![]() |
|
Log-Analyse und Auswertung: 2. Google Umleitung auf "secure.bidvertiser"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
![]() | ![]() 2. Google Umleitung auf "secure.bidvertiser" Liebe Community, ich bin weder verwandt noch verschwägert mit dem Autor "Ordensritter" des threads "Google Umleitung auf secure.bidvertiser" - aber ich habe exakt das gleiche Problem : ------------------------------------------------------- Zitat : Ich fürchte, mein Computer ist von Viren befallen. Der Grund meiner Anmeldung ist der, dass ich bei einer Google Suche regelmäßig umgeleitet werde, fast immer auf die Seite "secure.bidvertiser...." bzw. dann weiter auf Seiten mit irgendwelcher Werbung -------------------------------------------------------- Ein halbwegs normales "googeln" ist kaum noch möglich ... Mein PC läuft mit Windows XP SP3 und ich habe dieses blöde Virus bekommen, obwohl ich "McAfee Total Protection" korrekt installiert und bezahlt habe ... Jetzt bitte ich einfach hier um Hilfe - die Expertenratschläge sind in diesem Forum echt kompetent - und nach dem Lesen verschiedener threads muss ich auch noch blöd fragen : wie genau kann ich die .log-Dateien hier posten, die ja immer nach jedem Schritt von Euch Experten angefragt werden (ich bräuchte da bitte eine ganz genaue Anweisung). Liebe Grüsse und schon jetzt vielen Dank Martín-Alejandro EDIT : ESET Online Scanner läuft gerade (NUR .log Datei, NICHT Probleme entfernen und mit deaktiviertem McAfee) und ich warte ab diesem Punkt auf Anweisungen und werde nichts mehr eigenhändig machen - versprochen ! ... jetzt habe ich Eure Seite gefunden mit den Infos (Defogger, OTL, Gmer), die Ihr braucht. Ich habe ESET Online Scanner abgebrochen und poste dann die Infos der 3 Programme ... Defogger : ist normal gelaufen bis "finished" defogger_disable.log : --------------------------------------------------------- defogger_disable by jpshortstuff (23.02.10.1) Log created at 01:58 on 17/06/2012 (xp) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- ---------------------------------------------------------- OTL : ist normal gelaufen, ohne Fehlermeldung OTL extras.txt : ---------------------------------------------------------------OTL EXTRAS Logfile: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 17/06/2012 2:47:41 - Run 1 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Documents and Settings\xp\Escritorio\VIRUS Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 74.69% Memory free 4.85 Gb Paging File | 4.17 Gb Available in Paging File | 86.01% Paging File free Paging file location(s): c:\pagefile.sys 3070 3070 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa Drive C: | 149.05 Gb Total Space | 30.22 Gb Free Space | 20.28% Space Free | Partition Type: NTFS Computer Name: MARTINAKILB2 | User Name: xp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .bat [@ = batfile] -- Reg Error: Key error. File not found .cmd [@ = cmdfile] -- Reg Error: Key error. File not found .com [@ = comfile] -- Reg Error: Key error. File not found .html [@ = htmlfile] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- Reg Error: Key error. File not found .reg [@ = regfile] -- Reg Error: Key error. File not found .vbs [@ = VBSFile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "5985:TCP" = 5985:TCP:*:Disabled:Administración remota de Windows "80:TCP" = 80:TCP:*:Disabled:Administración remota de Windows - Modo de compatibilidad (HTTP de entrada) ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Archivos de programa\Yahoo!\Messenger\YServer.exe" = C:\Archivos de programa\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.) "C:\Simulati\PATRIZIER II Gold\Patrizier 2.exe" = C:\Simulati\PATRIZIER II Gold\Patrizier 2.exe:*:Enabled:Patrizier 2 -- () "C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe" = C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.) "C:\Archivos de programa\Anno 1701\Anno1701.exe" = C:\Archivos de programa\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- (Related Designs Software GmbH) "C:\Simulati\simcity3000\Apps\Updater\UPDATER.EXE" = C:\Simulati\simcity3000\Apps\Updater\UPDATER.EXE:*:Enabled:SC3UpdaterMFC -- () "C:\Archivos de programa\Steam\Steam.exe" = C:\Archivos de programa\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe" = C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe:*:Enabled:DIE SIEDLER - Aufstieg eines Königreichs -- (Blue Byte GmbH) "C:\Archivos de programa\Anno 1701\Anno1701AddOn.exe" = C:\Archivos de programa\Anno 1701\Anno1701AddOn.exe:*:Enabled:Anno 1701 Add-On 01 -- (Related Designs Software GmbH) "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Asistente para transferencia de archivos y configuraciones -- (Microsoft Corporation) "C:\Archivos de programa\RoteListe\bin\pythonw.exe" = C:\Archivos de programa\RoteListe\bin\pythonw.exe:*:Enabled:pythonw -- () "C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company) "C:\Archivos de programa\Google\Google Talk\googletalk.exe" = C:\Archivos de programa\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google) "C:\Archivos de programa\Motorola\Software Update\msu.exe" = C:\Archivos de programa\Motorola\Software Update\msu.exe:*:Enabled:msu -- (Motorola) "C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\extra1\bin\Settlers6.exe" = C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\extra1\bin\Settlers6.exe:*:Enabled:DIE SIEDLER - Aufstieg eines Königreichs - Reich des Ostens -- (Blue Byte GmbH) "C:\Archivos de programa\eMule\emule.exe" = C:\Archivos de programa\eMule\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net) "C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () "C:\Archivos de programa\GameShadow\GameShadow.exe" = C:\Archivos de programa\GameShadow\GameShadow.exe:*:Enabled:GameShadow -- (GameShadow Ltd) "C:\Archivos de programa\GameShadow\GSDownload.exe" = C:\Archivos de programa\GameShadow\GSDownload.exe:*:Enabled:Downloader -- (GameShadow Ltd) "C:\Simulati\East India Company\eastindia.exe" = C:\Simulati\East India Company\eastindia.exe:*:Enabled:East India Company Application -- (Nitro Games Ltd.) "C:\Simulati\East India Company\piratebay.exe" = C:\Simulati\East India Company\piratebay.exe:*:Enabled:East India Company Application -- (Nitro Games Ltd.) "C:\Simulati\XIII Century Gold Edition\engine.exe" = C:\Simulati\XIII Century Gold Edition\engine.exe:*:Enabled:XIII Century Gold Edition -- (Unicorn Games) "C:\Archivos de programa\ICQ6\ICQ.exe" = C:\Archivos de programa\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, Inc.) "C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe" = C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card "{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{048CDCD6-124C-11D3-825E-00C04F6843FE}" = Diseño de fondo Hojas verdes "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Ayudante para el inicio de sesión de Windows Live ID "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer "{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common "{0FF3A504-4705-11D2-B55D-00609733EA48}" = IS Scan 2 "{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up "{126A2BF4-FF8D-431D-9D5F-DB40255DE069}" = Rush For Berlin "{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD "{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates! "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy "{1E187923-04E5-4E1F-9BF2-40E32D93A1C4}" = HP Color LaserJet CP1210 Series Toolbox "{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}" = Adobe Media Player "{1FCC8C70-66B9-420D-942C-2C2A8441C744}" = Imperial Glory "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Herramienta de carga de Windows Live "{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard "{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29 "{26DDB12A-CB5E-4C0B-89AF-817CA0E59CC9}" = HP LaserJet Toolbox "{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish "{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup "{28F46DFD-F535-4306-BDEB-C5E7FCA2026E}" = Windows Live Sync "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2BCD8416-F432-4642-BF33-582720A0265C}" = Windows Live Writer "{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt "{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Betaversion) "{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{309B6FB2-F132-4DF8-9CDC-33D1169EE47B}" = StarMoney 6.0 "{30C4DDA6-1247-11D3-825E-00C04F6843FE}" = Diseño de fondo Tela pintada "{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper "{31DABA20-10A1-4746-9D9F-57955B8DFF66}" = Free Games Offer, Desktop Shortcut "{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German "{33549D3C-8EA6-4E96-8B8B-550817438FCA}" = LOADSTREET Perfect Startup "{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins "{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French "{38A0481D-544D-4C01-BB32-39332391D012}" = Windows Live Call "{39CE3C17-846D-4D9B-8B3E-C01A4B90FB73}" = Virtual Earth 3D (Beta) "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore "{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian "{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer "{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009 "{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg "{47CC11F6-124A-11D3-825E-00C04F6843FE}" = Diseño de fondo Río oscuro "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean "{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update "{5100250E-124B-11D3-825E-00C04F6843FE}" = Diseño de fondo Estrellas azules "{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001 "{53480060-85DE-4F43-9AFE-6E9D8FB8F2C1}" = O&O SafeErase "{53480230-2DE4-44A9-919C-39381946614F}" = O&O UnErase "{54360A73-B080-4A69-BFD4-53C190DD3AB0}" = HP Color LaserJet CP1210 Series "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book "{5783F2D7-6001-0409-0002-0060B0CE6BBA}" = AutoCAD 2008 - English "{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7 "{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6 "{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek "{625BD732-ACDF-4552-BF22-98EBB413B6F3}" = McAfee Shredder "{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full "{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0 "{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr "{651CFCEE-1249-11D3-825E-00C04F6843FE}" = Diseño de fondo Rayas finas "{66D82F7B-CA1E-4368-963A-33A097929645}" = Windows Live Mail "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = Power Cinema "{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed "{722EAE80-82CB-42D4-87CE-38D849D99AED}" = Guía Campsa 2005 "{74299A64-3EB6-4260-AAFB-8DC62A70E85E}" = Football Generation "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar "{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply "{7A4C82FE-1248-11D3-825E-00C04F6843FE}" = Diseño del papel tapiz "{80A29FE1-4390-4996-B213-EB703832D8B3}" = Galería fotográfica de Windows Live "{821DABD6-26F2-49E5-AE55-40A589ADBE6D}" = DER ERSTE KAISER: Aufstieg des Reichs der Mitte 1.0.1.0 "{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver "{853BAA28-5C1E-4678-ADAC-6A37B8A526AB}" = Windows Live Essentials "{85AC0FFA-643D-3103-9310-7086ECB0C36C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New "{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7 "{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}" = AeroFly Professional Deluxe "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90300C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content "{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - Der Fluch des Drachen "{90BE577A-41DC-4D1F-A91B-6C8D14CCA783}" = VI Vademecum Internacional 2005 "{90F80407-6000-11D3-8CFE-0150048383C9}" = Tool zum Entfernen verborgener Daten "{91077588-AC04-4886-B20B-C8CF1A122F27}" = The Guild 2 Venice "{91110C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional "{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui "{92170C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft FrontPage 2002 "{922D9CCA-4317-425F-9AA5-94829DF8BA6D}" = Motorola Software Update "{92E4A65F-7007-3357-A69A-167F71A337BD}" = Microsoft .NET Framework 3.5 Language Pack SP1 - esn "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse "{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack "{9850E3EB-69A6-428C-9A23-C64E650809CB}" = Cliente de Windows Rights Management con Service Pack 2 "{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL "{99D42EC7-652B-4819-B3E6-6450C815E03F}" = Odyssey Client "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C3B7F54-C6E2-4A74-9937-9C6EBA10C4A2}" = Victoria 2 "{9D7F1E46-0E63-11D3-8257-00C04F6843FE}" = Diseño de fondo Baxter "{9DEBE760-F2D0-11DD-6784-0195548618BE}" = GameShadow V3.0 "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A2172ACA-FFA8-4808-BD20-08565C7390F9}" = OGA Notifier 1.7.0105.35.0 "{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2 "{A6C8DB55-F380-44b6-8EC5-5B65DF25F068}_is1" = XIII Century Gold Edition "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1" = Auslogics Disk Defrag Professional "{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK "{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian "{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish "{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook "{B1544704-124C-11D3-825E-00C04F6843FE}" = Diseño de fondo Bumerán "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI "{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore "{B4B6D789-EF42-39D5-B36B-A1282951E0D5}" = Microsoft .NET Framework 4 Extended ESN Language Pack "{B7666229-351B-47D9-AA6F-DF777CF04BBF}" = Caesar IV "{B975F4A1-63B6-11D4-BFEC-005004AF2D32}" = Monopoly Tycoon "{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All "{BD1BBE79-BB25-460D-A2BD-D496A5E13786}" = Windows Live Messenger "{BD202930-5F70-4B35-B875-1E28604F328D}" = Logitech Communications Manager "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam-Software "{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing "{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar "{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector Pro "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CBDF2C61-C3C9-4AC0-9415-B4502A930DCD}_is1" = Titanic: Der Tauchfahrt-Simulator "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup "{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish "{D2BD3C8F-9D7F-472B-BDF9-7309A5CB813A}" = Motorola Driver Installation 3.5.0 "{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software "{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte) "{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static "{D7E7EC5E-4349-4E40-B37C-4342188B86EC}" = Monopoly "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR "{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 Königs- Edition "{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light "{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility "{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips "{EB4E949B-B9E4-42C7-9D80-44DC71588BC7}_is1" = Vademecum Internacional 2006 "{EB4E949B-B9E4-42C7-9D80-55DC71588BC7}_is1" = Vademecum Internacional 2007 "{EC905264-BCFE-423B-9C42-C3A106266790}" = SP2 con compatibilidad hacia atrás con cliente de Windows Rights Management "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization "{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0BA5720-E189-11D4-9EA1-0050BAE317E1}" = PowerVCR II "{F286EFDF-417F-482E-828C-9A05BF93FCB8}_is1" = Rise of Prussia "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK "{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002 "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS "{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian "{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes "{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Extensión de HighMAT para el Asistente para grabación de CD de Microsoft Windows XP "{FDE0D0EB-486C-48B9-A6B5-4BEAA078AF73}" = Medieval Lords "{FFCB1B04-5B1C-4A17-AA60-CA6F00BA50F9}" = StarMoney "AC3Filter_is1" = AC3Filter 1.62b "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2 "Aggression - Reign over Europe_is1" = Aggression - Reign over Europe "Airport Inc" = Airport Inc "Airport Tycoon 3_is1" = Airport Tycoon 3 "All ATI Software" = ATI - Utilidad de desinstalación de software "America" = America "American Conquest - Edición de oro" = American Conquest - Edición de oro "Anno 1503 Calculator" = Anno 1503 Calculator "ArtMoney SE_is1" = ArtMoney SE v7.22 "ATI Display Driver" = ATI Display Driver "AutoCAD 2008 - English" = AutoCAD 2008 - English "Autodesk Design Review 2009" = Autodesk Design Review 2009 "Bink and Smacker" = Bink and Smacker "Birth of America_is1" = Birth of America 1.09 "CCleaner" = CCleaner "Cities XL 2011" = Cities XL 2011 "Citybuilders - S6 Szenario - Siedler 6" = Citybuilders - S6 Szenario - Siedler 6 1.0.0 "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "Corel Applications" = Corel Applications "Creative Software AutoUpdate" = Creative Software AutoUpdate "Crown Of Glory1.2.25" = Crown Of Glory "Crown of the North" = Crown of the North "Device Control" = Gerätesteuerung "Die Gilde Gold Update v. 2.06 " = Die Gilde Gold Update v. 2.06 "Die Gilde Gold-Edition" = Die Gilde Gold-Edition "Digital Camera Enhancer_is1" = Digital Camera Enhancer "DivX Setup.divx.com" = Instalación de DivX "DVDFab Platinum 4_is1" = DVDFab Platinum 4.1.2.0 Beta Ghosthunter release "EarthsimChannel" = Earthsim "East India Company + Pirate Bay Addon_is1" = East India Company and Pirate Bay Addon "EAXSet" = Creative EAX-Einstellungen "eMule" = eMule "ESET Online Scanner" = ESET Online Scanner v3 "Europa Universalis II" = Europa Universalis II "Exterminate It!" = Exterminate It! "ffdshow_is1" = ffdshow [rev 2322] [2008-11-14] "For the Glory_is1" = For the Glory "GamersGate Downloader_is1" = GamersGate Downloader "GameSpy Arcade" = GameSpy Arcade "GameWiz32" = GameWiz32 "getPlus(R)_ocx" = getPlus(R)_ocx "Glory of the Roman Empire" = Glory of the Roman Empire "Google Desktop" = Google Desktop "Google Updater" = Google Updater "HP Color LaserJet CP1210 Series" = HP Color LaserJet CP1210 Series "I am an Air Traffic Controller3" = I am an Air Traffic Controller3 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InCD!UninstallKey" = InCD "InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates! "KnightsAndMerchants" = KnightsAndMerchants "Lament for the Queen_is1" = Lament for the Queen "LHTTSSPE" = L&H TTS3000 Español "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400 "McAfee Virtual Technician" = McAfee Virtual Technician "MediaShow" = Medi@Show "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - esn" = Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Extended ESN "mIRC" = mIRC "Mobility" = Mobility "MS Access 97 SP2" = MS Access 97 SP2 "MSCSR" = Microsoft Speech Recognition Engine 4.0 (English) "MUSICMATCH Jukebox" = MUSICMATCH Jukebox "myphotobook" = myphotobook 1.0 "Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition "NeroVision!UninstallKey" = Nero Digital "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NMPUninstallKey" = Nero Media Player "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers "OpenAL" = OpenAL "Patrizier II Gold_is1" = Patrizier II Gold "Police" = Police "Port Royale 2" = Port Royale 2 "QcDrv" = Controlador de Logitech® Camera "Queue" = Queue (remove only) "RegClean Pro_is1" = RegClean Pro "Robin Hood: The Legend Of Sherwood" = Robin Hood: The Legend Of Sherwood "ROTE LISTE® CD" = ROTE LISTE® CD "SimCity 3000 Unlimited" = SimCity 3000 Unlimited "SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver "SPEAKER" = Creative Lautsprechereinstellungen "ST6UNST #1" = Bomi's ANNO 1503-Tools "ST6UNST #2" = AnnoEinstellung "ST6UNST #3" = ATCsimulator2 by AEROSOFT Corporation "SysadmV10" = Sysadm "SystemRequirementsLab" = System Requirements Lab "TextBridge Classic" = TextBridge Classic "The Tudors 1.0.9" = The Tudors "TISV10" = Tis "tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine "Victoria" = Victoria "VideoLive Mail" = VideoLive Mail 4.0 "VOX 3D Planer_is1" = VOX 3D Planer "Warzone2100" = Warzone2100 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Webpage Capture" = Webpage Capture "WebRipper" = WebRipper 1.25 "WIC" = Windows Imaging Component "Windows Doctor_is1" = Windows Doctor 1.7 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Reproductor de Windows Media 11 "Windows Mobile Device Handbook" = Recursos de Windows Mobile "Wine Tycoon" = Wine Tycoon "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "Wise Disk Cleaner_is1" = Wise Disk Cleaner 3.74 "WMCSetup" = Windows Media Connect "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "WMV9_VCM" = Microsoft Windows Media Video 9 VCM "Wolfschanze_is1" = Wolfschanze "World War One Gold_is1" = World War One v1.0.8 "XMedia Recode" = XMedia Recode 2.2.9.7 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "Xvid_is1" = Xvid 1.1.3 final uninstall "Yahoo! Companion" = Barra Yahoo! con bloqueador de ventanas emergentes "Yahoo! Extras" = Yahoo! Browser Services "Yahoo! Mail" = Yahoo! Internet Mail "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Messenger Explorer Bar" = Yahoo! Messenger Explorer Bar "YInstHelper" = Yahoo! Install Manager "YRefresher_is1" = Yrefresher 1.00 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "961737271c92f180" = GamersGate Downloader "ANNO 1503-Szenario - BEC 2005 - Der Neuanfang" = ANNO 1503-Szenario - BEC 2005 - Der Neuanfang "ANNO 1503-Szenario - BOC 2005 - Eiertanz" = ANNO 1503-Szenario - BOC 2005 - Eiertanz "ANNO 1503-Szenario - BOC 2006 - Transportmeister" = ANNO 1503-Szenario - BOC 2006 - Transportmeister "ANNO 1503-Szenario - Prinzessin VI" = ANNO 1503-Szenario - Prinzessin VI "ANNO 1503-Szenario - Weisse Sonne" = ANNO 1503-Szenario - Weisse Sonne "Tower Simulator" = Tower Simulator ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 16/06/2012 4:16:08 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000 Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682. Error - 16/06/2012 4:21:16 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000 Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682. Error - 16/06/2012 8:56:22 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000 Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682. Error - 16/06/2012 9:01:43 | Computer Name = MARTINAKILB2 | Source = McLogEvent | ID = 5051 Description = A thread in process C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request. The process will be terminated. Thread id : 1804 (0x70c) Thread address : 0x7C91E514 Thread message : Build VSCORE.14.4.0.387 / 5400.1158 Object being scanned = \Device\HarddiskVolume1\Simulati\ANNO 1503 Königs- Edition\InselEditor\Landscape.exe by C:\WINDOWS\explorer.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0) Error - 16/06/2012 9:19:24 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000 Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682. Error - 16/06/2012 16:10:24 | Computer Name = MARTINAKILB2 | Source = McLogEvent | ID = 5051 Description = A thread in process C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request. The process will be terminated. Thread id : 3916 (0xf4c) Thread address : 0x7C91E514 Thread message : Build VSCORE.14.4.0.387 / 5400.1158 Object being scanned = \Device\HarddiskVolume1\WINDOWS\system32\snmpapi.dll by C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0) Error - 16/06/2012 19:55:28 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000 Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682. Error - 16/06/2012 20:11:20 | Computer Name = MARTINAKILB2 | Source = McLogEvent | ID = 5022 Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 8 Error - 16/06/2012 20:13:06 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000 Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682. Error - 16/06/2012 20:36:31 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000 Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682. [ System Events ] Error - 08/06/2012 6:23:49 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000 Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: %%183 Error - 08/06/2012 6:43:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000 Description = El servicio Realtek EAPPkt Protocol no pudo iniciarse debido al siguiente error: %%2 Error - 08/06/2012 6:43:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7002 Description = El servicio A4SII300 depende del grupo 7Parallel arbitrat y ningún miembro de este grupo se inició. Error - 08/06/2012 6:43:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000 Description = El servicio Kodak Camera Connection Software no pudo iniciarse debido al siguiente error: %%3 Error - 08/06/2012 6:45:26 | Computer Name = EE96E591A11547D | Source = DCOM | ID = 10010 Description = El servidor {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} no se registró con DCOM dentro del tiempo de espera requerido. Error - 08/06/2012 7:37:45 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000 Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: %%183 Error - 08/06/2012 7:41:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000 Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: %%183 Error - 08/06/2012 7:46:48 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000 Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: %%183 Error - 08/06/2012 7:51:06 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000 Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: %%183 Error - 08/06/2012 8:38:16 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000 Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: %%183 < End of report > --- --- --- --------------------------------------------------------------- OTL otl.txt : ---------------------------------------------------------------OTL Logfile: Code:
ATTFilter OTL logfile created on: 17/06/2012 2:47:40 - Run 1 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Documents and Settings\xp\Escritorio\VIRUS Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 74.69% Memory free 4.85 Gb Paging File | 4.17 Gb Available in Paging File | 86.01% Paging File free Paging file location(s): c:\pagefile.sys 3070 3070 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa Drive C: | 149.05 Gb Total Space | 30.22 Gb Free Space | 20.28% Space Free | Partition Type: NTFS Computer Name: MARTINAKILB2 | User Name: xp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/06/17 02:37:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xp\Escritorio\VIRUS\OTL.exe PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/03/21 21:17:10 | 000,795,600 | ---- | M] (McAfee, Inc.) -- c:\Archivos de programa\McAfee.com\Agent\mcupdate.exe PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee.com\Agent\mcagent.exe PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\mfefire.exe PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\mcshield.exe PRC - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe PRC - [2011/04/08 13:59:50 | 000,419,904 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee\MAT\McPvTray.exe PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe PRC - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee Online Backup\MOBKbackup.exe PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2009/07/20 13:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe PRC - [2009/07/10 13:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\KHAL2\KHALMNPR.exe PRC - [2008/04/14 04:18:57 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/08/29 17:06:10 | 001,077,248 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\Archivos de programa\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe PRC - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007/01/12 03:09:28 | 000,488,984 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe PRC - [2006/03/23 18:06:38 | 000,880,128 | ---- | M] (Nero AG) -- C:\Archivos de programa\Ahead\InCD\InCDsrv.exe PRC - [2005/10/31 10:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Archivos de programa\Creative\SBAudigy\Surround Mixer\CTSysVol.exe PRC - [2005/07/19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE PRC - [2005/06/08 16:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Logitech\Video\LogiTray.exe PRC - [2005/06/08 15:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Logitech\Video\FxSvr2.exe PRC - [2004/08/14 04:42:20 | 000,036,864 | ---- | M] () -- C:\Archivos de programa\mobile PhoneTools\WatchDog.exe PRC - [2004/04/13 06:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe PRC - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe ========== Modules (No Company Name) ========== MOD - [2010/04/13 20:11:16 | 000,077,624 | ---- | M] () -- C:\Archivos de programa\McAfee Online Backup\librs2.dll MOD - [2009/07/20 13:27:14 | 000,017,936 | ---- | M] () -- C:\Archivos de programa\Logitech\SetPoint\khalwrapper.dll MOD - [2008/09/16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Archivos de programa\WinRAR\RarExt.dll MOD - [2004/08/14 04:42:20 | 000,036,864 | ---- | M] () -- C:\Archivos de programa\mobile PhoneTools\WatchDog.exe ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (KodakCCS) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012/04/23 14:36:57 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/04/19 08:21:16 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp) SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe -- (!SASCORE) SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Archivos de programa\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McProxy) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service) SRV - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup) SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009/07/20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Logitech\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2008/05/07 20:52:47 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Windows Defender\MsMpEng.exe -- (WinDefend) SRV - [2006/03/23 18:06:38 | 000,880,128 | ---- | M] (Nero AG) [Auto | Running] -- C:\Archivos de programa\Ahead\InCD\InCDsrv.exe -- (InCDsrv) SRV - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt) DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\PxHelp20.sys -- (PxHelp20) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\EAPPkt.sys -- (EAPPkt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM) DRV - [2012/06/15 21:24:42 | 000,039,936 | ---- | M] (CurioLab S.M.B.A.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\extit.sys -- (ExterminateIt) DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek) DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk) DRV - [2012/02/22 13:29:46 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k) DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet) DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp) DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk) DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk) DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids) DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011/04/11 14:29:16 | 000,064,048 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\McPvDrv.sys -- (McPvDrv) DRV - [2010/04/13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MOBK.sys -- (MOBKFilter) DRV - [2009/06/17 18:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2009/06/17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009/06/17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009/06/17 18:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2009/06/17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008/03/30 23:46:20 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2008/02/29 03:13:46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2007/10/23 11:45:00 | 000,269,824 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187.sys -- (RTLWUSB) DRV - [2007/09/29 05:05:59 | 002,456,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007/09/05 13:35:46 | 000,377,920 | R--- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\A5AGU.sys -- (A5AGU) DRV - [2007/07/05 19:04:58 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2007/06/20 15:57:46 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem) DRV - [2007/06/15 11:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17) DRV - [2007/03/17 16:02:22 | 000,053,760 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV76.sys -- (SSHDRV76) DRV - [2006/08/27 15:58:06 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt) DRV - [2006/07/25 11:27:16 | 000,357,568 | R--- | M] (THOMSON Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BT4501G.sys -- (BT4501G) DRV - [2006/03/26 14:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2006/03/24 18:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x) DRV - [2006/03/23 18:15:58 | 000,102,016 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs) DRV - [2006/03/23 18:15:56 | 000,033,536 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm) DRV - [2006/03/23 18:15:56 | 000,029,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass) DRV - [2006/03/23 18:00:28 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec) DRV - [2006/03/20 18:34:56 | 001,452,032 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\p17filt.sys -- (p17filt) DRV - [2006/03/13 11:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005/09/01 12:03:04 | 000,005,888 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\imagedrv.sys -- (Imagedrv) DRV - [2005/05/27 10:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2005/04/07 10:53:36 | 000,028,164 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k) DRV - [2005/01/10 19:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2005/01/10 19:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2004/11/05 17:43:58 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP) DRV - [2004/10/08 12:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl) DRV - [2004/08/03 23:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC) DRV - [2004/05/13 15:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004/05/13 13:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06) DRV - [2003/12/01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2003/09/06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1) DRV - [2003/08/19 17:27:20 | 000,333,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0) DRV - [2003/07/16 22:28:02 | 000,017,142 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CBTNDIS5.sys -- (CBTNDIS5) DRV - [2003/05/22 18:44:44 | 000,670,203 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51) DRV - [2003/05/14 16:01:42 | 000,062,673 | R--- | M] (Funk Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\odysseyIM3.sys -- (odysseyIM3) DRV - [2002/09/26 14:41:58 | 000,029,312 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (sisagp) DRV - [2002/07/29 14:15:26 | 000,024,288 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune) DRV - [2002/07/29 14:14:00 | 000,424,704 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134) MEDION (7134) DRV - [2002/04/19 02:15:46 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2002/04/16 14:56:20 | 000,004,608 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide) DRV - [2001/08/17 23:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame) DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [1999/09/27 10:47:34 | 000,014,656 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BjsPort.sys -- (BjsPort) DRV - [1998/02/26 15:10:28 | 000,025,632 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\a4sii300.sys -- (A4SII300) DRV - [1996/02/26 19:44:18 | 000,006,144 | ---- | M] (Corel Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\crlscsi.sys -- (crlscsi) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, = IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {21975B79-4ED1-4A5E-BA7A-948F9C16025A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{21975B79-4ED1-4A5E-BA7A-948F9C16025A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLD_de IE - HKCU\..\SearchScopes\{42DE7406-9A42-409A-A612-CC489BD23278}: "URL" = hxxp://www.rtl.de/websuche.php?kw={searchTerms} IE - HKCU\..\SearchScopes\{58AA2032-3F73-444B-9BEA-F32512868136}: "URL" = hxxp://es.search.yahoo.com/search?fr=mcafee&p={SearchTerms} IE - HKCU\..\SearchScopes\{63F700A0-5B73-435A-AFC7-887C52E4B460}: "URL" = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://localhost:4664/search&s=ROOVnf0gwQxsiPZjAraOBpCh8do?q={searchTerms} IE - HKCU\..\SearchScopes\{8E0E7E7C-1B3A-4772-B7BD-AFAFC4BAAF35}: "URL" = hxxp://suche.web.de/search/web/?su={searchTerms} IE - HKCU\..\SearchScopes\{E820C180-59B0-451C-9183-258058854C4A}: "URL" = hxxp://suche.lycos.de/cgi-bin/pursuit?query={searchTerms} IE - HKCU\..\SearchScopes\{EF80DC8C-4595-4845-8E4D-D2BD44E3DACF}: "URL" = hxxp://suche.freenet.de/suche?query={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Archivos de programa\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Archivos de programa\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\archiv~1\mcafee\msc\npmcsn~1.dll () FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Archivos de programa\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Archivos de programa\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.2: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Archivos de programa\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: c:\Archivos de programa\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=2.5: C:\Archivos de programa\Virtual Earth 3D\ [2009/06/02 17:54:52 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Archivos de programa\Virtual Earth 3D\ [2009/06/02 17:54:52 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Archivos de programa\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Datos de programa\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Archivos de programa\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Archivos de programa\Archivos comunes\McAfee\SystemCore [2012/06/17 02:34:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Archivos de programa\McAfee\SiteAdvisor [2012/06/15 13:41:51 | 000,000,000 | ---D | M] O1 HOSTS File: ([2012/06/15 23:20:03 | 000,000,834 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 license.superantispyware.com O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Archivos de programa\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\ScriptSn.20120608160844.dll (McAfee, Inc.) O2 - BHO: (Aplicación auxiliar de inicio de sesión de Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Archivos de programa\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Archivos de programa\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Archivos de programa\YRefresher\YRefresher.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Archivos de programa\YRefresher\YRefresher.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [CTSysVol] C:\Archivos de programa\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd) O4 - HKLM..\Run: [ISUSPM Startup] C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe (Logitech Inc.) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) O4 - HKLM..\Run: [McPvTray_exe] C:\Archivos de programa\McAfee\MAT\McPvTray.exe (McAfee, Inc.) O4 - HKLM..\Run: [mcui_exe] C:\Archivos de programa\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation) O4 - HKLM..\Run: [PrnStatusMX] C:\Archivos de programa\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.) O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found O4 - HKLM..\Run: [WatchDog] C:\Archivos de programa\mobile PhoneTools\WatchDog.exe () O4 - HKCU..\Run: [NBJ] C:\Archivos de programa\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG) O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Logitech SetPoint.lnk = C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &eBay Search - Reg Error: Value error. File not found O8 - Extra context menu item: &MSN Suche - Reg Error: Value error. File not found O8 - Extra context menu item: &Silently send to default data store - C:\Archivos de programa\Queue\addToStore.html () O8 - Extra context menu item: &Yahoo! Search - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M] O8 - Extra context menu item: Add link to &queue - C:\Archivos de programa\Queue\addPage.html () O8 - Extra context menu item: Add to &data store... - C:\Archivos de programa\Queue\addToStore.html () O8 - Extra context menu item: Add to &queue - C:\Archivos de programa\Queue\addPage.html () O8 - Extra context menu item: Go to Queue &Web site - C:\Archivos de programa\Queue\website.html () O8 - Extra context menu item: Pop page from &queue - C:\Archivos de programa\Queue\removePage.html () O8 - Extra context menu item: Sea&rch stores - C:\Archivos de programa\Queue\searchStores.html () O8 - Extra context menu item: Yahoo! &Dictionary - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M] O8 - Extra context menu item: Yahoo! &Maps - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M] O8 - Extra context menu item: Yahoo! &SMS - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M] O9 - Extra 'Tools' menuitem : Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.) O9 - Extra Button: Webpage Capture - {1F958B09-6612-7a0e-9223-4C7324C57B23} - C:\Archivos de programa\Webpage Capture\Webpage Capture.exe (Endicosoft.com) O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Archivos de programa\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.) O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - Reg Error: Value error. File not found O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Archivos de programa\ICQ6\ICQ.exe (ICQ, Inc.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Archivos de programa\ICQ6\ICQ.exe (ICQ, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (Reg Error: Key error.) O16 - DPF: {2685A3D0-1459-45EE-8426-5B8CF98899A8} hxxp://www.metacrawler1.de/metabar/metabar.cab (Reg Error: Key error.) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} Reg Error: Key error. (Reg Error: Key error.) O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab (Reg Error: Key error.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259167718062 (MUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.) O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Archivos de programa\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) O20 - AppInit_DLLs: (C:\ARCHIV~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL) - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No CLSID value found. O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\xp\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\xp\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Archivos de programa\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Archivos de programa\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/04/06 19:56:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/06/17 01:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Escritorio\VIRUS [2012/06/16 23:22:45 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ESET [2012/06/16 22:10:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Systweak [2012/06/16 22:08:35 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe [2012/06/16 22:08:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\RegClean Pro [2012/06/16 15:37:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\xp\Recent [2012/06/15 21:24:42 | 000,039,936 | ---- | C] (CurioLab S.M.B.A.) -- C:\WINDOWS\System32\drivers\extit.sys [2012/06/15 20:55:40 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Exterminate It! [2012/06/15 20:17:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Curiolab [2012/06/15 17:30:39 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012/06/08 19:24:29 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012/06/08 17:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\McAfee [2012/06/08 17:16:03 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee eliminieren [2012/06/08 16:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\McAfee Anti-Theft [2012/06/08 16:10:35 | 000,054,776 | ---- | C] (Mozy, Inc.) -- C:\WINDOWS\System32\drivers\MOBK.sys [2012/06/08 16:10:21 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee Online Backup [2012/06/08 16:09:42 | 000,064,048 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\McPvDrv.sys [2012/06/08 16:09:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\McAfee [2012/06/08 16:08:44 | 000,009,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys [2012/06/08 16:08:39 | 000,089,792 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys [2012/06/08 16:08:39 | 000,087,656 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys [2012/06/08 16:08:39 | 000,083,856 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys [2012/06/08 16:08:38 | 000,340,920 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys [2012/06/08 16:08:38 | 000,180,848 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys [2012/06/08 16:08:38 | 000,059,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys [2012/06/08 16:08:38 | 000,057,600 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys [2012/06/08 16:08:34 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Mcafee [2012/06/08 16:08:33 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee.com [2012/06/08 16:08:17 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee [2012/06/08 15:57:51 | 000,151,880 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe [2012/06/08 15:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\McAfee [2012/06/08 13:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\SUPERAntiSpyware.com [2012/06/08 13:37:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\SUPERAntiSpyware.com [2012/06/08 13:37:24 | 000,000,000 | ---D | C] -- C:\Archivos de programa\SUPERAntiSpyware [2012/06/08 10:08:25 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Citrix [2012/06/08 10:07:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Configuración local\Datos de programa\Citrix [2012/06/06 01:39:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes' Anti-Malware [2012/06/06 01:38:59 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware [2012/06/06 01:04:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Auslogics [2012/06/06 01:03:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Auslogics [2012/06/06 01:03:36 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Auslogics [2012/06/06 01:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Malwarebytes [2012/06/06 00:53:12 | 000,000,000 | ---D | C] -- C:\Archivos de programa\CCleaner [2012/06/05 23:21:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\xp\Escritorio\Festplatte aufräumen [2012/06/05 17:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\TEMP [2012/06/05 05:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes [2010/12/29 20:38:02 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\xp\Datos de programa\pcouffin.sys [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/06/17 02:45:00 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/06/17 02:31:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/06/17 02:30:16 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/06/17 02:29:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/06/17 02:29:44 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys [2012/06/17 02:19:00 | 000,000,344 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2012/06/17 01:56:48 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\xp\defogger_reenable [2012/06/17 01:30:03 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/06/17 00:45:26 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{625482C6-11A8-43E9-BC0A-A608AD8BEA0E}.job [2012/06/16 22:11:16 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job [2012/06/16 22:11:14 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job [2012/06/16 21:37:05 | 000,000,532 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job [2012/06/16 14:39:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2012/06/15 23:20:03 | 000,000,834 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2012/06/15 21:36:16 | 000,017,182 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120615_213607.reg [2012/06/15 21:24:42 | 000,039,936 | ---- | M] (CurioLab S.M.B.A.) -- C:\WINDOWS\System32\drivers\extit.sys [2012/06/15 14:35:14 | 001,430,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/06/08 20:18:48 | 000,010,244 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_201842.reg [2012/06/08 19:22:52 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\McAfee Virtual Technician.lnk [2012/06/08 17:39:56 | 000,029,388 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_173943.reg [2012/06/08 16:50:29 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\McAfee Total Protection.lnk [2012/06/08 16:48:14 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\McAfee Online Backup.lnk [2012/06/08 16:25:43 | 000,000,426 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\Cajas fuertes de McAfee.lnk [2012/06/08 16:23:14 | 000,002,930 | ---- | M] () -- C:\WINDOWS\MOBK.blk [2012/06/08 16:23:13 | 000,000,614 | ---- | M] () -- C:\WINDOWS\MOBK.flt [2012/06/08 13:41:02 | 000,000,921 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\virushosts [2012/06/08 10:07:49 | 000,103,784 | ---- | M] () -- C:\Documents and Settings\xp\GoToAssistDownloadHelper.exe [2012/06/07 14:40:25 | 000,017,408 | ---- | M] () -- C:\conf.dat [2012/06/06 22:42:11 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job [2012/06/06 15:16:18 | 000,654,660 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120606_151535.reg [2012/06/06 00:28:25 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/06/04 20:59:12 | 000,465,456 | ---- | M] () -- C:\PoliFix.exe [2012/06/04 16:34:33 | 000,163,840 | RHS- | M] () -- C:\WINDOWS\System32\MFC71KORR.dll [2012/06/04 15:45:35 | 000,002,551 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\Microsoft Word.lnk [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/06/17 01:56:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\xp\defogger_reenable [2012/06/16 22:11:16 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job [2012/06/16 22:11:14 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job [2012/06/16 22:08:33 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\RegClean Pro.lnk [2012/06/16 12:11:53 | 000,465,456 | ---- | C] () -- C:\PoliFix.exe [2012/06/15 21:36:13 | 000,017,182 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120615_213607.reg [2012/06/15 20:55:44 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Exterminate It!.lnk [2012/06/15 14:12:33 | 000,000,532 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job [2012/06/08 20:18:46 | 000,010,244 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_201842.reg [2012/06/08 19:22:52 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\McAfee Virtual Technician.lnk [2012/06/08 19:22:09 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\McAfee Virtual Technician.lnk [2012/06/08 17:39:54 | 000,029,388 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_173943.reg [2012/06/08 16:50:29 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\McAfee Total Protection.lnk [2012/06/08 16:25:43 | 000,000,426 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\Cajas fuertes de McAfee.lnk [2012/06/08 16:25:28 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\McAfee Online Backup.lnk [2012/06/08 10:07:47 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\xp\GoToAssistDownloadHelper.exe [2012/06/07 00:26:45 | 000,017,408 | ---- | C] () -- C:\conf.dat [2012/06/06 15:15:49 | 000,654,660 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120606_151535.reg [2012/06/06 01:18:02 | 2147,012,608 | -HS- | C] () -- C:\hiberfil.sys [2012/06/04 20:28:13 | 000,001,599 | ---- | C] () -- C:\Asistencia remota.lnk [2012/06/04 16:34:33 | 000,163,840 | RHS- | C] () -- C:\WINDOWS\System32\MFC71KORR.dll [2012/04/27 11:18:41 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll [2012/04/27 11:18:40 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll [2012/02/18 17:54:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2010/12/29 20:38:02 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\inst.exe [2010/12/29 20:38:02 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\pcouffin.cat [2010/12/29 20:38:02 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\pcouffin.inf [2010/10/15 20:14:40 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010/08/31 22:47:12 | 000,000,345 | ---- | C] () -- C:\WINDOWS\hgw.ini [2010/07/30 19:50:07 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe ========== LOP Check ========== [2008/05/07 20:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Autodesk [2005/12/10 18:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Avanquest Software [2006/02/16 01:33:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\BVRP Software [2007/10/20 15:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Earthsim [2010/10/16 00:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ICQ [2010/08/16 14:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Merscom [2006/02/26 13:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\MSN Search Toolbar [2005/09/03 02:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PACE Anti-Piracy [2007/10/25 19:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PC Drivers Headquarters [2007/10/23 00:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\SecTaskMan [2008/05/30 15:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Tages [2012/06/15 13:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TEMP [2006/12/03 19:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Zabersoft [2010/03/12 19:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Zylom [2010/08/16 19:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2007/02/15 20:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Ascaron Entertainment [2012/06/06 02:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Auslogics [2008/05/10 02:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Autodesk [2012/06/15 20:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Curiolab [2010/07/31 01:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Desktop Sidebar [2010/04/28 16:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Glory of the Roman Empire [2010/08/16 15:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Got Game Entertainment [2010/10/16 00:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ICQ [2005/04/14 23:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ICQLite [2009/03/06 19:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Imperium Romanum [2005/04/09 12:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Leadertech [2009/12/09 19:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Marvell [2010/08/16 14:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Merscom [2006/02/26 13:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\MSN Search Toolbar [2007/03/18 14:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\OfficeUpdate12 [2008/12/10 23:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Skinux [2007/10/28 14:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Smart Recorder [2012/06/16 22:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Systweak [2010/12/29 21:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Vso [2006/11/15 23:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\WholeSecurity [2008/12/06 23:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Desktop Search [2008/04/16 18:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Live Writer [2009/03/09 20:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Search [2010/12/29 23:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\XMedia Recode [2012/06/06 22:42:11 | 000,000,430 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job [2012/06/17 02:19:00 | 000,000,344 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2012/06/16 22:11:16 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job [2012/06/16 22:11:14 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job [2012/06/16 21:37:05 | 000,000,532 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job [2012/06/17 00:45:26 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{625482C6-11A8-43E9-BC0A-A608AD8BEA0E}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\xvid.ax:SummaryInformation @Alternate Data Stream - 866 bytes -> C:\Archivos de programa\Outlook Express:keadL8gUyqkM3X0b9tYi @Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:07BF512B < End of report > --------------------------------------------------------------- Geändert von martinalejan (16.06.2012 um 23:19 Uhr) |
Themen zu 2. Google Umleitung auf "secure.bidvertiser" |
alternate, anmeldung, bingbar, blöde, bräuchte, calculator, computer, einfach, exterminate, forum, frage, fragen, google, installiert, intranet, kompetent, mcafee, meldung, pirates, plug-in, problem, regclean, regclean pro, remote control, searchscopes, seite, seiten, sp3, starmoney, suche, thomson, total, tower, umgeleitet, umleitung, version=1.0, viren, virus, windows, windows internet, windows xp |