2. Google Umleitung auf "secure.bidvertiser"

OTL Extras logfile created on: 17/06/2012 2:47:41 - Run 1
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Documents and Settings\xp\Escritorio\VIRUS
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 74.69% Memory free
4.85 Gb Paging File | 4.17 Gb Available in Paging File | 86.01% Paging File free
Paging file location(s): c:\pagefile.sys 3070 3070 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 149.05 Gb Total Space | 30.22 Gb Free Space | 20.28% Space Free | Partition Type: NTFS
 
Computer Name: MARTINAKILB2 | User Name: xp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found
.reg [@ = regfile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP" = 5985:TCP:*:Disabled:Administración remota de Windows 
"80:TCP" = 80:TCP:*:Disabled:Administración remota de Windows - Modo de compatibilidad (HTTP de entrada) 
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Archivos de programa\Yahoo!\Messenger\YServer.exe" = C:\Archivos de programa\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Simulati\PATRIZIER II Gold\Patrizier 2.exe" = C:\Simulati\PATRIZIER II Gold\Patrizier 2.exe:*:Enabled:Patrizier 2 -- ()
"C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe" = C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Archivos de programa\Anno 1701\Anno1701.exe" = C:\Archivos de programa\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- (Related Designs Software GmbH)
"C:\Simulati\simcity3000\Apps\Updater\UPDATER.EXE" = C:\Simulati\simcity3000\Apps\Updater\UPDATER.EXE:*:Enabled:SC3UpdaterMFC -- ()
"C:\Archivos de programa\Steam\Steam.exe" = C:\Archivos de programa\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe" = C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe:*:Enabled:DIE SIEDLER - Aufstieg eines Königreichs -- (Blue Byte GmbH)
"C:\Archivos de programa\Anno 1701\Anno1701AddOn.exe" = C:\Archivos de programa\Anno 1701\Anno1701AddOn.exe:*:Enabled:Anno 1701 Add-On 01 -- (Related Designs Software GmbH)
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Asistente para transferencia de archivos y configuraciones -- (Microsoft Corporation)
"C:\Archivos de programa\RoteListe\bin\pythonw.exe" = C:\Archivos de programa\RoteListe\bin\pythonw.exe:*:Enabled:pythonw -- ()
"C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Archivos de programa\Google\Google Talk\googletalk.exe" = C:\Archivos de programa\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Archivos de programa\Motorola\Software Update\msu.exe" = C:\Archivos de programa\Motorola\Software Update\msu.exe:*:Enabled:msu -- (Motorola)
"C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\extra1\bin\Settlers6.exe" = C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\extra1\bin\Settlers6.exe:*:Enabled:DIE SIEDLER - Aufstieg eines Königreichs - Reich des Ostens -- (Blue Byte GmbH)
"C:\Archivos de programa\eMule\emule.exe" = C:\Archivos de programa\eMule\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net)
"C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Archivos de programa\GameShadow\GameShadow.exe" = C:\Archivos de programa\GameShadow\GameShadow.exe:*:Enabled:GameShadow -- (GameShadow Ltd)
"C:\Archivos de programa\GameShadow\GSDownload.exe" = C:\Archivos de programa\GameShadow\GSDownload.exe:*:Enabled:Downloader -- (GameShadow Ltd)
"C:\Simulati\East India Company\eastindia.exe" = C:\Simulati\East India Company\eastindia.exe:*:Enabled:East India Company Application -- (Nitro Games Ltd.)
"C:\Simulati\East India Company\piratebay.exe" = C:\Simulati\East India Company\piratebay.exe:*:Enabled:East India Company Application -- (Nitro Games Ltd.)
"C:\Simulati\XIII Century Gold Edition\engine.exe" = C:\Simulati\XIII Century Gold Edition\engine.exe:*:Enabled:XIII Century Gold Edition -- (Unicorn Games)
"C:\Archivos de programa\ICQ6\ICQ.exe" = C:\Archivos de programa\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, Inc.)
"C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe" = C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{048CDCD6-124C-11D3-825E-00C04F6843FE}" = Diseño de fondo Hojas verdes
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Ayudante para el inicio de sesión de Windows Live ID
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{0FF3A504-4705-11D2-B55D-00609733EA48}" = IS Scan 2
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{126A2BF4-FF8D-431D-9D5F-DB40255DE069}" = Rush For Berlin
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{1E187923-04E5-4E1F-9BF2-40E32D93A1C4}" = HP Color LaserJet CP1210 Series Toolbox
"{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}" = Adobe Media Player
"{1FCC8C70-66B9-420D-942C-2C2A8441C744}" = Imperial Glory
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Herramienta de carga de Windows Live
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{26DDB12A-CB5E-4C0B-89AF-817CA0E59CC9}" = HP LaserJet Toolbox
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{28F46DFD-F535-4306-BDEB-C5E7FCA2026E}" = Windows Live Sync
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BCD8416-F432-4642-BF33-582720A0265C}" = Windows Live Writer
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Betaversion)
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{309B6FB2-F132-4DF8-9CDC-33D1169EE47B}" = StarMoney 6.0 
"{30C4DDA6-1247-11D3-825E-00C04F6843FE}" = Diseño de fondo Tela pintada
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{31DABA20-10A1-4746-9D9F-57955B8DFF66}" = Free Games Offer, Desktop Shortcut
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{33549D3C-8EA6-4E96-8B8B-550817438FCA}" = LOADSTREET Perfect Startup
"{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{38A0481D-544D-4C01-BB32-39332391D012}" = Windows Live Call
"{39CE3C17-846D-4D9B-8B3E-C01A4B90FB73}" = Virtual Earth 3D (Beta)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{47CC11F6-124A-11D3-825E-00C04F6843FE}" = Diseño de fondo Río oscuro
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{5100250E-124B-11D3-825E-00C04F6843FE}" = Diseño de fondo Estrellas azules
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{53480060-85DE-4F43-9AFE-6E9D8FB8F2C1}" = O&O SafeErase
"{53480230-2DE4-44A9-919C-39381946614F}" = O&O UnErase
"{54360A73-B080-4A69-BFD4-53C190DD3AB0}" = HP Color LaserJet CP1210 Series
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5783F2D7-6001-0409-0002-0060B0CE6BBA}" = AutoCAD 2008 - English
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{625BD732-ACDF-4552-BF22-98EBB413B6F3}" = McAfee Shredder
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{651CFCEE-1249-11D3-825E-00C04F6843FE}" = Diseño de fondo Rayas finas
"{66D82F7B-CA1E-4368-963A-33A097929645}" = Windows Live Mail
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = Power Cinema
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{722EAE80-82CB-42D4-87CE-38D849D99AED}" = Guía Campsa 2005
"{74299A64-3EB6-4260-AAFB-8DC62A70E85E}" = Football Generation
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7A4C82FE-1248-11D3-825E-00C04F6843FE}" = Diseño del papel tapiz
"{80A29FE1-4390-4996-B213-EB703832D8B3}" = Galería fotográfica de Windows Live
"{821DABD6-26F2-49E5-AE55-40A589ADBE6D}" = DER ERSTE KAISER: Aufstieg des Reichs der Mitte 1.0.1.0
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{853BAA28-5C1E-4678-ADAC-6A37B8A526AB}" = Windows Live Essentials
"{85AC0FFA-643D-3103-9310-7086ECB0C36C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}" = AeroFly Professional Deluxe
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - Der Fluch des Drachen
"{90BE577A-41DC-4D1F-A91B-6C8D14CCA783}" = VI Vademecum Internacional 2005
"{90F80407-6000-11D3-8CFE-0150048383C9}" = Tool zum Entfernen verborgener Daten
"{91077588-AC04-4886-B20B-C8CF1A122F27}" = The Guild 2 Venice
"{91110C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92170C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft FrontPage 2002
"{922D9CCA-4317-425F-9AA5-94829DF8BA6D}" = Motorola Software Update
"{92E4A65F-7007-3357-A69A-167F71A337BD}" = Microsoft .NET Framework 3.5 Language Pack SP1 - esn
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{9850E3EB-69A6-428C-9A23-C64E650809CB}" = Cliente de Windows Rights Management con Service Pack 2
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{99D42EC7-652B-4819-B3E6-6450C815E03F}" = Odyssey Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3B7F54-C6E2-4A74-9937-9C6EBA10C4A2}" = Victoria 2
"{9D7F1E46-0E63-11D3-8257-00C04F6843FE}" = Diseño de fondo Baxter
"{9DEBE760-F2D0-11DD-6784-0195548618BE}" = GameShadow V3.0
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2172ACA-FFA8-4808-BD20-08565C7390F9}" = OGA Notifier 1.7.0105.35.0
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A6C8DB55-F380-44b6-8EC5-5B65DF25F068}_is1" = XIII Century Gold Edition
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1" = Auslogics Disk Defrag Professional
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B1544704-124C-11D3-825E-00C04F6843FE}" = Diseño de fondo Bumerán
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B4B6D789-EF42-39D5-B36B-A1282951E0D5}" = Microsoft .NET Framework 4 Extended ESN Language Pack
"{B7666229-351B-47D9-AA6F-DF777CF04BBF}" = Caesar IV
"{B975F4A1-63B6-11D4-BFEC-005004AF2D32}" = Monopoly Tycoon
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BD1BBE79-BB25-460D-A2BD-D496A5E13786}" = Windows Live Messenger
"{BD202930-5F70-4B35-B875-1E28604F328D}" = Logitech Communications Manager
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam-Software
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector Pro
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBDF2C61-C3C9-4AC0-9415-B4502A930DCD}_is1" = Titanic: Der Tauchfahrt-Simulator
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D2BD3C8F-9D7F-472B-BDF9-7309A5CB813A}" = Motorola Driver Installation 3.5.0
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte)
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{D7E7EC5E-4349-4E40-B37C-4342188B86EC}" = Monopoly
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 Königs- Edition
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EB4E949B-B9E4-42C7-9D80-44DC71588BC7}_is1" = Vademecum Internacional 2006
"{EB4E949B-B9E4-42C7-9D80-55DC71588BC7}_is1" = Vademecum Internacional 2007
"{EC905264-BCFE-423B-9C42-C3A106266790}" = SP2 con compatibilidad hacia atrás con cliente de Windows Rights Management
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BA5720-E189-11D4-9EA1-0050BAE317E1}" = PowerVCR II
"{F286EFDF-417F-482E-828C-9A05BF93FCB8}_is1" = Rise of Prussia
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Extensión de HighMAT para el Asistente para grabación de CD de Microsoft Windows XP
"{FDE0D0EB-486C-48B9-A6B5-4BEAA078AF73}" = Medieval Lords
"{FFCB1B04-5B1C-4A17-AA60-CA6F00BA50F9}" = StarMoney
"AC3Filter_is1" = AC3Filter 1.62b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Aggression - Reign over Europe_is1" = Aggression - Reign over Europe
"Airport Inc" = Airport Inc
"Airport Tycoon 3_is1" = Airport Tycoon 3
"All ATI Software" = ATI - Utilidad de desinstalación de software
"America" = America
"American Conquest - Edición de oro" = American Conquest - Edición de oro
"Anno 1503 Calculator" = Anno 1503 Calculator
"ArtMoney SE_is1" = ArtMoney SE v7.22
"ATI Display Driver" = ATI Display Driver
"AutoCAD 2008 - English" = AutoCAD 2008 - English
"Autodesk Design Review 2009" = Autodesk Design Review 2009
"Bink and Smacker" = Bink and Smacker
"Birth of America_is1" = Birth of America 1.09
"CCleaner" = CCleaner
"Cities XL 2011" = Cities XL 2011
"Citybuilders - S6 Szenario - Siedler 6" = Citybuilders - S6 Szenario - Siedler 6 1.0.0 
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Corel Applications" = Corel Applications
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Crown Of Glory1.2.25" = Crown Of Glory
"Crown of the North" = Crown of the North
"Device Control" = Gerätesteuerung
"Die Gilde Gold Update v. 2.06 " = Die Gilde Gold Update v. 2.06 
"Die Gilde Gold-Edition" = Die Gilde Gold-Edition
"Digital Camera Enhancer_is1" = Digital Camera Enhancer
"DivX Setup.divx.com" = Instalación de DivX
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.1.2.0 Beta Ghosthunter release
"EarthsimChannel" = Earthsim
"East India Company + Pirate Bay Addon_is1" = East India Company and Pirate Bay Addon
"EAXSet" = Creative EAX-Einstellungen
"eMule" = eMule
"ESET Online Scanner" = ESET Online Scanner v3
"Europa Universalis II" = Europa Universalis II
"Exterminate It!" = Exterminate It!
"ffdshow_is1" = ffdshow [rev 2322] [2008-11-14]
"For the Glory_is1" = For the Glory
"GamersGate Downloader_is1" = GamersGate Downloader
"GameSpy Arcade" = GameSpy Arcade
"GameWiz32" = GameWiz32
"getPlus(R)_ocx" = getPlus(R)_ocx
"Glory of the Roman Empire" = Glory of the Roman Empire
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HP Color LaserJet CP1210 Series" = HP Color LaserJet CP1210 Series
"I am an Air Traffic Controller3" = I am an Air Traffic Controller3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InCD!UninstallKey" = InCD
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"KnightsAndMerchants" = KnightsAndMerchants
"Lament for the Queen_is1" = Lament for the Queen
"LHTTSSPE" = L&H TTS3000 Español
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"McAfee Virtual Technician" = McAfee Virtual Technician
"MediaShow" = Medi@Show
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - esn" = Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Extended ESN
"mIRC" = mIRC
"Mobility" = Mobility
"MS Access 97 SP2" = MS Access 97 SP2
"MSCSR" = Microsoft Speech Recognition Engine 4.0 (English)
"MUSICMATCH Jukebox" = MUSICMATCH Jukebox
"myphotobook" = myphotobook 1.0
"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition
"NeroVision!UninstallKey" = Nero Digital
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMPUninstallKey" = Nero Media Player
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"OpenAL" = OpenAL
"Patrizier II Gold_is1" = Patrizier II Gold
"Police" = Police
"Port Royale 2" = Port Royale 2
"QcDrv" = Controlador de Logitech® Camera
"Queue" = Queue (remove only)
"RegClean Pro_is1" = RegClean Pro
"Robin Hood: The Legend Of Sherwood" = Robin Hood: The Legend Of Sherwood
"ROTE LISTE® CD" = ROTE LISTE® CD
"SimCity 3000 Unlimited" = SimCity 3000 Unlimited
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"SPEAKER" = Creative Lautsprechereinstellungen
"ST6UNST #1" = Bomi's ANNO 1503-Tools
"ST6UNST #2" = AnnoEinstellung
"ST6UNST #3" = ATCsimulator2 by AEROSOFT Corporation
"SysadmV10" = Sysadm
"SystemRequirementsLab" = System Requirements Lab
"TextBridge Classic" = TextBridge Classic
"The Tudors 1.0.9" = The Tudors
"TISV10" = Tis
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Victoria" = Victoria
"VideoLive Mail" = VideoLive Mail 4.0
"VOX 3D Planer_is1" = VOX 3D Planer
"Warzone2100" = Warzone2100
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Webpage Capture" = Webpage Capture
"WebRipper" = WebRipper 1.25
"WIC" = Windows Imaging Component
"Windows Doctor_is1" = Windows Doctor 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Reproductor de Windows Media 11
"Windows Mobile Device Handbook" = Recursos de Windows Mobile
"Wine Tycoon" = Wine Tycoon
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 3.74
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wolfschanze_is1" = Wolfschanze
"World War One Gold_is1" = World War One v1.0.8
"XMedia Recode" = XMedia Recode 2.2.9.7
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Yahoo! Companion" = Barra Yahoo! con bloqueador de ventanas emergentes
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Messenger Explorer Bar" = Yahoo! Messenger Explorer Bar
"YInstHelper" = Yahoo! Install Manager
"YRefresher_is1" = Yrefresher 1.00
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"961737271c92f180" = GamersGate Downloader
"ANNO 1503-Szenario - BEC 2005 - Der Neuanfang" = ANNO 1503-Szenario - BEC 2005 - Der Neuanfang
"ANNO 1503-Szenario - BOC 2005 - Eiertanz" = ANNO 1503-Szenario - BOC 2005 - Eiertanz
"ANNO 1503-Szenario - BOC 2006 - Transportmeister" = ANNO 1503-Szenario - BOC 2006 - Transportmeister
"ANNO 1503-Szenario - Prinzessin VI" = ANNO 1503-Szenario - Prinzessin VI
"ANNO 1503-Szenario - Weisse Sonne" = ANNO 1503-Szenario - Weisse Sonne
"Tower Simulator" = Tower Simulator
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16/06/2012 4:16:08 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 4:21:16 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 8:56:22 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 9:01:43 | Computer Name = MARTINAKILB2 | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\mcshield.exe
 took longer than 90000 ms to complete a request.    The process will be terminated.
Thread
 id : 1804 (0x70c)    Thread address : 0x7C91E514    Thread message :      Build VSCORE.14.4.0.387
 / 5400.1158   Object being scanned = \Device\HarddiskVolume1\Simulati\ANNO 1503 Königs-
 Edition\InselEditor\Landscape.exe   by C:\WINDOWS\explorer.exe   4(0)(0)   4(0)(0)   7200(0)(0)

 7595(0)(0)   7005(0)(0)   7004(0)(0)   5006(0)(0)   5004(0)(0)  
 
Error - 16/06/2012 9:19:24 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 16:10:24 | Computer Name = MARTINAKILB2 | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\mcshield.exe
 took longer than 90000 ms to complete a request.    The process will be terminated.
Thread
 id : 3916 (0xf4c)    Thread address : 0x7C91E514    Thread message :      Build VSCORE.14.4.0.387
 / 5400.1158   Object being scanned = \Device\HarddiskVolume1\WINDOWS\system32\snmpapi.dll

 by C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe   4(0)(0)   4(0)(0)

 7200(0)(0)   7595(0)(0)   7005(0)(0)   7004(0)(0)   5006(0)(0)   5004(0)(0)  
 
Error - 16/06/2012 19:55:28 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 20:11:20 | Computer Name = MARTINAKILB2 | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed.  Engine returned error : 8
 
Error - 16/06/2012 20:13:06 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 20:36:31 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
[ System Events ]
Error - 08/06/2012 6:23:49 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
Error - 08/06/2012 6:43:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio Realtek EAPPkt Protocol no pudo iniciarse debido al siguiente
 error:   %%2
 
Error - 08/06/2012 6:43:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7002
Description = El servicio A4SII300 depende del grupo  7Parallel arbitrat y ningún
 miembro de este grupo se inició.
 
Error - 08/06/2012 6:43:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio Kodak Camera Connection Software no pudo iniciarse debido
 al siguiente error:   %%3
 
Error - 08/06/2012 6:45:26 | Computer Name = EE96E591A11547D | Source = DCOM | ID = 10010
Description = El servidor {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} no se registró 
con DCOM dentro del tiempo de espera requerido.
 
Error - 08/06/2012 7:37:45 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
Error - 08/06/2012 7:41:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
Error - 08/06/2012 7:46:48 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
Error - 08/06/2012 7:51:06 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
Error - 08/06/2012 8:38:16 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
 
< End of report >
         

OTL logfile created on: 17/06/2012 2:47:40 - Run 1
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Documents and Settings\xp\Escritorio\VIRUS
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 74.69% Memory free
4.85 Gb Paging File | 4.17 Gb Available in Paging File | 86.01% Paging File free
Paging file location(s): c:\pagefile.sys 3070 3070 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 149.05 Gb Total Space | 30.22 Gb Free Space | 20.28% Space Free | Partition Type: NTFS
 
Computer Name: MARTINAKILB2 | User Name: xp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/06/17 02:37:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xp\Escritorio\VIRUS\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/03/21 21:17:10 | 000,795,600 | ---- | M] (McAfee, Inc.) -- c:\Archivos de programa\McAfee.com\Agent\mcupdate.exe
PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee.com\Agent\mcagent.exe
PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\mfefire.exe
PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\mcshield.exe
PRC - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe
PRC - [2011/04/08 13:59:50 | 000,419,904 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee\MAT\McPvTray.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe
PRC - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee Online Backup\MOBKbackup.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/07/20 13:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/10 13:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\KHAL2\KHALMNPR.exe
PRC - [2008/04/14 04:18:57 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/29 17:06:10 | 001,077,248 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\Archivos de programa\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
PRC - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007/01/12 03:09:28 | 000,488,984 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2006/03/23 18:06:38 | 000,880,128 | ---- | M] (Nero AG) -- C:\Archivos de programa\Ahead\InCD\InCDsrv.exe
PRC - [2005/10/31 10:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Archivos de programa\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2005/07/19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005/06/08 16:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 15:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Logitech\Video\FxSvr2.exe
PRC - [2004/08/14 04:42:20 | 000,036,864 | ---- | M] () -- C:\Archivos de programa\mobile PhoneTools\WatchDog.exe
PRC - [2004/04/13 06:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe
PRC - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2010/04/13 20:11:16 | 000,077,624 | ---- | M] () -- C:\Archivos de programa\McAfee Online Backup\librs2.dll
MOD - [2009/07/20 13:27:14 | 000,017,936 | ---- | M] () -- C:\Archivos de programa\Logitech\SetPoint\khalwrapper.dll
MOD - [2008/09/16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Archivos de programa\WinRAR\RarExt.dll
MOD - [2004/08/14 04:42:20 | 000,036,864 | ---- | M] () -- C:\Archivos de programa\mobile PhoneTools\WatchDog.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (KodakCCS)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/04/23 14:36:57 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/19 08:21:16 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Archivos de programa\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/07/20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/05/07 20:52:47 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/03/23 18:06:38 | 000,880,128 | ---- | M] (Nero AG) [Auto | Running] -- C:\Archivos de programa\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (mfeavfk01)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2012/06/15 21:24:42 | 000,039,936 | ---- | M] (CurioLab S.M.B.A.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\extit.sys -- (ExterminateIt)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/02/22 13:29:46 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/11 14:29:16 | 000,064,048 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\McPvDrv.sys -- (McPvDrv)
DRV - [2010/04/13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009/06/17 18:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 18:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2009/06/17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/03/30 23:46:20 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008/02/29 03:13:46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007/10/23 11:45:00 | 000,269,824 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187.sys -- (RTLWUSB)
DRV - [2007/09/29 05:05:59 | 002,456,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/09/05 13:35:46 | 000,377,920 | R--- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\A5AGU.sys -- (A5AGU)
DRV - [2007/07/05 19:04:58 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007/06/20 15:57:46 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/06/15 11:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/03/17 16:02:22 | 000,053,760 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV76.sys -- (SSHDRV76)
DRV - [2006/08/27 15:58:06 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2006/07/25 11:27:16 | 000,357,568 | R--- | M] (THOMSON Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BT4501G.sys -- (BT4501G)
DRV - [2006/03/26 14:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/03/24 18:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006/03/23 18:15:58 | 000,102,016 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2006/03/23 18:15:56 | 000,033,536 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2006/03/23 18:15:56 | 000,029,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2006/03/23 18:00:28 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2006/03/20 18:34:56 | 001,452,032 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\p17filt.sys -- (p17filt)
DRV - [2006/03/13 11:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/09/01 12:03:04 | 000,005,888 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\imagedrv.sys -- (Imagedrv)
DRV - [2005/05/27 10:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/04/07 10:53:36 | 000,028,164 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2005/01/10 19:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 19:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/11/05 17:43:58 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004/10/08 12:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2004/08/03 23:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004/05/13 15:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/05/13 13:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/12/01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/09/06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003/08/19 17:27:20 | 000,333,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)
DRV - [2003/07/16 22:28:02 | 000,017,142 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CBTNDIS5.sys -- (CBTNDIS5)
DRV - [2003/05/22 18:44:44 | 000,670,203 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51)
DRV - [2003/05/14 16:01:42 | 000,062,673 | R--- | M] (Funk Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\odysseyIM3.sys -- (odysseyIM3)
DRV - [2002/09/26 14:41:58 | 000,029,312 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (sisagp)
DRV - [2002/07/29 14:15:26 | 000,024,288 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)
DRV - [2002/07/29 14:14:00 | 000,424,704 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134) MEDION (7134)
DRV - [2002/04/19 02:15:46 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/04/16 14:56:20 | 000,004,608 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide)
DRV - [2001/08/17 23:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [1999/09/27 10:47:34 | 000,014,656 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BjsPort.sys -- (BjsPort)
DRV - [1998/02/26 15:10:28 | 000,025,632 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\a4sii300.sys -- (A4SII300)
DRV - [1996/02/26 19:44:18 | 000,006,144 | ---- | M] (Corel Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\crlscsi.sys -- (crlscsi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, = 
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {21975B79-4ED1-4A5E-BA7A-948F9C16025A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{21975B79-4ED1-4A5E-BA7A-948F9C16025A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLD_de
IE - HKCU\..\SearchScopes\{42DE7406-9A42-409A-A612-CC489BD23278}: "URL" = hxxp://www.rtl.de/websuche.php?kw={searchTerms}
IE - HKCU\..\SearchScopes\{58AA2032-3F73-444B-9BEA-F32512868136}: "URL" = hxxp://es.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{63F700A0-5B73-435A-AFC7-887C52E4B460}: "URL" = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://localhost:4664/search&s=ROOVnf0gwQxsiPZjAraOBpCh8do?q={searchTerms}
IE - HKCU\..\SearchScopes\{8E0E7E7C-1B3A-4772-B7BD-AFAFC4BAAF35}: "URL" = hxxp://suche.web.de/search/web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{E820C180-59B0-451C-9183-258058854C4A}: "URL" = hxxp://suche.lycos.de/cgi-bin/pursuit?query={searchTerms}
IE - HKCU\..\SearchScopes\{EF80DC8C-4595-4845-8E4D-D2BD44E3DACF}: "URL" = hxxp://suche.freenet.de/suche?query={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Archivos de programa\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Archivos de programa\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\archiv~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Archivos de programa\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Archivos de programa\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.2: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Archivos de programa\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: c:\Archivos de programa\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=2.5: C:\Archivos de programa\Virtual Earth 3D\ [2009/06/02 17:54:52 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Archivos de programa\Virtual Earth 3D\ [2009/06/02 17:54:52 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Archivos de programa\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Datos de programa\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Archivos de programa\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Archivos de programa\Archivos comunes\McAfee\SystemCore [2012/06/17 02:34:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Archivos de programa\McAfee\SiteAdvisor [2012/06/15 13:41:51 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012/06/15 23:20:03 | 000,000,834 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	license.superantispyware.com
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Archivos de programa\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\ScriptSn.20120608160844.dll (McAfee, Inc.)
O2 - BHO: (Aplicación auxiliar de inicio de sesión de Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Archivos de programa\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Archivos de programa\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Archivos de programa\YRefresher\YRefresher.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Archivos de programa\YRefresher\YRefresher.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Archivos de programa\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [McPvTray_exe] C:\Archivos de programa\McAfee\MAT\McPvTray.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Archivos de programa\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PrnStatusMX] C:\Archivos de programa\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [WatchDog] C:\Archivos de programa\mobile PhoneTools\WatchDog.exe ()
O4 - HKCU..\Run: [NBJ] C:\Archivos de programa\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Logitech SetPoint.lnk = C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &eBay Search - Reg Error: Value error. File not found
O8 - Extra context menu item: &MSN Suche - Reg Error: Value error. File not found
O8 - Extra context menu item: &Silently send to default data store - C:\Archivos de programa\Queue\addToStore.html ()
O8 - Extra context menu item: &Yahoo! Search - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Add link to &queue - C:\Archivos de programa\Queue\addPage.html ()
O8 - Extra context menu item: Add to &data store... - C:\Archivos de programa\Queue\addToStore.html ()
O8 - Extra context menu item: Add to &queue - C:\Archivos de programa\Queue\addPage.html ()
O8 - Extra context menu item: Go to Queue &Web site - C:\Archivos de programa\Queue\website.html ()
O8 - Extra context menu item: Pop page from &queue - C:\Archivos de programa\Queue\removePage.html ()
O8 - Extra context menu item: Sea&rch stores - C:\Archivos de programa\Queue\searchStores.html ()
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O9 - Extra 'Tools' menuitem : Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Webpage Capture - {1F958B09-6612-7a0e-9223-4C7324C57B23} - C:\Archivos de programa\Webpage Capture\Webpage Capture.exe (Endicosoft.com)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Archivos de programa\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - Reg Error: Value error. File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Archivos de programa\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Archivos de programa\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (Reg Error: Key error.)
O16 - DPF: {2685A3D0-1459-45EE-8426-5B8CF98899A8} hxxp://www.metacrawler1.de/metabar/metabar.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259167718062 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Archivos de programa\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\ARCHIV~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL) - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No CLSID value found.
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\xp\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\xp\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Archivos de programa\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Archivos de programa\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/06 19:56:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/06/17 01:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Escritorio\VIRUS
[2012/06/16 23:22:45 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ESET
[2012/06/16 22:10:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Systweak
[2012/06/16 22:08:35 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2012/06/16 22:08:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\RegClean Pro
[2012/06/16 15:37:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\xp\Recent
[2012/06/15 21:24:42 | 000,039,936 | ---- | C] (CurioLab S.M.B.A.) -- C:\WINDOWS\System32\drivers\extit.sys
[2012/06/15 20:55:40 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Exterminate It!
[2012/06/15 20:17:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Curiolab
[2012/06/15 17:30:39 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/06/08 19:24:29 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/08 17:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\McAfee
[2012/06/08 17:16:03 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee eliminieren
[2012/06/08 16:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\McAfee Anti-Theft
[2012/06/08 16:10:35 | 000,054,776 | ---- | C] (Mozy, Inc.) -- C:\WINDOWS\System32\drivers\MOBK.sys
[2012/06/08 16:10:21 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee Online Backup
[2012/06/08 16:09:42 | 000,064,048 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\McPvDrv.sys
[2012/06/08 16:09:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\McAfee
[2012/06/08 16:08:44 | 000,009,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2012/06/08 16:08:39 | 000,089,792 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2012/06/08 16:08:39 | 000,087,656 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2012/06/08 16:08:39 | 000,083,856 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2012/06/08 16:08:38 | 000,340,920 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2012/06/08 16:08:38 | 000,180,848 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2012/06/08 16:08:38 | 000,059,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2012/06/08 16:08:38 | 000,057,600 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2012/06/08 16:08:34 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Mcafee
[2012/06/08 16:08:33 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee.com
[2012/06/08 16:08:17 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee
[2012/06/08 15:57:51 | 000,151,880 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe
[2012/06/08 15:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\McAfee
[2012/06/08 13:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\SUPERAntiSpyware.com
[2012/06/08 13:37:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\SUPERAntiSpyware.com
[2012/06/08 13:37:24 | 000,000,000 | ---D | C] -- C:\Archivos de programa\SUPERAntiSpyware
[2012/06/08 10:08:25 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Citrix
[2012/06/08 10:07:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Configuración local\Datos de programa\Citrix
[2012/06/06 01:39:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes' Anti-Malware
[2012/06/06 01:38:59 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
[2012/06/06 01:04:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Auslogics
[2012/06/06 01:03:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Auslogics
[2012/06/06 01:03:36 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Auslogics
[2012/06/06 01:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Malwarebytes
[2012/06/06 00:53:12 | 000,000,000 | ---D | C] -- C:\Archivos de programa\CCleaner
[2012/06/05 23:21:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\xp\Escritorio\Festplatte aufräumen
[2012/06/05 17:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
[2012/06/05 05:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
[2010/12/29 20:38:02 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\xp\Datos de programa\pcouffin.sys
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/06/17 02:45:00 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/17 02:31:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/17 02:30:16 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/17 02:29:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/17 02:29:44 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/17 02:19:00 | 000,000,344 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/06/17 01:56:48 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\xp\defogger_reenable
[2012/06/17 01:30:03 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/17 00:45:26 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{625482C6-11A8-43E9-BC0A-A608AD8BEA0E}.job
[2012/06/16 22:11:16 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2012/06/16 22:11:14 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2012/06/16 21:37:05 | 000,000,532 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job
[2012/06/16 14:39:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/06/15 23:20:03 | 000,000,834 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/06/15 21:36:16 | 000,017,182 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120615_213607.reg
[2012/06/15 21:24:42 | 000,039,936 | ---- | M] (CurioLab S.M.B.A.) -- C:\WINDOWS\System32\drivers\extit.sys
[2012/06/15 14:35:14 | 001,430,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/08 20:18:48 | 000,010,244 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_201842.reg
[2012/06/08 19:22:52 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\McAfee Virtual Technician.lnk
[2012/06/08 17:39:56 | 000,029,388 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_173943.reg
[2012/06/08 16:50:29 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\McAfee Total Protection.lnk
[2012/06/08 16:48:14 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\McAfee Online Backup.lnk
[2012/06/08 16:25:43 | 000,000,426 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\Cajas fuertes de McAfee.lnk
[2012/06/08 16:23:14 | 000,002,930 | ---- | M] () -- C:\WINDOWS\MOBK.blk
[2012/06/08 16:23:13 | 000,000,614 | ---- | M] () -- C:\WINDOWS\MOBK.flt
[2012/06/08 13:41:02 | 000,000,921 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\virushosts
[2012/06/08 10:07:49 | 000,103,784 | ---- | M] () -- C:\Documents and Settings\xp\GoToAssistDownloadHelper.exe
[2012/06/07 14:40:25 | 000,017,408 | ---- | M] () -- C:\conf.dat
[2012/06/06 22:42:11 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/06/06 15:16:18 | 000,654,660 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120606_151535.reg
[2012/06/06 00:28:25 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/04 20:59:12 | 000,465,456 | ---- | M] () -- C:\PoliFix.exe
[2012/06/04 16:34:33 | 000,163,840 | RHS- | M] () -- C:\WINDOWS\System32\MFC71KORR.dll
[2012/06/04 15:45:35 | 000,002,551 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\Microsoft Word.lnk
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/06/17 01:56:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\xp\defogger_reenable
[2012/06/16 22:11:16 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2012/06/16 22:11:14 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2012/06/16 22:08:33 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\RegClean Pro.lnk
[2012/06/16 12:11:53 | 000,465,456 | ---- | C] () -- C:\PoliFix.exe
[2012/06/15 21:36:13 | 000,017,182 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120615_213607.reg
[2012/06/15 20:55:44 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Exterminate It!.lnk
[2012/06/15 14:12:33 | 000,000,532 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job
[2012/06/08 20:18:46 | 000,010,244 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_201842.reg
[2012/06/08 19:22:52 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\McAfee Virtual Technician.lnk
[2012/06/08 19:22:09 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\McAfee Virtual Technician.lnk
[2012/06/08 17:39:54 | 000,029,388 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_173943.reg
[2012/06/08 16:50:29 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\McAfee Total Protection.lnk
[2012/06/08 16:25:43 | 000,000,426 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\Cajas fuertes de McAfee.lnk
[2012/06/08 16:25:28 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\McAfee Online Backup.lnk
[2012/06/08 10:07:47 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\xp\GoToAssistDownloadHelper.exe
[2012/06/07 00:26:45 | 000,017,408 | ---- | C] () -- C:\conf.dat
[2012/06/06 15:15:49 | 000,654,660 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120606_151535.reg
[2012/06/06 01:18:02 | 2147,012,608 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/04 20:28:13 | 000,001,599 | ---- | C] () -- C:\Asistencia remota.lnk
[2012/06/04 16:34:33 | 000,163,840 | RHS- | C] () -- C:\WINDOWS\System32\MFC71KORR.dll
[2012/04/27 11:18:41 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2012/04/27 11:18:40 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2012/02/18 17:54:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/12/29 20:38:02 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\inst.exe
[2010/12/29 20:38:02 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\pcouffin.cat
[2010/12/29 20:38:02 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\pcouffin.inf
[2010/10/15 20:14:40 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/31 22:47:12 | 000,000,345 | ---- | C] () -- C:\WINDOWS\hgw.ini
[2010/07/30 19:50:07 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
 
========== LOP Check ==========
 
[2008/05/07 20:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Autodesk
[2005/12/10 18:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Avanquest Software
[2006/02/16 01:33:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\BVRP Software
[2007/10/20 15:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Earthsim
[2010/10/16 00:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ICQ
[2010/08/16 14:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Merscom
[2006/02/26 13:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\MSN Search Toolbar
[2005/09/03 02:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PACE Anti-Piracy
[2007/10/25 19:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PC Drivers Headquarters
[2007/10/23 00:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\SecTaskMan
[2008/05/30 15:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Tages
[2012/06/15 13:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
[2006/12/03 19:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Zabersoft
[2010/03/12 19:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Zylom
[2010/08/16 19:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2007/02/15 20:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Ascaron Entertainment
[2012/06/06 02:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Auslogics
[2008/05/10 02:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Autodesk
[2012/06/15 20:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Curiolab
[2010/07/31 01:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Desktop Sidebar
[2010/04/28 16:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Glory of the Roman Empire
[2010/08/16 15:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Got Game Entertainment
[2010/10/16 00:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ICQ
[2005/04/14 23:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ICQLite
[2009/03/06 19:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Imperium Romanum
[2005/04/09 12:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Leadertech
[2009/12/09 19:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Marvell
[2010/08/16 14:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Merscom
[2006/02/26 13:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\MSN Search Toolbar
[2007/03/18 14:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\OfficeUpdate12
[2008/12/10 23:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Skinux
[2007/10/28 14:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Smart Recorder
[2012/06/16 22:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Systweak
[2010/12/29 21:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Vso
[2006/11/15 23:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\WholeSecurity
[2008/12/06 23:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Desktop Search
[2008/04/16 18:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Live Writer
[2009/03/09 20:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Search
[2010/12/29 23:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\XMedia Recode
[2012/06/06 22:42:11 | 000,000,430 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/06/17 02:19:00 | 000,000,344 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2012/06/16 22:11:16 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
[2012/06/16 22:11:14 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
[2012/06/16 21:37:05 | 000,000,532 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job
[2012/06/17 00:45:26 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{625482C6-11A8-43E9-BC0A-A608AD8BEA0E}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\xvid.ax:SummaryInformation
@Alternate Data Stream - 866 bytes -> C:\Archivos de programa\Outlook Express:keadL8gUyqkM3X0b9tYi
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:07BF512B

< End of report >