2. Google Umleitung auf "secure.bidvertiser"

cosinus · 22.06.2012, 09:49

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

martinalejan · 22.06.2012, 12:49

hier das log von OTL mit Deinen Angaben :

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 22/06/2012 12:56:44 - Run 2
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Documents and Settings\xp\Escritorio\Festplatte aufräumen\Virus Analyse
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 61.23% Memory free
4.85 Gb Paging File | 4.10 Gb Available in Paging File | 84.51% Paging File free
Paging file location(s): c:\pagefile.sys 3070 3070 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 149.05 Gb Total Space | 29.75 Gb Free Space | 19.96% Space Free | Partition Type: NTFS
 
Computer Name: MARTINAKILB2 | User Name: xp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/06/17 02:37:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xp\Escritorio\Festplatte aufräumen\Virus Analyse\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- c:\Archivos de programa\McAfee.com\Agent\mcagent.exe
PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\mfefire.exe
PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\mcshield.exe
PRC - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe
PRC - [2011/04/08 13:59:50 | 000,419,904 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee\MAT\McPvTray.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe
PRC - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee Online Backup\MOBKbackup.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/07/20 13:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/10 13:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\KHAL2\KHALMNPR.exe
PRC - [2008/04/14 04:18:57 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/29 17:06:10 | 001,077,248 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\Archivos de programa\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
PRC - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007/01/12 03:09:28 | 000,488,984 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2006/03/23 18:06:38 | 000,880,128 | ---- | M] (Nero AG) -- C:\Archivos de programa\Ahead\InCD\InCDsrv.exe
PRC - [2005/10/31 10:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Archivos de programa\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2005/07/19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005/06/08 16:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 15:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Logitech\Video\FxSvr2.exe
PRC - [2004/08/14 04:42:20 | 000,036,864 | ---- | M] () -- C:\Archivos de programa\mobile PhoneTools\WatchDog.exe
PRC - [2004/04/13 06:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe
PRC - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2010/04/13 20:11:16 | 000,077,624 | ---- | M] () -- C:\Archivos de programa\McAfee Online Backup\librs2.dll
MOD - [2009/07/20 13:27:14 | 000,017,936 | ---- | M] () -- C:\Archivos de programa\Logitech\SetPoint\khalwrapper.dll
MOD - [2004/08/14 04:42:20 | 000,036,864 | ---- | M] () -- C:\Archivos de programa\mobile PhoneTools\WatchDog.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (KodakCCS)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/04/23 14:36:57 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/19 08:21:16 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Archivos de programa\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/07/20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/05/07 20:52:47 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/03/23 18:06:38 | 000,880,128 | ---- | M] (Nero AG) [Auto | Running] -- C:\Archivos de programa\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (mfeavfk01)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2012/06/15 21:24:42 | 000,039,936 | ---- | M] (CurioLab S.M.B.A.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\extit.sys -- (ExterminateIt)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/02/22 13:29:46 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/11 14:29:16 | 000,064,048 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\McPvDrv.sys -- (McPvDrv)
DRV - [2010/04/13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009/06/17 18:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 18:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 18:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2009/06/17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/03/30 23:46:20 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2007/10/23 11:45:00 | 000,269,824 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187.sys -- (RTLWUSB)
DRV - [2007/09/29 05:05:59 | 002,456,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/09/05 13:35:46 | 000,377,920 | R--- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\A5AGU.sys -- (A5AGU)
DRV - [2007/07/05 19:04:58 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007/06/20 15:57:46 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/06/15 11:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/03/17 16:02:22 | 000,053,760 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV76.sys -- (SSHDRV76)
DRV - [2006/08/27 15:58:06 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2006/07/25 11:27:16 | 000,357,568 | R--- | M] (THOMSON Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BT4501G.sys -- (BT4501G)
DRV - [2006/03/26 14:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/03/24 18:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006/03/23 18:15:58 | 000,102,016 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2006/03/23 18:15:56 | 000,033,536 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2006/03/23 18:15:56 | 000,029,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2006/03/23 18:00:28 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2006/03/20 18:34:56 | 001,452,032 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\p17filt.sys -- (p17filt)
DRV - [2006/03/13 11:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/09/01 12:03:04 | 000,005,888 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\imagedrv.sys -- (Imagedrv)
DRV - [2005/05/27 10:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/04/07 10:53:36 | 000,028,164 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2005/01/10 19:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 19:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/11/05 17:43:58 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004/10/08 12:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2004/08/03 23:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004/05/13 15:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/05/13 13:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/12/01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/09/06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003/08/19 17:27:20 | 000,333,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)
DRV - [2003/07/16 22:28:02 | 000,017,142 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CBTNDIS5.sys -- (CBTNDIS5)
DRV - [2003/05/22 18:44:44 | 000,670,203 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51)
DRV - [2003/05/14 16:01:42 | 000,062,673 | R--- | M] (Funk Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\odysseyIM3.sys -- (odysseyIM3)
DRV - [2002/09/26 14:41:58 | 000,029,312 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (sisagp)
DRV - [2002/07/29 14:15:26 | 000,024,288 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)
DRV - [2002/07/29 14:14:00 | 000,424,704 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134) MEDION (7134)
DRV - [2002/04/19 02:15:46 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/04/16 14:56:20 | 000,004,608 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide)
DRV - [2001/08/17 23:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [1999/09/27 10:47:34 | 000,014,656 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BjsPort.sys -- (BjsPort)
DRV - [1998/02/26 15:10:28 | 000,025,632 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\a4sii300.sys -- (A4SII300)
DRV - [1996/02/26 19:44:18 | 000,006,144 | ---- | M] (Corel Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\crlscsi.sys -- (crlscsi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.live.com
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZNxmk789YYES&fl=0&ptb=XFlbj7pJ2zIE5BOYRupzbw&url=hxxp://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.live.com
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZNxmk789YYES&fl=0&ptb=XFlbj7pJ2zIE5BOYRupzbw&url=hxxp://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Search, = 
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes,DefaultScope = {21975B79-4ED1-4A5E-BA7A-948F9C16025A}
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes\{21975B79-4ED1-4A5E-BA7A-948F9C16025A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLD_de
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes\{42DE7406-9A42-409A-A612-CC489BD23278}: "URL" = hxxp://www.rtl.de/websuche.php?kw={searchTerms}
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes\{58AA2032-3F73-444B-9BEA-F32512868136}: "URL" = hxxp://es.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes\{63F700A0-5B73-435A-AFC7-887C52E4B460}: "URL" = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://localhost:4664/search&s=ROOVnf0gwQxsiPZjAraOBpCh8do?q={searchTerms}
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes\{8E0E7E7C-1B3A-4772-B7BD-AFAFC4BAAF35}: "URL" = hxxp://suche.web.de/search/web/?su={searchTerms}
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes\{E820C180-59B0-451C-9183-258058854C4A}: "URL" = hxxp://suche.lycos.de/cgi-bin/pursuit?query={searchTerms}
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\SearchScopes\{EF80DC8C-4595-4845-8E4D-D2BD44E3DACF}: "URL" = hxxp://suche.freenet.de/suche?query={searchTerms}
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-884357618-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Archivos de programa\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Archivos de programa\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\archiv~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Archivos de programa\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Archivos de programa\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.2: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Archivos de programa\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: c:\Archivos de programa\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=2.5: C:\Archivos de programa\Virtual Earth 3D\ [2009/06/02 17:54:52 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Archivos de programa\Virtual Earth 3D\ [2009/06/02 17:54:52 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Archivos de programa\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Datos de programa\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Archivos de programa\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Archivos de programa\Archivos comunes\McAfee\SystemCore [2012/06/22 12:53:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Archivos de programa\McAfee\SiteAdvisor [2012/06/15 13:41:51 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012/06/15 23:20:03 | 000,000,834 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	license.superantispyware.com
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Archivos de programa\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\ScriptSn.20120608160844.dll (McAfee, Inc.)
O2 - BHO: (Aplicación auxiliar de inicio de sesión de Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Archivos de programa\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Archivos de programa\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Archivos de programa\YRefresher\YRefresher.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\Toolbar\WebBrowser: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Archivos de programa\YRefresher\YRefresher.dll ()
O3 - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Archivos de programa\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [McPvTray_exe] C:\Archivos de programa\McAfee\MAT\McPvTray.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Archivos de programa\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PrnStatusMX] C:\Archivos de programa\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [WatchDog] C:\Archivos de programa\mobile PhoneTools\WatchDog.exe ()
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Archivos de programa\Archivos comunes\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Archivos de programa\Archivos comunes\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1715567821-884357618-725345543-1004..\Run: [NBJ] C:\Archivos de programa\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Logitech SetPoint.lnk = C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-884357618-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &eBay Search - Reg Error: Value error. File not found
O8 - Extra context menu item: &MSN Suche - Reg Error: Value error. File not found
O8 - Extra context menu item: &Silently send to default data store - C:\Archivos de programa\Queue\addToStore.html ()
O8 - Extra context menu item: &Yahoo! Search - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Add link to &queue - C:\Archivos de programa\Queue\addPage.html ()
O8 - Extra context menu item: Add to &data store... - C:\Archivos de programa\Queue\addToStore.html ()
O8 - Extra context menu item: Add to &queue - C:\Archivos de programa\Queue\addPage.html ()
O8 - Extra context menu item: Go to Queue &Web site - C:\Archivos de programa\Queue\website.html ()
O8 - Extra context menu item: Pop page from &queue - C:\Archivos de programa\Queue\removePage.html ()
O8 - Extra context menu item: Sea&rch stores - C:\Archivos de programa\Queue\searchStores.html ()
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O9 - Extra 'Tools' menuitem : Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Webpage Capture - {1F958B09-6612-7a0e-9223-4C7324C57B23} - C:\Archivos de programa\Webpage Capture\Webpage Capture.exe (Endicosoft.com)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Archivos de programa\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - Reg Error: Value error. File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Archivos de programa\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Archivos de programa\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1715567821-884357618-725345543-1004\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (Reg Error: Key error.)
O16 - DPF: {2685A3D0-1459-45EE-8426-5B8CF98899A8} hxxp://www.metacrawler1.de/metabar/metabar.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259167718062 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Archivos de programa\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\ARCHIV~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL) - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No CLSID value found.
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\xp\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\xp\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Archivos de programa\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Archivos de programa\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/06 19:56:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-1715567821-884357618-725345543-1004\...com [@ = comfile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^McAfee Online Backup Estado.lnk - C:\Archivos de programa\McAfee Online Backup\MOBKstat.exe - (McAfee, Inc.)
MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Archivos de programa\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
 
SafeBootMin: !SASCORE - C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootMin: 41499821.sys - Driver
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: mcmscsvc - C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Archivos de programa\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WdfLoadGroup - 
SafeBootMin: WinDefend - C:\Archivos de programa\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: !SASCORE - C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootNet: 41499821.sys - Driver
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: McMPFSvc - C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: mcmscsvc - C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Archivos de programa\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: mfefire - C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mfefire.exe ()
SafeBootNet: mfefirek - C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfefirek.sys - C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfehidk - C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfehidk.sys - C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfevtp - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WdfLoadGroup - 
SafeBootNet: WinDefend - C:\Archivos de programa\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {050B646B-C4DB-86AD-A6E6-5DDE537D5242} - Microsoft Windows Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Generación de gráficos vectoriales (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Enlace dinámico de datos HTML para Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {405C32CF-9C6F-49B3-9436-3F5FDBE7B3CE} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Autoría avanzada
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Clases Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Carpetas Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {83169D43-4660-4347-BC95-E9D6E6BE65CE} - .NET Framework
ActiveX: {85AC0FFA-643D-3103-9310-7086ECB0C36C} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A0803B57-627F-C252-0A7A-F8A2180EED45} - Microsoft Windows Media Player 6.4
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BB0DCC5E-7477-3350-B5F5-7CE64E1E83B6} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Programador de tareas
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX: {D6F3DB5A-1525-CFB7-DAB6-572136CE90C4} - Browser Customizations
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {ECD292A0-0347-4244-8C24-5DBCE990FB40} - Hotfix for Microsoft .NET Framework 3.0 (KB932471)
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package - 
 
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.enc - C:\WINDOWS\System32\ITIG726.acm (Ingenient Technologies, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\LVCodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: VIDC.IV50 - C:\WINDOWS\System32\Ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/06/22 02:30:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\xp\Recent
[2012/06/22 00:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Thinstall
[2012/06/22 00:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Configuración local\Datos de programa\Thinstall
[2012/06/16 23:22:45 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ESET
[2012/06/16 22:10:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Systweak
[2012/06/16 22:08:35 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2012/06/16 22:08:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\RegClean Pro
[2012/06/15 21:24:42 | 000,039,936 | ---- | C] (CurioLab S.M.B.A.) -- C:\WINDOWS\System32\drivers\extit.sys
[2012/06/15 20:55:40 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Exterminate It!
[2012/06/15 20:17:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Curiolab
[2012/06/15 17:30:39 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/06/08 19:24:29 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/08 17:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\McAfee
[2012/06/08 17:16:03 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee eliminieren
[2012/06/08 16:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\McAfee Anti-Theft
[2012/06/08 16:10:35 | 000,054,776 | ---- | C] (Mozy, Inc.) -- C:\WINDOWS\System32\drivers\MOBK.sys
[2012/06/08 16:10:21 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee Online Backup
[2012/06/08 16:09:42 | 000,064,048 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\McPvDrv.sys
[2012/06/08 16:09:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\McAfee
[2012/06/08 16:08:44 | 000,009,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2012/06/08 16:08:39 | 000,089,792 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2012/06/08 16:08:39 | 000,087,656 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2012/06/08 16:08:39 | 000,083,856 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2012/06/08 16:08:38 | 000,340,920 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2012/06/08 16:08:38 | 000,180,848 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2012/06/08 16:08:38 | 000,059,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2012/06/08 16:08:38 | 000,057,600 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2012/06/08 16:08:34 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Mcafee
[2012/06/08 16:08:33 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee.com
[2012/06/08 16:08:17 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee
[2012/06/08 15:57:51 | 000,151,880 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe
[2012/06/08 15:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\McAfee
[2012/06/08 13:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\SUPERAntiSpyware.com
[2012/06/08 13:37:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\SUPERAntiSpyware.com
[2012/06/08 13:37:24 | 000,000,000 | ---D | C] -- C:\Archivos de programa\SUPERAntiSpyware
[2012/06/08 10:08:25 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Citrix
[2012/06/08 10:07:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Configuración local\Datos de programa\Citrix
[2012/06/06 01:39:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes' Anti-Malware
[2012/06/06 01:38:59 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
[2012/06/06 01:04:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Auslogics
[2012/06/06 01:03:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Auslogics
[2012/06/06 01:03:36 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Auslogics
[2012/06/06 01:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Malwarebytes
[2012/06/06 00:53:12 | 000,000,000 | ---D | C] -- C:\Archivos de programa\CCleaner
[2012/06/05 23:21:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\xp\Escritorio\Festplatte aufräumen
[2012/06/05 17:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
[2012/06/05 05:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
[2010/12/29 20:38:02 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\xp\Datos de programa\pcouffin.sys
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/06/22 13:19:36 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{625482C6-11A8-43E9-BC0A-A608AD8BEA0E}.job
[2012/06/22 12:48:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/22 12:45:14 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/22 12:43:11 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/22 12:42:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/22 12:41:58 | 2147,016,704 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/22 12:30:00 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/22 05:37:02 | 000,000,532 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job
[2012/06/21 15:05:45 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2012/06/21 14:39:28 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/06/20 22:42:31 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/06/20 22:13:00 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2012/06/17 02:19:00 | 000,000,344 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/06/17 01:56:48 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\xp\defogger_reenable
[2012/06/15 23:20:03 | 000,000,834 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/06/15 21:36:16 | 000,017,182 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120615_213607.reg
[2012/06/15 21:24:42 | 000,039,936 | ---- | M] (CurioLab S.M.B.A.) -- C:\WINDOWS\System32\drivers\extit.sys
[2012/06/15 14:35:14 | 001,430,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/08 20:18:48 | 000,010,244 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_201842.reg
[2012/06/08 19:22:52 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\McAfee Virtual Technician.lnk
[2012/06/08 17:39:56 | 000,029,388 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_173943.reg
[2012/06/08 16:50:29 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\McAfee Total Protection.lnk
[2012/06/08 16:48:14 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\McAfee Online Backup.lnk
[2012/06/08 16:25:43 | 000,000,426 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\Cajas fuertes de McAfee.lnk
[2012/06/08 16:23:14 | 000,002,930 | ---- | M] () -- C:\WINDOWS\MOBK.blk
[2012/06/08 16:23:13 | 000,000,614 | ---- | M] () -- C:\WINDOWS\MOBK.flt
[2012/06/08 13:41:02 | 000,000,921 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\virushosts
[2012/06/08 10:07:49 | 000,103,784 | ---- | M] () -- C:\Documents and Settings\xp\GoToAssistDownloadHelper.exe
[2012/06/07 14:40:25 | 000,017,408 | ---- | M] () -- C:\conf.dat
[2012/06/06 15:16:18 | 000,654,660 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120606_151535.reg
[2012/06/06 00:28:25 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/04 20:59:12 | 000,465,456 | ---- | M] () -- C:\PoliFix.exe
[2012/06/04 16:34:33 | 000,163,840 | RHS- | M] () -- C:\WINDOWS\System32\MFC71KORR.dll
[2012/06/04 15:45:35 | 000,002,551 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\Microsoft Word.lnk
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/06/17 01:56:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\xp\defogger_reenable
[2012/06/16 22:11:16 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2012/06/16 22:11:14 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2012/06/16 22:08:33 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\RegClean Pro.lnk
[2012/06/16 12:11:53 | 000,465,456 | ---- | C] () -- C:\PoliFix.exe
[2012/06/15 21:36:13 | 000,017,182 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120615_213607.reg
[2012/06/15 20:55:44 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Exterminate It!.lnk
[2012/06/15 14:12:33 | 000,000,532 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job
[2012/06/08 20:18:46 | 000,010,244 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_201842.reg
[2012/06/08 19:22:52 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\McAfee Virtual Technician.lnk
[2012/06/08 19:22:09 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\McAfee Virtual Technician.lnk
[2012/06/08 17:39:54 | 000,029,388 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_173943.reg
[2012/06/08 16:50:29 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\McAfee Total Protection.lnk
[2012/06/08 16:25:43 | 000,000,426 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\Cajas fuertes de McAfee.lnk
[2012/06/08 16:25:28 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\McAfee Online Backup.lnk
[2012/06/08 10:07:47 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\xp\GoToAssistDownloadHelper.exe
[2012/06/07 00:26:45 | 000,017,408 | ---- | C] () -- C:\conf.dat
[2012/06/06 15:15:49 | 000,654,660 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120606_151535.reg
[2012/06/06 01:18:02 | 2147,016,704 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/04 20:28:13 | 000,001,599 | ---- | C] () -- C:\Asistencia remota.lnk
[2012/06/04 16:34:33 | 000,163,840 | RHS- | C] () -- C:\WINDOWS\System32\MFC71KORR.dll
[2012/04/27 11:18:41 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2012/04/27 11:18:40 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2012/02/18 17:54:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/12/29 20:38:02 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\inst.exe
[2010/12/29 20:38:02 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\pcouffin.cat
[2010/12/29 20:38:02 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\pcouffin.inf
[2010/10/15 20:14:40 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/31 22:47:12 | 000,000,345 | ---- | C] () -- C:\WINDOWS\hgw.ini
[2010/07/30 19:50:07 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
 
========== LOP Check ==========
 
[2008/05/07 20:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Autodesk
[2005/12/10 18:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Avanquest Software
[2006/02/16 01:33:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\BVRP Software
[2007/10/20 15:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Earthsim
[2010/10/16 00:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ICQ
[2010/08/16 14:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Merscom
[2006/02/26 13:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\MSN Search Toolbar
[2005/09/03 02:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PACE Anti-Piracy
[2007/10/25 19:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PC Drivers Headquarters
[2007/10/23 00:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\SecTaskMan
[2008/05/30 15:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Tages
[2012/06/15 13:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
[2006/12/03 19:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Zabersoft
[2010/03/12 19:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Zylom
[2010/08/16 19:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/18 17:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Datos de programa\SACore
[2007/02/15 20:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Ascaron Entertainment
[2012/06/06 02:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Auslogics
[2008/05/10 02:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Autodesk
[2012/06/15 20:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Curiolab
[2010/07/31 01:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Desktop Sidebar
[2010/04/28 16:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Glory of the Roman Empire
[2010/08/16 15:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Got Game Entertainment
[2010/10/16 00:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ICQ
[2005/04/14 23:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ICQLite
[2009/03/06 19:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Imperium Romanum
[2005/04/09 12:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Leadertech
[2009/12/09 19:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Marvell
[2010/08/16 14:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Merscom
[2006/02/26 13:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\MSN Search Toolbar
[2007/03/18 14:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\OfficeUpdate12
[2008/12/10 23:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Skinux
[2007/10/28 14:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Smart Recorder
[2012/06/16 22:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Systweak
[2012/06/22 00:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Thinstall
[2010/12/29 21:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Vso
[2006/11/15 23:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\WholeSecurity
[2008/12/06 23:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Desktop Search
[2008/04/16 18:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Live Writer
[2009/03/09 20:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Search
[2010/12/29 23:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\XMedia Recode
[2012/06/20 22:42:31 | 000,000,430 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/06/17 02:19:00 | 000,000,344 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2012/06/21 15:05:45 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
[2012/06/20 22:13:00 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
[2012/06/22 05:37:02 | 000,000,532 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job
[2012/06/22 13:19:36 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{625482C6-11A8-43E9-BC0A-A608AD8BEA0E}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2010/05/20 19:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011/09/14 15:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Adobe
[2006/02/11 23:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\AdobeAUM
[2008/05/09 01:57:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\AdobeUM
[2006/11/21 15:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Ahead
[2010/11/20 14:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Apple Computer
[2008/12/11 00:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Arcsoft
[2007/02/15 20:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Ascaron Entertainment
[2007/10/20 15:05:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ATI
[2012/06/06 02:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Auslogics
[2008/05/10 02:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Autodesk
[2007/10/27 13:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Creative
[2012/06/15 20:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Curiolab
[2005/04/07 20:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\CyberLink
[2010/07/31 01:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Desktop Sidebar
[2007/12/07 15:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\DivX
[2008/04/07 12:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\dvdcss
[2010/04/28 16:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Glory of the Roman Empire
[2006/11/28 23:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Google
[2010/08/16 15:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Got Game Entertainment
[2005/04/09 14:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Help
[2009/12/09 18:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Hewlett-Packard
[2009/12/09 18:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\HP
[2012/04/23 14:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\HpUpdate
[2010/10/16 00:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ICQ
[2005/04/14 23:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ICQLite
[2005/04/06 20:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Identities
[2009/03/06 19:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Imperium Romanum
[2007/06/19 18:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\InstallShield
[2008/12/11 00:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\KodakCredentialStore
[2005/04/09 12:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Leadertech
[2007/07/27 20:59:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Logitech
[2005/04/09 14:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Macromedia
[2012/06/06 01:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Malwarebytes
[2009/12/09 19:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Marvell
[2012/06/08 17:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\McAfee
[2010/08/16 14:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Merscom
[2011/09/14 15:41:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\xp\Datos de programa\Microsoft
[2009/08/23 14:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Mozilla
[2006/02/26 13:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\MSN Search Toolbar
[2007/03/18 14:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\OfficeUpdate12
[2008/12/10 23:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Skinux
[2012/06/06 15:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Skype
[2010/10/30 16:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\skypePM
[2007/10/28 14:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Smart Recorder
[2005/09/03 01:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Sonic
[2006/08/27 14:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Sun
[2012/06/08 13:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\SUPERAntiSpyware.com
[2012/06/16 22:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Systweak
[2012/06/22 00:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Thinstall
[2010/12/29 21:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Vso
[2006/11/15 23:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\WholeSecurity
[2008/12/06 23:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Desktop Search
[2008/04/16 18:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Live Writer
[2009/03/09 20:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Search
[2008/12/09 21:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\WinRAR
[2010/12/29 23:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\XMedia Recode
[2006/07/24 20:05:25 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\xp\Datos de programa\yahoo!
[2005/04/09 18:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Yahoo! Messenger
 
< %APPDATA%\*.exe /s >
[2010/12/29 20:38:02 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\xp\Datos de programa\inst.exe
[2007/03/20 00:40:39 | 021,277,080 | ---- | M] (                            ) -- C:\Documents and Settings\xp\Datos de programa\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe
[2010/08/13 20:34:50 | 000,003,584 | R--- | M] () -- C:\Documents and Settings\xp\Datos de programa\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
[2010/08/16 16:04:41 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\xp\Datos de programa\Microsoft\Installer\{126A2BF4-FF8D-431D-9D5F-DB40255DE069}\ARPPRODUCTICON.exe
[2010/08/16 16:04:41 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\xp\Datos de programa\Microsoft\Installer\{126A2BF4-FF8D-431D-9D5F-DB40255DE069}\readme.txt_126A2BF4FF8D431D9D5FDB40255DE069.exe
[2010/08/16 16:04:41 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\xp\Datos de programa\Microsoft\Installer\{126A2BF4-FF8D-431D-9D5F-DB40255DE069}\RushForBerlin.exe1_126A2BF4FF8D431D9D5FDB40255DE069.exe
[2010/08/16 16:04:41 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\xp\Datos de programa\Microsoft\Installer\{126A2BF4-FF8D-431D-9D5F-DB40255DE069}\RushForBerlin.exe_126A2BF4FF8D431D9D5FDB40255DE069.exe
[2010/08/16 16:04:41 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\xp\Datos de programa\Microsoft\Installer\{126A2BF4-FF8D-431D-9D5F-DB40255DE069}\RushForBerlin.url_126A2BF4FF8D431D9D5FDB40255DE069.exe
[2010/08/16 16:04:41 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\xp\Datos de programa\Microsoft\Installer\{126A2BF4-FF8D-431D-9D5F-DB40255DE069}\UNINST_Uninstall_R_126A2BF4FF8D431D9D5FDB40255DE069.exe
[2009/11/25 18:49:36 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\xp\Datos de programa\Microsoft\Installer\{3101CB58-3482-4D21-AF1A-7057FC935355}\ARPPRODUCTICON.exe
[2007/10/20 14:59:05 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\xp\Datos de programa\Microsoft\Installer\{31DABA20-10A1-4746-9D9F-57955B8DFF66}\ARPPRODUCTICON.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010/04/11 18:04:04 | 109,072,752 | ---- | M] (Microsoft Corporation) -- C:\directx_feb2010_redist.exe
[2007/10/22 03:31:06 | 000,502,792 | ---- | M] (Microsoft Corporation) -- C:\DXSETUP.exe
[2012/06/04 20:59:12 | 000,465,456 | ---- | M] () -- C:\PoliFix.exe
 
< MD5 for: AGP440.SYS  >
[2004/08/20 14:00:00 | 018,785,875 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/01/23 20:00:04 | 023,895,938 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010/01/23 20:00:04 | 023,895,938 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004/08/20 14:00:00 | 018,785,875 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/01/23 20:00:04 | 023,895,938 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010/01/23 20:00:04 | 023,895,938 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008/04/14 04:18:21 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2744C713F0217BD8FFD13E2EF731371C -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:18:21 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2744C713F0217BD8FFD13E2EF731371C -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 04:18:21 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2744C713F0217BD8FFD13E2EF731371C -- C:\WINDOWS\system32\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008/04/14 04:18:28 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=CD2BBB52DFAAB666B812A51B1E96F2A0 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:18:28 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=CD2BBB52DFAAB666B812A51B1E96F2A0 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 04:18:28 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=CD2BBB52DFAAB666B812A51B1E96F2A0 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 20:46:46 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=E24DE816D7A868A11A320C0A09164BFF -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 20:46:46 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=E24DE816D7A868A11A320C0A09164BFF -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008/04/14 04:18:35 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=B6BE3C96CD33336A551DB3F2299A8E69 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:18:35 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=B6BE3C96CD33336A551DB3F2299A8E69 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 04:18:35 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=B6BE3C96CD33336A551DB3F2299A8E69 -- C:\WINDOWS\system32\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007/03/08 17:50:25 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=237FB93C6B4330D8EE7D2448CF71C5ED -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2005/03/02 20:20:22 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=37CE819E8ECB3517B9981A886876EF72 -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2008/04/14 04:18:45 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=DA8898129E0075C7DE4DEE457514A73C -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/14 04:18:45 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=DA8898129E0075C7DE4DEE457514A73C -- C:\WINDOWS\system32\dllcache\user32.dll
[2008/04/14 04:18:45 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=DA8898129E0075C7DE4DEE457514A73C -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008/04/14 04:19:14 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=F5B8745B9A90EAF17E30C0574E049AA3 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 04:19:14 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=F5B8745B9A90EAF17E30C0574E049AA3 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 04:19:14 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=F5B8745B9A90EAF17E30C0574E049AA3 -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Archivos de programa\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 04:19:15 | 000,510,976 | ---- | M] (Microsoft Corporation) MD5=213C80D912880BBF04453D09FFCCB28C -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:19:15 | 000,510,976 | ---- | M] (Microsoft Corporation) MD5=213C80D912880BBF04453D09FFCCB28C -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 04:19:15 | 000,510,976 | ---- | M] (Microsoft Corporation) MD5=213C80D912880BBF04453D09FFCCB28C -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004/08/20 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004/08/20 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008/11/07 17:45:26 | 000,585,728 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008/11/05 14:01:23 | 000,147,456 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2008/11/07 17:45:26 | 041,783,296 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008/11/07 17:45:26 | 009,699,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2012/06/04 16:34:33 | 000,163,840 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\MFC71KORR.dll
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\xvid.ax:SummaryInformation
@Alternate Data Stream - 866 bytes -> C:\Archivos de programa\Outlook Express:keadL8gUyqkM3X0b9tYi
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:07BF512B

< End of report >

--- --- ---

[/code]

Was denkst Du nun ?

P.S. ich hätte da noch eine grundsätzliche Frage. Vertragen sich McAfee und Malwarebytes, wenn sie gleichzeitig zur Computerüberwachung eingeschaltet sind ? Danke

cosinus · 22.06.2012, 13:15

Code:

ATTFilter

O1 - Hosts: 127.0.0.1	license.superantispyware.com

Was willst du mit diesemEintrag bezwecken?

martinalejan · 22.06.2012, 13:24

den Eintrag habe ich nicht gemacht ... ich habe ihn aber gesehen, und da ich SUPERAntiSpyware ja installiert habe, dachte ich, das wird schon richtig so sein und er sei o.k.

cosinus · 22.06.2012, 13:46

Zitat:

den Eintrag habe ich nicht gemacht ...

Ja wohl aber der Installer von SUPERAntiSpyware den du aus einer dubiosen/illegalen Quelle hast

Sry aber bei illegaler Software gibt es hier nur noch Hilfe zur Datensicherung + Neuinstallation von Windows

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!

In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials

martinalejan · 22.06.2012, 14:01

So, jetzt habe ich SUPERAntiSpyware gelöscht (ich glaube sogar, dass ein Bekannter mir das draufgespielt hat). Ich habe erst jetzt durch Eure Seite davon erfahren, wie gefährlich solche Software sein kann und mir sowieso vorgenommen, nichts mehr in dieser Richtung zuzulassen. Sowieso arbeitet meist mein Bekannter an besagtem Rechner und ich poste hier im Forum von einem anderen Rechner aus (mein Bekannter gibt mir die logs auf einem Stick und ich klebe sie hier im Forum ein) - ich selbst hätte gar nicht genügend Erfahrung, um sowas alleine zu machen. Wollt Ihr wirklich eine alte Sünde so hart strafen und mir nicht mehr helfen, auch wenn ich Besserung gelobe ? Ich bitte um Nachsicht ...

cosinus · 22.06.2012, 14:03

Nein, wenn wir illegale Software finden, gibt es prinzipiell keine Hilfe mehr bei der Bereinigung sondern nur noch Hinweise zur Datensicherung und Neuinstallation
Fragen diesbzgl. werden auch beantwortet nur eben wird nicht mehr bereinigt.

martinalejan · 22.06.2012, 14:08

Eine Sünde in der Vergangenheit und jetzt so eine riesen Strafe ? Dadurch kann ich (und Ihr auch nicht) die Sünde auch nicht mehr ungeschehen machen ...

cosinus · 24.06.2012, 15:00

Wir haben hier aber nunmal diese Regel!
Außerdem stand da auch, dass wir ohne weitere Diskussion die Bereinigung einstellen und du versuchst jetzt trotzdem eine Diskussion darüber anzufangen. Wenn ich bei dir eine Ausnahme mah fragen sich alle anderen mit illegaler Software, warum man bei ihnen keine macht und schon wäre die Regel as absurdum geführt!

Die nächsten Beiträge von dir handeln jetzt nur noch über fragen zwecks Bereinigung und Neuinstallation von Windows, auf alles weitere will ich nicht mehr eingehen

22.06.2012, 13:15	#18
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	2. Google Umleitung auf "secure.bidvertiser" Code: ATTFilter O1 - Hosts: 127.0.0.1 license.superantispyware.com Was willst du mit diesemEintrag bezwecken? __________________ __________________

22.06.2012, 14:03	#22
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	2. Google Umleitung auf "secure.bidvertiser" Nein, wenn wir illegale Software finden, gibt es prinzipiell keine Hilfe mehr bei der Bereinigung sondern nur noch Hinweise zur Datensicherung und Neuinstallation Fragen diesbzgl. werden auch beantwortet nur eben wird nicht mehr bereinigt. __________________ Logfiles bitte immer in CODE-Tags posten

2. Google Umleitung auf "secure.bidvertiser"

Log-Analyse und Auswertung: 2. Google Umleitung auf "secure.bidvertiser"