08:30 | 000,000,112 | ---- | M] () -- C:\WINDOWS\OPLK.INI
[2013/06/17 11:51:37 | 000,002,553 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\GNP Movil.lnk
[2013/06/17 11:51:37 | 000,001,917 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\HP Photosmart Express.lnk
[2013/06/17 11:51:37 | 000,001,914 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\HP Photosmart Essential 2.01.lnk
[2013/06/17 11:51:37 | 000,001,883 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Google Chrome.lnk
[2013/06/17 11:51:37 | 000,001,873 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Configuración de etiquetas HP Photosmart.lnk
[2013/06/17 11:51:37 | 000,001,584 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\iTunes.lnk
[2013/06/17 11:51:37 | 000,001,088 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Centro de soluciones HP.lnk
[2013/06/17 11:51:37 | 000,000,952 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Configuración de Uso compartido de HP Photosmart.lnk
[2013/06/17 11:51:37 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\CCleaner.lnk
[2013/06/17 11:51:36 | 000,001,822 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Asistente para impresoras Bonjour.lnk
[2013/06/17 11:51:36 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\AhnLab Online Security Personal.lnk
[2013/06/17 11:51:36 | 000,001,783 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Canon MF Toolbox 4.9.lnk
[2013/06/17 11:51:36 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Adobe Reader XI.lnk
[2013/06/17 02:03:55 | 000,001,863 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Logitech QuickCam.lnk
[2013/06/16 23:52:44 | 000,001,892 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Skype.lnk
[2013/06/14 15:15:29 | 000,000,792 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/14 10:07:45 | 000,038,545 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Valores separados por tabulaciones (Windows).ADR
[2013/06/14 10:06:16 | 000,024,488 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Valores separados por tabulaciones (DOS).ADR
[2013/06/13 12:34:18 | 000,001,584 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\iTunes.lnk
[2013/06/13 12:31:48 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/06/13 10:46:00 | 002,274,544 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\btscan.exe
[2013/06/13 09:51:08 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\AhnLab Online Security Personal.lnk
[2013/06/13 09:50:49 | 000,077,921 | ---- | M] (Ahnlab, Inc.) -- C:\WINDOWS\System32\v3w32se2.dll
[2013/06/13 08:57:20 | 000,154,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/12 19:36:09 | 000,017,476 | ---- | M] () -- C:\WINDOWS\System32\OPB4350.cah
[2013/06/12 19:36:08 | 000,029,960 | ---- | M] () -- C:\WINDOWS\System32\OPLK_M00.cah
[2013/06/12 19:24:21 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio\Trillian.lnk
[2013/06/12 18:50:36 | 000,000,327 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Herramientas de diagnóstico de impresora HP.url
[2013/06/12 16:58:43 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Cotizadores Vida MetLife.lnk
[2013/06/12 16:57:12 | 000,001,844 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\MetLife Gastos Médicos.lnk
[2013/06/12 16:55:59 | 000,086,016 | ---- | M] () -- C:\WINDOWS\System32\custmon32.dll
[2013/06/12 13:59:37 | 000,000,143 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\fusioncache.dat
[2013/06/12 12:44:54 | 001,672,192 | ---- | M] (TODO: <Company name>) -- C:\WINDOWS\System32\pdfmona.dll
[2013/06/12 12:44:54 | 000,036,864 | ---- | M] () -- C:\WINDOWS\System32\pdf995mon.dll
[2013/06/12 12:43:19 | 000,109,517 | ---- | M] () -- C:\WINDOWS\hpiins04.dat
[2013/06/12 12:41:54 | 000,000,952 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Configuración de Uso compartido de HP Photosmart.lnk
[2013/06/12 12:39:06 | 000,000,966 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\HP Photosmart Premier.lnk
[2013/06/12 12:39:06 | 000,000,840 | ---- | M] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Inicio rápido de HP Photosmart Premier.lnk
[2013/06/12 12:31:16 | 000,001,917 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\HP Photosmart Express.lnk
[2013/06/12 12:27:19 | 000,001,873 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Configuración de etiquetas HP Photosmart.lnk
[2013/06/12 11:48:51 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/12 11:48:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/12 11:47:20 | 008,610,696 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/06/12 11:03:17 | 000,001,783 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Canon MF Toolbox 4.9.lnk
[2013/06/12 10:17:02 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\YNAB 4.lnk
[2013/06/12 08:55:27 | 000,001,822 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Asistente para impresoras Bonjour.lnk
[2013/06/11 18:04:51 | 000,159,428 | ---- | M] () -- C:\WINDOWS\hpoins14.dat
[2013/06/11 18:03:50 | 000,001,914 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\HP Photosmart Essential 2.01.lnk
[2013/06/11 18:01:24 | 000,001,850 | ---- | M] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\HP Digital Imaging Monitor.lnk
[2013/06/11 18:00:42 | 000,001,088 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Centro de soluciones HP.lnk
[2013/06/11 12:18:17 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Trillian.lnk
[2013/06/11 10:33:10 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\SideACT!.lnk
[2013/06/11 10:33:10 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\SideACT!.lnk
[2013/06/11 10:33:10 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Application Data\Microsoft\Internet Explorer\Quick Launch\ACT!.lnk
[2013/06/11 10:33:10 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\ACT!.lnk
[2013/06/11 10:33:09 | 000,000,449 | ---- | M] () -- C:\WINDOWS\System32\MAPISVC.INF
[2013/06/11 10:30:37 | 000,000,073 | ---- | M] () -- C:\CONFIG.SYS
[2013/06/11 10:30:37 | 000,000,073 | ---- | M] () -- C:\config.bak
[2013/06/10 19:23:22 | 000,001,037 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Dropbox.lnk
[2013/06/10 19:21:12 | 000,001,067 | ---- | M] () -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio\Dropbox.lnk
[2013/06/10 18:01:06 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk
[2013/06/10 13:29:28 | 000,596,896 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
[2013/06/10 13:29:28 | 000,504,180 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/10 13:29:28 | 000,121,852 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
[2013/06/10 13:29:28 | 000,088,130 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/10 13:10:15 | 000,002,553 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\GNP Movil.lnk
[2013/06/10 09:52:13 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_0100 7.Wdf
[2013/06/09 09:34:58 | 000,002,909 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/06/08 19:38:27 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Adobe Reader XI.lnk
[2013/06/08 13:20:02 | 000,000,210 | RHS- | M] () -- C:\BOOT.001
[2013/06/08 12:28:43 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013/06/08 12:02:03 | 000,000,504 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/06/08 11:43:54 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/06/08 11:43:54 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/06/08 11:43:54 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013/06/08 11:43:41 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/06/08 11:43:41 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/06/08 11:43:40 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/06/08 11:43:29 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013/06/08 11:36:31 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Windows Search.lnk
[2013/06/08 11:36:26 | 000,021,900 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/08 11:31:21 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/21 17:56:57 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\HijackThis.lnk
[2013/06/20 11:10:40 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Cotizador único.lnk
[2013/06/20 11:10:40 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Acceso directo a Papelera de reciclaje.lnk
[2013/06/17 11:51:37 | 000,002,553 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\GNP Movil.lnk
[2013/06/17 11:51:37 | 000,001,917 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\HP Photosmart Express.lnk
[2013/06/17 11:51:37 | 000,001,914 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\HP Photosmart Essential 2.01.lnk
[2013/06/17 11:51:37 | 000,001,883 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Google Chrome.lnk
[2013/06/17 11:51:37 | 000,001,873 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Configuración de etiquetas HP Photosmart.lnk
[2013/06/17 11:51:37 | 000,001,584 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\iTunes.lnk
[2013/06/17 11:51:37 | 000,001,088 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Centro de soluciones HP.lnk
[2013/06/17 11:51:37 | 000,000,952 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Configuración de Uso compartido de HP Photosmart.lnk
[2013/06/17 11:51:37 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\CCleaner.lnk
[2013/06/17 11:51:36 | 000,001,822 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Asistente para impresoras Bonjour.lnk
[2013/06/17 11:51:36 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\AhnLab Online Security Personal.lnk
[2013/06/17 11:51:36 | 000,001,783 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Canon MF Toolbox 4.9.lnk
[2013/06/17 11:51:36 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Adobe Reader XI.lnk
[2013/06/17 01:56:21 | 000,015,558 | ---- | C] () -- C:\WINDOWS\System32\Repository.reg
[2013/06/17 01:56:20 | 000,057,126 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2013/06/17 01:55:12 | 000,001,863 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Logitech QuickCam.lnk
[2013/06/16 23:52:44 | 000,001,892 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Skype.lnk
[2013/06/14 09:58:18 | 000,038,545 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Valores separados por tabulaciones (Windows).ADR
[2013/06/14 00:35:47 | 000,024,488 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Valores separados por tabulaciones (DOS).ADR
[2013/06/13 13:57:46 | 000,000,375 | ---- | C] () -- C:\WINDOWS\System32\CNCMFP38.INI
[2013/06/13 12:34:18 | 000,001,584 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\iTunes.lnk
[2013/06/13 12:31:48 | 000,000,298 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/06/13 10:05:30 | 000,000,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts_tmp
[2013/06/13 09:56:54 | 000,000,147 | ---- | C] () -- C:\WINDOWS\System32\drivers\klb32mkd.sig
[2013/06/13 09:51:08 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\AhnLab Online Security Personal.lnk
[2013/06/12 19:36:09 | 000,017,476 | ---- | C] () -- C:\WINDOWS\System32\OPB4350.cah
[2013/06/12 19:36:09 | 000,000,112 | ---- | C] () -- C:\WINDOWS\OPLK.INI
[2013/06/12 19:36:08 | 000,029,960 | ---- | C] () -- C:\WINDOWS\System32\OPLK_M00.cah
[2013/06/12 19:24:21 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio\Trillian.lnk
[2013/06/12 18:50:36 | 000,000,327 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Herramientas de diagnóstico de impresora HP.url
[2013/06/12 16:58:43 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Cotizadores Vida MetLife.lnk
[2013/06/12 16:57:12 | 000,001,844 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\MetLife Gastos Médicos.lnk
[2013/06/12 16:56:42 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32.dll
[2013/06/12 13:59:37 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\fusioncache.dat
[2013/06/12 12:44:54 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2013/06/12 12:44:54 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2013/06/12 12:41:54 | 000,000,952 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Configuración de Uso compartido de HP Photosmart.lnk
[2013/06/12 12:39:06 | 000,000,966 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\HP Photosmart Premier.lnk
[2013/06/12 12:39:06 | 000,000,840 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Inicio rápido de HP Photosmart Premier.lnk
[2013/06/12 12:31:16 | 000,001,917 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\HP Photosmart Express.lnk
[2013/06/12 12:27:19 | 000,001,873 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Configuración de etiquetas HP Photosmart.lnk
[2013/06/12 12:22:06 | 000,109,517 | ---- | C] () -- C:\WINDOWS\hpiins04.dat
[2013/06/12 12:22:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl04.dat
[2013/06/12 11:03:17 | 000,001,783 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Canon MF Toolbox 4.9.lnk
[2013/06/12 10:17:02 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\YNAB 4.lnk
[2013/06/12 08:55:27 | 000,001,822 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Asistente para impresoras Bonjour.lnk
[2013/06/12 08:53:11 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Apple Software Update.lnk
[2013/06/11 18:03:50 | 000,001,914 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\HP Photosmart Essential 2.01.lnk
[2013/06/11 18:02:13 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Registro de I.R.I.S. OCR.lnk
[2013/06/11 18:01:24 | 000,001,850 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\HP Digital Imaging Monitor.lnk
[2013/06/11 18:00:42 | 000,001,088 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Centro de soluciones HP.lnk
[2013/06/11 17:51:28 | 000,159,428 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2013/06/11 17:51:28 | 000,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2013/06/11 12:18:17 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Trillian.lnk
[2013/06/11 12:18:17 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Trillian.lnk
[2013/06/11 10:45:57 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\EmailShared.dll
[2013/06/11 10:33:10 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\SideACT!.lnk
[2013/06/11 10:33:10 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\SideACT!.lnk
[2013/06/11 10:33:10 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Application Data\Microsoft\Internet Explorer\Quick Launch\ACT!.lnk
[2013/06/11 10:33:10 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\ACT!.lnk
[2013/06/11 10:33:09 | 000,000,449 | ---- | C] () -- C:\WINDOWS\System32\MAPISVC.INF
[2013/06/11 10:32:42 | 000,048,128 | ---- | C] () -- C:\WINDOWS\System32\ActiveActX.FRA
[2013/06/11 10:32:42 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\ActiveActX.ENU
[2013/06/10 19:23:22 | 000,001,037 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Escritorio\Dropbox.lnk
[2013/06/10 19:21:12 | 000,001,067 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio\Dropbox.lnk
[2013/06/10 18:10:44 | 000,001,883 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Google Chrome.lnk
[2013/06/10 18:08:08 | 000,000,916 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/10 18:08:07 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/10 18:01:06 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk
[2013/06/10 13:09:09 | 000,002,553 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\GNP Movil.lnk
[2013/06/10 09:52:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_0100 7.Wdf
[2013/06/08 19:51:06 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2013/06/08 19:50:43 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2013/06/08 19:38:27 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Adobe Reader XI.lnk
[2013/06/08 19:38:27 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Adobe Reader XI.lnk
[2013/06/08 19:35:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/06/08 19:35:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/06/08 19:34:20 | 000,000,838 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/08 13:20:02 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2013/06/08 13:19:57 | 000,000,504 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/06/08 12:28:43 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013/06/08 12:23:24 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/06/08 12:22:27 | 000,001,936 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013/06/08 12:21:05 | 000,000,210 | RHS- | C] () -- C:\BOOT.001
[2013/06/08 12:20:41 | 000,154,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/08 12:07:36 | 000,000,838 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Internet Explorer.lnk
[2013/06/08 12:07:29 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Outlook Express.lnk
[2013/06/08 12:05:43 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Asistencia remota.lnk
[2013/06/08 12:05:43 | 000,000,830 | ---- | C] () -- C:\Documents and Settings\Rafael Rodulfo\Menú Inicio\Programas\Windows Media Player.lnk
[2013/06/08 12:02:03 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/06/08 11:50:54 | 000,067,560 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat
[2013/06/08 11:43:54 | 000,002,909 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/06/08 11:43:54 | 000,000,073 | ---- | C] () -- C:\CONFIG.SYS
[2013/06/08 11:43:54 | 000,000,073 | ---- | C] () -- C:\config.bak
[2013/06/08 11:43:54 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/06/08 11:43:54 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/06/08 11:43:54 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013/06/08 11:43:41 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/06/08 11:43:41 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/06/08 11:43:40 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013/06/08 11:41:02 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Windows Movie Maker.lnk
[2013/06/08 11:39:48 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013/06/08 11:39:48 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013/06/08 11:36:31 | 000,000,950 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Windows Search.lnk
[2013/06/08 11:36:31 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Windows Search.lnk
[2013/06/08 11:36:29 | 000,001,478 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\XPS Viewer EP.lnk
[2013/06/08 11:36:26 | 000,021,900 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/08 11:35:59 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Windows Messenger.lnk
[2013/06/08 11:35:41 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\PSSetupNativeUtils.exe
[2013/06/08 11:35:04 | 000,107,612 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2013/06/08 11:35:04 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.b in
[2013/06/08 11:35:03 | 000,023,640 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2013/06/08 11:35:02 | 000,016,892 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2013/06/08 11:35:02 | 000,004,640 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.h
[2013/06/08 11:35:01 | 000,016,164 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2013/06/08 11:35:01 | 000,003,100 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.h
[2013/06/08 11:35:01 | 000,002,590 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.h
[2013/06/08 11:33:41 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe.bmp
[2013/06/08 11:33:41 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Azteca.bmp
[2013/06/08 11:33:40 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Viento.bmp
[2013/06/08 11:33:40 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Abanicos.bmp
[2013/06/08 11:33:40 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Roca verde.bmp
[2013/06/08 11:33:40 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendro.bmp
[2013/06/08 11:33:39 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Pompas.bmp
[2013/06/08 11:33:39 | 000,017,336 | ---- | C] () -- C:\WINDOWS\A pescar.bmp
[2013/06/08 11:33:39 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Grano de café.bmp
[2013/06/08 11:33:39 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Plumas.bmp
[2013/06/08 11:33:38 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Lazo azul 16.bmp
[2013/06/08 11:33:29 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/06/08 11:33:28 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013/06/08 11:33:24 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013/06/08 11:33:03 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/05/28 14:05:52 | 000,506,686 | ---- | C] () -- C:\WINDOWS\System32\autorun.inf
[2013/01/12 13:58:32 | 000,121,852 | ---- | C] () -- C:\WINDOWS\System32\perfc00A.dat
[2013/01/12 13:58:32 | 000,088,130 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/12 13:58:29 | 000,596,896 | ---- | C] () -- C:\WINDOWS\System32\perfh00A.dat
[2013/01/12 13:58:29 | 000,504,180 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/12 13:58:29 | 000,036,284 | ---- | C] () -- C:\WINDOWS\System32\perfd00A.dat
[2013/01/12 13:58:29 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013/01/12 13:58:28 | 000,317,534 | ---- | C] () -- C:\WINDOWS\System32\perfi00A.dat
[2013/01/12 13:58:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013/01/12 13:58:21 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
[2013/01/12 13:53:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2013/01/12 13:53:46 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2013/01/12 13:52:53 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2013/01/12 13:51:58 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2013/01/12 13:51:26 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013/01/12 13:51:14 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll
[2013/01/12 13:51:05 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2013/01/12 13:50:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013/01/12 13:50:41 | 000,084,784 | ---- | C] () -- C:\WINDOWS\System32\fciv.exe
[2013/01/12 13:50:16 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2013/01/12 13:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdummy.sys

========== ZeroAccess Check ==========

[2013/06/08 11:49:43 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/07/12 15:35:10 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2011/07/12 13:33:58 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 22:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
Reply With Quote
  #6  
Old June 22nd, 2013, 05:43 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
Extras.txt

OTL Extras logfile created on: 22/06/2013 11:20:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Mis documentos\Dropbox\Downloads\OTL
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy

1.98 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 42.09% Memory free
3.83 Gb Paging File | 2.75 Gb Available in Paging File | 71.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 29.29 Gb Total Space | 11.77 Gb Free Space | 40.17% Space Free | Partition Type: NTFS
Drive D: | 44.02 Gb Total Space | 6.55 Gb Free Space | 14.89% Space Free | Partition Type: NTFS

Computer Name: OFICINA-9FDFA55 | User Name: Rafael Rodulfo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*isabled:Administración remota de Windows
"80:TCP" = 80:TCP:*isabled:Administración remota de Windows - Modo de compatibilidad (HTTP de entrada)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res. dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res. dll,-22019 -- (Microsoft Corporation)
"C:\Archivos de programa\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Archivos de programa\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe:*:Enabledropbox -- (Dropbox, Inc.)
"C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Archivos de programa\Bonjour\mDNSResponder.exe" = C:\Archivos de programa\Bonjour\mDNSResponder.exe:*:Enabled:Servi cio Bonjour -- (Apple Inc.)
"C:\Archivos de programa\iTunes\iTunes.exe" = C:\Archivos de programa\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Archivos de programa\Skype\Phone\Skype.exe" = C:\Archivos de programa\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{10453873-71FA-4D72-8070-E591D91BF7E0}" = GNP Móvil - Cotizador de Vida
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216045FF}" = Java(TM) 6 Update 45
"{27151971-250E-4728-AC1F-9265F5578F64}" = MetLife FlexiLife
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3C1A7B4B-CA55-4984-9908-8F41E4E24AB0}" = CameraDrivers
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4129CA8E-7E75-4eee-BAE5-AA7707AA7708}" = Canon MF4400 Series
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{452622B2-CFF1-4373-B773-141FC10A2AB6}" = hpicamDrvQFolder
"{4596FA5B-2966-44E6-9DA3-998001CA71DC}" = Unload
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Compatibilidad con Aplicaciones de Apple
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0
"{63CFC157-51B4-4b6d-8B1B-D3824C284104}" = CameraUserGuides
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf14
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142080}" = Java 2 Runtime Environment, SE v1.4.2_08
"{71BB6107-9B21-44EB-AE7B-71C2BFCE8801}" = Cotizador Autos
"{74E51344-815D-44B5-823E-E26953E31EBC}" = Cotizador Vida
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BEC72A4-B3C9-4E13-9FE8-9A1552964308}" = Cotizador Gastos Medicos
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{83169D43-4660-4347-BC95-E9D6E6BE65CE}" = Paquete de idioma de Microsoft .NET Framework 1.1 Service Pack 1 - ESN
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{85AC0FFA-643D-3103-9310-7086ECB0C36C}" = Paquete de idioma de Microsoft .NET Framework 2.0 Service Pack 2 - ESN
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{90120000-0010-0C0A-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Spanish) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_STANDARD_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_STANDARD_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_STANDARD_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_STANDARD_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_STANDARD_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_STANDARD_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_STANDARD_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_STANDARD_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARD_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_STANDARD_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A4-0C0A-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{914AC823-A577-4E8D-9D60-852E51E2E9A0}" = MetLife Gastos Médicos
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{92E4A65F-7007-3357-A69A-167F71A337BD}" = Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"{99127D2B-0FC7-492B-ACB6-9408A1B709C6}" = MetLife Cotizador Vida
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C0C4061-7D9F-42c8-892E-19D1290B4510}" = HP Cámaras Photosmart 7.0
"{9D210D79-AEC5-453B-960C-4DD2C73931E1}" = Servicios de impresión de Bonjour
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help
"{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AC76BA86-7AD7-1034-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Español
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AEBA765A-6ADE-4699-A1F6-84450BB6A327}" = MetLife Menú Cotizadores
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd
"{B4B6D789-EF42-39D5-B36B-A1282951E0D5}" = Paquete de idioma de Microsoft .NET Framework 4 Extended ESN
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}" = Paquete de idioma de Microsoft .NET Framework 3.0 Service Pack 2 - ESN
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C75B45E0-5E96-4778-8AC6-0793124D54CE}" = ESET Smart Security
"{CA1583AB-D8A1-44FA-9E4D-9A5FD1DB2D40}" = GNP Móvil - Cotizador de GMM
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{ECF32039-563C-42BE-8A3E-1CE29763D778}" = Cotizador único
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EE2FACC0-8BDD-40BD-BFF8-AEE0F5DDB4EE}" = GNP Móvil - Consola del Proyector Integral
"{EFA2BBEB-CF93-493B-904B-1B970B8DFAB6}" = Logitech QuickCam
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F44C7D23-28E0-4A2A-86FB-21D2CD1315FB}" = GNP Móvil - Cotizador de Autos
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AhnLab Online Security" = AhnLab Online Security (Personal)
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_54221 4F1" = Conexant D480 MDC V.92 Modem
"com.ynab.YNAB4.LiveCaptive_is1" = YNAB 4 version 4.3.75
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPOCR" = HP OCR Software 9.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Pdf995" = Pdf995
"PdfEdit995" = PdfEdit995
"QcDrv" = Controlador de Logitech® Camera
"Rapport_msi" = Rapport
"Signature995" = Signature995
"STANDARD" = Microsoft Office Standard 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TechTools PDF" = TechTools PDF
"Trillian" = Trillian
"TuSaludWS" = TuSaludWS
"TuVidaWS" = TuVidaWS
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"XobniMain" = Xobni

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"ACT!" = ACT!
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20/06/2013 21:33:34 | Computer Name = OFICINA-9FDFA55 | Source = Windows Search Service | ID = 3013
Description = No se puede actualizar la entrada <D:\MIS DOCUMENTOS\ACT\DATABASE\CONTACTOS
FACTUS.TL1> en el mapa hash. Contexto: aplicación , catálogo SystemIndex Detalles:
Uno
de los dispositivos vinculados al sistema no funciona. (0x8007001f)

Error - 20/06/2013 21:39:47 | Computer Name = OFICINA-9FDFA55 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 20/06/2013 21:39:47 | Computer Name = OFICINA-9FDFA55 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2263

Error - 20/06/2013 21:39:47 | Computer Name = OFICINA-9FDFA55 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2263

Error - 20/06/2013 21:39:49 | Computer Name = OFICINA-9FDFA55 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 20/06/2013 21:39:49 | Computer Name = OFICINA-9FDFA55 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3916

Error - 20/06/2013 21:39:49 | Computer Name = OFICINA-9FDFA55 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3916

Error - 20/06/2013 21:39:50 | Computer Name = OFICINA-9FDFA55 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 20/06/2013 21:39:50 | Computer Name = OFICINA-9FDFA55 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4967

Error - 20/06/2013 21:39:50 | Computer Name = OFICINA-9FDFA55 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4967

[ OSession Events ]
Error - 20/06/2013 12:49:39 | Computer Name = OFICINA-9FDFA55 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1635
seconds with 720 seconds of active time. This session ended with a crash.

Error - 20/06/2013 12:57:45 | Computer Name = OFICINA-9FDFA55 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 281
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 17/06/2013 20:28:42 | Computer Name = OFICINA-9FDFA55 | Source = Service Control Manager | ID = 7009
Description = Intervalo de espera (30000 ms.) para la conexión con el servicio Intel(R)
PROSet/Wireless Registry Service.

Error - 17/06/2013 20:28:42 | Computer Name = OFICINA-9FDFA55 | Source = Service Control Manager | ID = 7000
Description = El servicio Intel(R) PROSet/Wireless Registry Service no pudo iniciarse
debido al siguiente error: %%1053

Error - 18/06/2013 09:46:53 | Computer Name = OFICINA-9FDFA55 | Source = Dhcp | ID = 1002
Description = La concesión de la dirección IP 192.168.1.92 para la tarjeta de red
con la dirección de red 000E35D2AB67 ha sido denegada por el servidor DHCP 192.168.0.1
(el servidor DHCP envió un mensaje DHCPNACK).

Error - 18/06/2013 14:06:22 | Computer Name = OFICINA-9FDFA55 | Source = Service Control Manager | ID = 7034
Description = El servicio Rapport Management Service se terminó de manera inesperada.
Esto ha sucedido 1 veces.

Error - 18/06/2013 18:29:16 | Computer Name = OFICINA-9FDFA55 | Source = Dhcp | ID = 1002
Description = La concesión de la dirección IP 192.168.0.159 para la tarjeta de red
con la dirección de red 000E35D2AB67 ha sido denegada por el servidor DHCP 10.128.128.128
(el servidor DHCP envió un mensaje DHCPNACK).

Error - 18/06/2013 20:18:40 | Computer Name = OFICINA-9FDFA55 | Source = PSched | ID = 14103
Description = QoS [Adaptador {5EC0CBB3-A965-42D4-849D-69EF214A7F88}]: El controlador
de la tarjeta de red no pudo satisfacer la consulta para OID_GEN_LINK_SPEED.

Error - 18/06/2013 20:49:10 | Computer Name = OFICINA-9FDFA55 | Source = Dhcp | ID = 1002
Description = La concesión de la dirección IP 10.48.221.158 para la tarjeta de red
con la dirección de red 000E35D2AB67 ha sido denegada por el servidor DHCP 0.0.0.0
(el servidor DHCP envió un mensaje DHCPNACK).

Error - 18/06/2013 23:13:48 | Computer Name = OFICINA-9FDFA55 | Source = Dhcp | ID = 1002
Description = La concesión de la dirección IP 192.168.0.33 para la tarjeta de red
con la dirección de red 000E35D2AB67 ha sido denegada por el servidor DHCP 192.168.1.254
(el servidor DHCP envió un mensaje DHCPNACK).

Error - 19/06/2013 09:52:23 | Computer Name = OFICINA-9FDFA55 | Source = Dhcp | ID = 1002
Description = La concesión de la dirección IP 192.168.1.93 para la tarjeta de red
con la dirección de red 000E35D2AB67 ha sido denegada por el servidor DHCP 192.168.0.1
(el servidor DHCP envió un mensaje DHCPNACK).

Error - 19/06/2013 12:38:57 | Computer Name = OFICINA-9FDFA55 | Source = ipnathlp | ID = 32003
Description = El Traductor de direcciones de red (NAT) no pudo pedir una operación

del módulo de traducción de modo del núcleo. Esto puede indicar errores de configuración,
recursos insuficientes, o un error interno. Los datos son el código de error.


< End of report >
Reply With Quote
  #7  
Old June 22nd, 2013, 05:56 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
aswMBR.txt

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-22 11:43:36
-----------------------------
11:43:36.687 OS Version: Windows 5.1.2600 Service Pack 3
11:43:36.687 Number of processors: 1 586 0xD06
11:43:36.687 ComputerName: OFICINA-9FDFA55 UserName: Rafael Rodulfo
11:43:38.159 Initialize success
11:43:59.780 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:43:59.780 Disk 0 Vendor: ST9808211A 8.03 Size: 75085MB BusType: 3
11:43:59.900 Disk 0 MBR read successfully
11:43:59.900 Disk 0 MBR scan
11:43:59.900 Disk 0 Windows XP default MBR code
11:43:59.900 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 29996 MB offset 63
11:43:59.910 Disk 0 Partition - 00 0F Extended LBA 45080 MB offset 61432560
11:43:59.920 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 45080 MB offset 61432623
11:43:59.920 Disk 0 scanning sectors +153758115
11:43:59.960 Disk 0 scanning C:\WINDOWS\system32\drivers
11:44:10.676 Service scanning
11:44:23.885 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
11:44:26.939 Modules scanning
11:44:38.035 Disk 0 trace - called modules:
11:44:38.426 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
11:44:38.426 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89befab8]
11:44:38.436 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\0000008a[0x89b8e9e8]
11:44:38.436 5 ACPI.sys[f7497620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89b8ed98]
11:44:38.436 Scan finished successfully
11:45:17.982 Disk 0 MBR has been saved successfully to "D:\Mis documentos\Dropbox\Downloads\OTL\MBR.dat"
11:45:17.993 The log file has been saved successfully to "D:\Mis documentos\Dropbox\Downloads\OTL\20130622 aswMBR.txt"
Reply With Quote
  #8  
Old June 22nd, 2013, 06:04 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
Ok Tom, by the way I'm Rafael (Rafa is Fine), I did all you asked for. You tell me that "Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools"; Does that include the use/execution of any MS Office program, ESET Scan, ATF or CCleaner, accepting any software updates like Java, or using my browser to respond your posts?

Thanks for your help.
Reply With Quote
  #9  
Old June 22nd, 2013, 06:43 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 41
Posts: 5,017
Quote:
MS Office program, ESET Scan, ATF or CCleaner,
Hi Rafa, office is fine, but the other tools will make changes to the system. Don't use them unless instructed to.

Updates and using browser is fine.

Next, download ComboFix Save to the Desktop
  • Now, close all open windows
  • Double-click combofix.exe to run the program
  • Follow the prompts.
  • If the option is offered, it is in your best interest to allow the download and install of the Recovery Console when prompted.
  • When told that the RC is installed correctly, press YES to continue scanning for malware.
  • ComboFix will run. Please don't click on the window while the program is running, it may cause your system to stall.
  • CF may reboot the computer and resume running when it restarts.
  • When finished, a log, ComboFix.txt, is produced.
Please provide the contents of the ComboFix report in your reply.
Reply With Quote
  #10  
Old June 22nd, 2013, 09:47 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
Combofix log

ComboFix 13-06-22.01 - Rafael Rodulfo 22/06/2013 13:54:56.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.52.3082.18.2030.1283 [GMT -5:00]
Running from: d:\mis documentos\Dropbox\Downloads\Cybertechhelp\Combofi x\ComboFix.exe
AV: ESET Smart Security 6.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Cortafuegos personal de ESET *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Created a new restore point
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\RAFAEL~1\CONFIG~1\Temp\mfdwl.dll
c:\documents and settings\Rafael Rodulfo\Configuración local\Temp\mfdwl.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-05-22 to 2013-06-22 )))))))))))))))))))))))))))))))
.
.
2013-06-18 17:58 . 2013-06-18 18:03 -------- d-----w- C:\Cotizador_Unico
2013-06-12 22:44 . 2013-06-12 22:44 -------- d-----w- C:\OKIDATA
2013-06-12 21:57 . 2013-06-12 21:59 -------- d-----w- C:\MetLife Cotizadores
2013-06-12 16:00 . 2013-06-12 16:00 -------- d-----w- C:\CanonMF
2013-06-09 14:23 . 2013-06-09 14:23 -------- d-----r- C:\MSOCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2013-05-07 22:27 . 2013-01-12 18:57 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-07 22:27 . 2013-01-12 18:55 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:27 . 2013-01-12 18:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2013-01-12 18:50 385024 ----a-w- c:\windows\system32\html.iec
2013-05-03 05:39 . 2013-01-12 18:58 2195968 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 05:39 . 2010-12-10 02:44 2072576 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-30 06:28 . 2013-04-30 06:28 102448 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2013-04-12 14:01 . 2013-01-12 18:52 1876480 ----a-w- c:\windows\system32\win32k.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-07-12 . 474D3DCCB57DEFCD917311EEC47204B9 . 361600 . . [5.1.2600.6009] . . c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]
"SynTPEnh"="c:\archivos de programa\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]
"Adobe ARM"="c:\archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"egui"="c:\archivos de programa\ESET\ESET Smart Security\egui.exe" [2013-03-21 5078504]
"HP Software Update"="c:\archivos de programa\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"AhnLab Online Security Personal"="c:\archivos de programa\AhnLab\ASP\AOSPersonal\aosrun.exe" [2012-08-08 437760]
"APSDaemon"="c:\archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"iTunesHelper"="c:\archivos de programa\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"LogitechCommunicationsManager"="c:\archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe " [2007-05-17 505368]
"LogitechQuickCamRibbon"="c:\archivos de programa\Logitech\QuickCam10\QuickCam10.exe" [2007-05-17 780312]
"SunJavaUpdateSched"="c:\archivos de programa\Archivos comunes\Java\Java Update\jusched.exe" [2012-09-17 254896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio\
Dropbox.lnk - c:\documents and settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
Trillian.lnk - c:\archivos de programa\Trillian\trillian.exe [2013-6-17 2606448]
.
c:\documents and settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio\
Dropbox.lnk - c:\documents and settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
Trillian.lnk - c:\archivos de programa\Trillian\trillian.exe [2013-6-17 2606448]
.
c:\documents and settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio\
Dropbox.lnk - c:\documents and settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
Trillian.lnk - c:\archivos de programa\Trillian\trillian.exe [2013-6-17 2606448]
.
c:\documents and settings\All Users\Menú Inicio\Programas\Inicio\
HP Digital Imaging Monitor.lnk - c:\archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Inicio rápido de HP Photosmart Premier.lnk - c:\archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe -s [2006-2-10 73728]
SideACT!.lnk - c:\archivos de programa\ACT\SideACT.exe /s [2013-6-11 278589]
Windows Search.lnk - c:\archivos de programa\Windows Desktop Search\WindowsSearch.exe /startup [2013-6-8 123904]
.
c:\documents and settings\Rafael Rodulfo\Menú Inicio\Programas\Inicio\
Dropbox.lnk - c:\documents and settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
Trillian.lnk - c:\archivos de programa\Trillian\trillian.exe [2013-6-17 2606448]
.
[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\archivos de programa\Windows Desktop Search\MSNLNamespaceMgr.dll" [2011-07-12 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Archivos de programa\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Documents and Settings\\Rafael Rodulfo\\Datos de programa\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Archivos de programa\\Archivos comunes\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Archivos de programa\\Bonjour\\mDNSResponder.exe"=
"c:\\Archivos de programa\\iTunes\\iTunes.exe"=
"c:\\Archivos de programa\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*isabled:Administración remota de Windows
.
R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61 xxmm.sys [12/01/2013 13:58 13616]
R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64 xxmm.sys [12/01/2013 13:58 5632]
R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.s ys [12/01/2013 13:52 13616]
R0 RapportKELL;RapportKELL;c:\windows\system32\driver s\RapportKELL.sys [30/04/2013 01:28 102448]
R0 RDUMMY;RDUMMY;c:\windows\system32\drivers\rdummy.s ys [12/01/2013 13:50 4096]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers \sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 AMonTDnt;AMonTDnt;c:\windows\system32\drivers\Amon TDNt.sys [13/06/2013 09:56 96936]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [10/01/2013 09:25 122240]
R1 RapportCerberus_51755;RapportCerberus_51755;c:\doc uments and settings\All Users\Datos de programa\Trusteer\Rapport\store\exts\RapportCerber us\baseline\RapportCerberus32_51755.sys [12/06/2013 17:32 317112]
R1 RapportEI;RapportEI;c:\archivos de programa\Trusteer\Rapport\bin\RapportEI.sys [30/04/2013 01:28 103120]
R1 RapportPG;RapportPG;c:\archivos de programa\Trusteer\Rapport\bin\RapportPG.sys [30/04/2013 01:28 174320]
R2 ekrn;ESET Service;c:\archivos de programa\ESET\ESET Smart Security\ekrn.exe [21/03/2013 15:19 1341664]
R2 RapportMgmtService;Rapport Management Service;c:\archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.e xe [30/04/2013 01:28 1124632]
R2 XobniService;XobniService;c:\archivos de programa\Xobni\XobniService.exe [09/04/2012 19:32 62184]
R3 AhnRghNt;AhnRghNt;c:\windows\system32\drivers\AhnR ghNT.sys [13/06/2013 09:51 62784]
R3 AOS2Service;AOS2Service;c:\archivos de programa\AhnLab\ASP\Smart Update i\aos2svc.exe [13/06/2013 09:51 155128]
R3 ATamptNt_aos;ATamptNt_aos;c:\archiv~1\AhnLab\ASP\S MARTU~1\ATamptNt.sys [13/06/2013 09:51 187224]
R3 CdmDrvNt;CdmDrvNt;c:\windows\system32\drivers\CdmD rvNT.sys [13/06/2013 09:51 19616]
R3 MfFWEnt;MfFWEnt;c:\archivos de programa\AhnLab\ASP\MyFirewall 4.0\MfFWENt.sys [13/06/2013 09:50 101368]
R3 MfIPSEnt;MfIPSEnt;c:\archivos de programa\AhnLab\ASP\MyFirewall 4.0\MfIPSENt.sys [13/06/2013 09:50 121536]
R3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\mkd2 kfnt.sys [13/06/2013 09:56 127064]
S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [12/01/2013 13:54 9472]
S2 SkypeUpdate;Skype Updater;c:\archivos de programa\Skype\Updater\Updater.exe [03/06/2013 16:21 162408]
S3 AhnFlt2K;AhnFlt2K;c:\windows\system32\drivers\AhnF lt2k.sys [13/06/2013 09:51 53088]
S3 AhnRec2K;AhnRec2K;c:\windows\system32\drivers\AhnR ec2k.sys [13/06/2013 09:51 21824]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2 Nadr.sys [13/06/2013 09:56 92376]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ATAMPTNT_AOS
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Winmgmt REG_MULTI_SZ winmgmt
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
2011-07-12 20:33 128512 ----a-w- c:\windows\system32\advpack.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-20 22:13 1165776 ----a-w- c:\archivos de programa\Google\Chrome\Application\27.0.1453.116\I nstaller\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe [2013-06-09 16:49]
.
2013-06-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\archivos de programa\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\archivos de programa\Google\Update\GoogleUpdate.exe [2013-06-10 23:07]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\archivos de programa\Google\Update\GoogleUpdate.exe [2013-06-10 23:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.contactognp.com.mx/
uInternet Settings,ProxyOverride = *.local
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.128.128.128
.
- - - - ORPHANS REMOVED - - - -
.
Notify-RailNotification - winlogonnotification.dll\0\0
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
************************************************** ************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-22 14:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macrome d\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUt il32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(952)
c:\windows\system32\winlogonnotification.dll
.
- - - - - - - > 'explorer.exe'(7124)
c:\windows\system32\WININET.dll
c:\archivos de programa\Archivos comunes\Logishrd\LVMVFM\LVPrcInj.dll
c:\archivos de programa\AhnLab\ASP\Smart Update i\aosmon.dll
c:\windows\system32\mkd25hk.dll
c:\documents and settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\DropboxExt.19.dll
c:\docume~1\RAFAEL~1\CONFIG~1\Temp\mfdwl.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\archivos de programa\Intel\WiFi\bin\S24EvMon.exe
c:\archivos de programa\Archivos comunes\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\archivos de programa\Bonjour\mDNSResponder.exe
c:\archivos de programa\Java\jre6\bin\jqs.exe
c:\archivos de programa\Archivos comunes\LogiShrd\LVCOMSER\LVComSer.exe
c:\archivos de programa\Archivos comunes\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\igfxsrvc.exe
c:\archivos de programa\iPod\bin\iPodService.exe
c:\archivos de programa\ACT\SideACT.exe
c:\archivos de programa\Windows Desktop Search\WindowsSearch.exe
c:\documents and settings\Rafael Rodulfo\Datos de programa\Dropbox\bin\Dropbox.exe
c:\windows\system32\SearchProtocolHost.exe
c:\archivos de programa\Archivos comunes\Logishrd\LQCVFX\COCIManager.exe
c:\archivos de programa\HP\Digital Imaging\bin\hpqimzone.exe
c:\archivos de programa\HP\Digital Imaging\bin\hpqSTE08.exe
c:\archivos de programa\trillian\plugins\skypekit.exe
c:\archivos de programa\AhnLab\ASP\Smart Update i\aoslog.exe
c:\archivos de programa\Archivos comunes\Java\Java Update\jucheck.exe
c:\archivos de programa\AhnLab\ASP\MyFirewall 4.0\aosrts.exe
c:\windows\system32\SearchFilterHost.exe
.
************************************************** ************************
.
Completion time: 2013-06-22 14:18:47 - machine was rebooted
ComboFix-quarantined-files.txt 2013-06-22 19:18
.
Pre-Run: 13,035,315,200 bytes libres
Post-Run: 13,163,905,024 bytes libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[Boot Loader]
timeout=2
Default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S
[Operating Systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - A81040BD5FC66A48D99A23FE61BD66D6
792F61657FECE3D17A9122B4EE282847
Reply With Quote
  #11  
Old June 23rd, 2013, 06:17 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 41
Posts: 5,017
Hi Rafa,

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



Also please post back with a fresh OTL logfile.
Reply With Quote
  #12  
Old June 23rd, 2013, 05:34 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
AdwCleaner log

# AdwCleaner v2.303 - Fichero creado el 23/06/2013 a 11:30:22
# Actualizado el 08/06/2013 por Xplode
# Sistema operativo : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuario : Rafael Rodulfo - OFICINA-9FDFA55
# Modo de inicio : Normal
# Ejecutado desde : D:\Mis documentos\Dropbox\Downloads\Cybertechhelp\adwclea ner\adwcleaner.exe
# Opción [Búsqueda]


***** [Servicios] *****


***** [Ficheros / Carpetas] *****


***** [Registro] *****

Clave Presente : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Clave Presente : HKLM\Software\TENCENT

***** [Navegadores] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] El registro no contiene ninguna entrada ilegítima.

-\\ Google Chrome v27.0.1453.116

Fichero : C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

*************************

AdwCleaner[R1].txt - [1028 octets] - [23/06/2013 11:30:22]

########## EOF - C:\AdwCleaner[R1].txt - [1088 octets] ##########
Reply With Quote
  #13  
Old June 23rd, 2013, 05:50 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
AdwCleaner[S1] log

# AdwCleaner v2.303 - Fichero creado el 23/06/2013 a 11:33:34
# Actualizado el 08/06/2013 por Xplode
# Sistema operativo : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuario : Rafael Rodulfo - OFICINA-9FDFA55
# Modo de inicio : Normal
# Ejecutado desde : D:\Mis documentos\Dropbox\Downloads\Cybertechhelp\adwclea ner\adwcleaner.exe
# Opción [Supresión]


***** [Servicios] *****


***** [Ficheros / Carpetas] *****


***** [Registro] *****

Clave Supprimida : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Clave Supprimida : HKLM\Software\TENCENT

***** [Navegadores] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] El registro no contiene ninguna entrada ilegítima.

-\\ Google Chrome v27.0.1453.116

Fichero : C:\Documents and Settings\Rafael Rodulfo\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

*************************

AdwCleaner[R1].txt - [1157 octets] - [23/06/2013 11:30:22]
AdwCleaner[S1].txt - [1093 octets] - [23/06/2013 11:33:34]

########## EOF - C:\AdwCleaner[S1].txt - [1153 octets] ##########
Reply With Quote
  #14  
Old June 23rd, 2013, 05:52 PM
rrodulfo rrodulfo is offline
Senior Member
 
Join Date: Sep 2006
O/S: Windows XP Pro
Location: Monterrey, Nuevo Leon, Mexico
Posts: 159
Hi Tom. Did what you instructed. What´s next?
Reply With Quote
  #15  
Old June 23rd, 2013, 09:02 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 41
Posts: 5,017
And the fresh OTL logfile? How is it running?
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 07:01 AM.