Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Virus


  • Please log in to reply
11 replies to this topic

#1 regulov

regulov

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 25 September 2010 - 12:34 AM

I know i have some virus. I have a m1330 Dell XPS. I execute PC restore completely, and have the same problem. I look for recents files in the partition with the master copy to generate the system again, and found 3 files with a name like 6.0.6002.18005_001c11ba_blobs into the folder winsxs/manifest cache or something like that. I copy it to a pendrive with another name and deleted from the master copy. I did a pc restore again, but the problem is the same. Ie is extremely slow, when i try to open something it say "Internet explorer no puede abrir este sitio, operaciòn anulada" (sorry, in spanish), if i try to close that tab it say "Esta ventana està ocupada. Si cierra esta ventana puede tener problemas. ¿desea cerrarla de todos modos?". And i have another computer whit the pages, like youtube or anything else. When i tried to run gmer i got a blue screen and hang up twice, so i couldn't do that.


DDS (Ver_10-03-17.01) - NTFSx86
Run by reguloh at 23:53:02,05 on 24/09/2010
Internet Explorer: 7.0.6000.16512
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.58.3082.18.2045.1039 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: McAfee VirusScan *enabled* (Outdated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\STacSV.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\mcafee\msc\mcuimgr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\reguloh\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www1.la.dell.com/content/default.aspx?c=ve&l=es&s=gen
uWindow Title = Internet Explorer provided by Dell
BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptcl.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [<NO NAME>]
mRun: [MskAgentexe] c:\program files\mcafee\msk\MskAgent.exe
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [dscactivate] c:\dell\dsca.exe 3
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bttray.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Enviar página al dispositivo &Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

============= SERVICES / DRIVERS ===============

R2 McAfee HackerWatch Service;McAfee HackerWatch Service;c:\program files\common files\mcafee\hackerwatch\HWAPI.exe [2007-10-27 540776]
R2 mcpromgr;McAfee Protection Manager;c:\progra~1\mcafee\msc\mcpromgr.exe [2007-10-27 493144]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-10-27 352856]
R2 McRedirector;McAfee Redirector Service;c:\progra~1\common~1\mcafee\redirsvc\redirsvc.exe [2007-10-27 248416]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-10-27 144960]
R2 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-10-27 643664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-10-27 179712]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2007-10-27 71496]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2007-10-27 34184]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2007-10-27 170408]
R3 mfesmfk;McAfee Inc.;c:\windows\system32\drivers\mfesmfk.sys [2007-10-27 37480]
S2 0036861285382661mcinstcleanup;McAfee Application Installer Cleanup (0036861285382661);c:\windows\temp\003686~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\003686~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]
S3 mferkdk;McAfee Inc.;c:\windows\system32\drivers\mferkdk.sys [2007-10-27 32008]

=============== Created Last 30 ================

2010-09-25 03:48:19 0 ----a-w- c:\users\reguloh\defogger_reenable
2010-09-25 02:50:18 0 d-----w- c:\users\reguloh\Bluetooth Software
2010-09-25 02:44:35 0 d-sh--we c:\programdata\Plantillas
2010-09-25 02:44:35 0 d-sh--we c:\programdata\Menú Inicio
2010-09-25 02:44:35 0 d-sh--we c:\programdata\Favoritos
2010-09-25 02:44:35 0 d-sh--we c:\programdata\Escritorio
2010-09-25 02:44:35 0 d-sh--we c:\programdata\Documentos
2010-09-25 02:44:35 0 d-sh--we c:\programdata\Datos de programa
2010-09-25 02:44:35 0 d-sh--we c:\program files\Archivos comunes
2010-09-25 02:44:35 0 d-sh--we C:\Archivos de programa

==================== Find3M ====================

2010-09-25 03:48:52 687582 ----a-w- c:\windows\system32\perfh00A.dat
2010-09-25 03:48:52 122196 ----a-w- c:\windows\system32\perfc00A.dat
2007-10-27 12:34:59 665600 ----a-w- c:\windows\inf\drvindex.dat
2007-10-27 05:05:32 86016 ----a-w- c:\windows\inf\infstrng.dat
2007-10-27 05:05:32 51200 ----a-w- c:\windows\inf\infpub.dat
2007-10-27 05:05:31 86016 ----a-w- c:\windows\inf\infstor.dat
2006-11-02 15:43:35 40258 ----a-w- c:\windows\inf\perflib\0c0a\perfd.dat
2006-11-02 15:43:35 40258 ----a-w- c:\windows\inf\perflib\0c0a\perfc.dat
2006-11-02 15:43:35 336930 ----a-w- c:\windows\inf\perflib\0c0a\perfi.dat
2006-11-02 15:43:35 336930 ----a-w- c:\windows\inf\perflib\0c0a\perfh.dat
2006-11-02 12:50:50 174 --sha-w- c:\program files\desktop.ini
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2007-10-27 04:51:36 76 --sha-r- c:\windows\CT4CET.bin
2007-10-27 12:34:59 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 23:53:19,92 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:58 AM

Posted 30 September 2010 - 10:05 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    nvraid.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 regulov

regulov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 04 October 2010 - 06:33 PM

Hi mirty. Sorry, i delete all the computer and reinstalled everything. But i have to tell you some things. I have the problem in a laptop XPS m1330 dell. It has a second partition with the vista master copy. The times i have to reinstalled all the software i use that copy (with some keystrokes when it reboots). But at this time the problem was the same: the internet explorer was slower in a time since a reboot until it just stoped. every time i reboot was the same. I decided reinstalled from the master copy and the problem was the same after 2 or 3 hours. I remembered i had the original dvd's (vista and drivers) so i installed from them. Well... The problem was solved. So the virus (still) is on the master copy partition. My laptop is ok now, but i know the virus is there. If you wan i do anything, please tell me and i will do it in order you to gain some experience : ) . Well this is all for now, thanks a lot to try to help me.

Régulo

#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:58 AM

Posted 05 October 2010 - 03:52 AM

Hi,

when you restored your PC, did you use "reset to factory settings" or did you restore from a backup you made more recently?

The restore partitions usually are read only partitions, so that no program can write onto them from your Vista installation.

We can run a couple of scans to make sure your PC is clean if you want to be safe, but normally after a reinstall you should be clean.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 regulov

regulov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 05 October 2010 - 08:05 AM

Yes, i used "reset to factory settings". I know the virus is still there. I cannot use this way again, beacuse the virus will be active again. I deteled 2 files i found was created 3 years after i bought the computer, and i thought could be suspicius, so if i did that anything could be written there. I would appreciate if we could run the your scans. So tell me please what to do. Thanks again... Régulo

#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:58 AM

Posted 05 October 2010 - 08:59 AM

Hi,

please run OTL from my previous post then.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 regulov

regulov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 05 October 2010 - 11:19 AM

Ok, Here you got it

Thanks Again

RV

Attached Files



#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:58 AM

Posted 06 October 2010 - 04:20 AM

Hi,

You have an infected flash drive that has been recently attached to your PC as drive G:
please run this fix:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    CODE
    :otl
    O33 - MountPoints2\{01ba42b9-cfb7-11df-8489-001c26dee538}\Shell\AutoRun\command - "" = G:\winnamp\winn.exe -- File not found
    O33 - MountPoints2\{01ba42b9-cfb7-11df-8489-001c26dee538}\Shell\explore\command - "" = G:\winnamp\winn.exe -- File not found
    O33 - MountPoints2\{01ba42b9-cfb7-11df-8489-001c26dee538}\Shell\open\command - "" = G:\winnamp\winn.exe -- File not found
    :files
    C:\Windows\tasks\at*.job
  • Then click the Run Fix button at the top
  • Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  • Please post that log in your next reply.

    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.
    If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
================================Follow up scan=================================
  • Double click on OTL to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open one notepad window. OTL.Txt a This is saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it with your next reply.

Please also run a scan with Rootkit Unhooker:
Please download Rootkit Unhooker and save it to your Desktop
  • Double-click on RKUnhookerLE to run it
  • Click the Report tab, then click Scan
  • Check Drivers, Stealth, and uncheck the rest
  • Click OK
  • Wait until it's finished and then go to File > Save Report
  • Save the report to your Desktop
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 regulov

regulov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 06 October 2010 - 01:55 PM

OTL logfile created on: 06/10/2010 09:26:51 a.m. - Run 3
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\reguloh\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 0000200a | Country: Republica Bolivariana de Venezuela | Language: ESV | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.47 Gb Total Space | 39.64 Gb Free Space | 29.05% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.09 Gb Free Space | 60.95% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 74.52 Gb Total Space | 26.67 Gb Free Space | 35.79% Space Free | Partition Type: NTFS

Computer Name: CREGULOH
Current User Name: reguloh
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\reguloh\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Archivos de programa\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Archivos de programa\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Archivos de programa\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia)
PRC - C:\Users\reguloh\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Archivos de programa\Dell\DELL Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
PRC - C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
PRC - C:\Archivos de programa\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
PRC - C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
PRC - C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Archivos de programa\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\reguloh\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Archivos de programa\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
SRV - (IAANTMON) Intel® -- C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (DFUBTUSB) -- C:\Windows\System32\Drivers\frmupgr.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (OEM02Dev) -- C:\Windows\System32\drivers\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (OEM02Vfx) -- C:\Windows\System32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Controlador de adaptador Intel® -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/10/04 08:35:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/05 11:08:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/05 11:08:51 | 000,000,000 | ---D | M]

[2010/09/25 22:08:41 | 000,000,000 | ---D | M] -- C:\Users\reguloh\AppData\Roaming\mozilla\Extensions
[2010/09/25 22:08:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\reguloh\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/09/28 08:43:50 | 000,000,000 | ---D | M] -- C:\Users\reguloh\AppData\Roaming\mozilla\Firefox\Profiles\jbevct9g.default\extensions
[2010/10/06 08:48:50 | 000,000,000 | ---D | M] -- C:\Archivos de programa\Mozilla Firefox\extensions
[2010/09/25 22:08:29 | 000,000,000 | ---D | M] (Default) -- C:\Archivos de programa\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/10/01 10:54:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/09/14 19:03:23 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Archivos de programa\Mozilla Firefox\components\browserdirprovider.dll
[2010/09/14 19:03:23 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Archivos de programa\Mozilla Firefox\components\brwsrcmp.dll
[2010/10/01 10:54:09 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/14 19:03:23 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Archivos de programa\Mozilla Firefox\plugins\npnul32.dll
[2010/08/13 07:03:40 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\nppdf32.dll
[2010/10/05 11:08:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin.dll
[2010/10/05 11:08:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin2.dll
[2010/10/05 11:08:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin3.dll
[2010/10/05 11:08:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin4.dll
[2010/10/05 11:08:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin5.dll
[2010/10/05 11:08:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin6.dll
[2010/10/05 11:08:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin7.dll
[2010/09/14 17:13:13 | 000,001,534 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/09/14 17:13:13 | 000,003,996 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\drae.xml
[2010/09/14 17:13:13 | 000,000,751 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\eBay-es.xml
[2010/09/14 17:13:13 | 000,002,371 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\google.xml
[2010/09/14 17:13:13 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\wikipedia-es.xml
[2010/09/14 17:13:13 | 000,001,102 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\yahoo-es.xml

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAAnotif] C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Archivos de programa\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DELL Webcam Manager] C:\Program Files\Dell\DELL Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\reguloh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\reguloh\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.44.32.12 200.11.248.12 249.0.29.137
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Archivos de programa\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/03/12 08:33:02 | 000,020,480 | ---- | M] () - Z:\Autorizacion Banorte para U.S. $ efectivo.doc -- [ NTFS ]
O33 - MountPoints2\{27d0488c-c906-11df-8bba-001c26dee538}\Shell\AutoRun\command - "" = F:\wubi.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/06 09:21:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/10/05 11:09:24 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\reguloh\Desktop\OTL.exe
[2010/10/05 11:07:46 | 000,000,000 | ---D | C] -- C:\Archivos de programa\QuickTime
[2010/10/05 11:07:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/10/05 11:06:57 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Apple
[2010/10/05 11:06:41 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Local\Apple
[2010/10/05 11:06:37 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Apple Software Update
[2010/10/05 11:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/10/04 09:27:10 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/10/04 08:55:46 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010/10/04 08:38:03 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2010/10/04 08:38:03 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2010/10/04 08:38:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2010/10/04 08:36:10 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\PC Suite
[2010/10/04 08:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010/10/04 08:36:06 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\Nokia
[2010/10/04 08:35:20 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\PCSuite
[2010/10/04 08:35:16 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Nokia
[2010/10/04 08:35:06 | 000,000,000 | ---D | C] -- C:\Archivos de programa\DIFX
[2010/10/04 08:35:05 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010/10/04 08:34:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/10/04 08:34:23 | 000,000,000 | ---D | C] -- C:\Archivos de programa\PC Connectivity Solution
[2010/10/04 08:32:41 | 000,092,672 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2010/10/04 08:32:41 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Nokia
[2010/10/04 08:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2010/10/04 08:30:59 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\Comprimidos
[2010/10/01 10:54:27 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/10/01 10:54:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/10/01 10:54:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/09/28 23:07:47 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\WinRAR
[2010/09/28 23:07:38 | 000,000,000 | ---D | C] -- C:\Archivos de programa\WinRAR
[2010/09/28 09:58:02 | 000,022,856 | ---- | C] (Softland) -- C:\Windows\System32\dopdfmn7.dll
[2010/09/28 09:58:02 | 000,019,784 | ---- | C] (Softland) -- C:\Windows\System32\dopdfmi7.dll
[2010/09/28 09:58:02 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\Softland
[2010/09/28 09:58:01 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll
[2010/09/28 09:58:01 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Softland
[2010/09/28 08:51:37 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Silverlight
[2010/09/28 08:49:15 | 000,000,000 | ---D | C] -- C:\Archivos de programa\MSECache
[2010/09/27 17:10:11 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\Dropbox
[2010/09/27 10:05:53 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\Audio libros
[2010/09/27 10:04:14 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\ebooks
[2010/09/27 09:48:12 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Adobe
[2010/09/26 17:13:11 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/09/26 17:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/09/26 17:13:08 | 000,000,000 | ---D | C] -- C:\Archivos de programa\TweetDeck
[2010/09/26 17:13:06 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Adobe AIR
[2010/09/26 17:13:06 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Adobe
[2010/09/26 13:13:31 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Local\Adobe
[2010/09/26 10:54:51 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Application Data
[2010/09/26 01:38:33 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/09/26 01:38:33 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/09/26 01:37:54 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/09/26 01:37:54 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/09/26 01:37:54 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/09/26 01:37:39 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/09/26 01:37:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/09/26 00:18:56 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\GRETECH
[2010/09/25 23:43:19 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Tracing
[2010/09/25 23:42:40 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft
[2010/09/25 23:42:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/09/25 23:42:14 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Windows Live SkyDrive
[2010/09/25 23:42:00 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Windows Live
[2010/09/25 23:35:56 | 000,000,000 | ---D | C] -- C:\Archivos de programa\GRETECH
[2010/09/25 23:08:08 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Windows Live
[2010/09/25 22:08:33 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\Mozilla
[2010/09/25 22:08:33 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Local\Mozilla
[2010/09/25 22:08:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Mozilla Firefox
[2010/09/25 22:01:06 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\Outlook
[2010/09/25 22:00:58 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Documents\My Dropbox
[2010/09/25 22:00:58 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\Mis archivos recibidos
[2010/09/25 22:00:58 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\Mis accesos al servidor
[2010/09/25 22:00:58 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\Mis accesos al laptop
[2010/09/25 22:00:43 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\Cuentas
[2010/09/25 22:00:39 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\Borrar
[2010/09/25 21:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/09/25 21:39:49 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/09/25 21:31:28 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdimon.dll
[2010/09/25 21:28:12 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\DESIGNER
[2010/09/25 21:28:10 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Works
[2010/09/25 21:27:58 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Visual Studio
[2010/09/25 21:27:34 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/09/25 21:27:34 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft.NET
[2010/09/25 21:27:33 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Office
[2010/09/25 21:26:00 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/09/25 21:22:34 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\DELL Webcam Center
[2010/09/25 21:22:33 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\Creative
[2010/09/25 20:35:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2010/09/25 20:35:42 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Reallusion
[2010/09/25 20:35:18 | 005,627,904 | ---- | C] (Reallusion Inc.) -- C:\Windows\System32\LiveCamVirtual.ocx
[2010/09/25 20:35:18 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Creative
[2010/09/25 20:35:07 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\InstallShield
[2010/09/25 20:34:53 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2010/09/25 20:34:53 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
[2010/09/25 20:34:52 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.DLL
[2010/09/25 20:34:46 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Creative Live! Cam
[2010/09/25 20:34:23 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Creative
[2010/09/25 20:20:33 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\Macromedia
[2010/09/25 20:20:33 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\Adobe
[2010/09/25 20:20:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/09/25 20:14:28 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Java
[2010/09/25 20:14:28 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Java
[2010/09/25 20:10:19 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Documents\Directorio de intercambio Bluetooth
[2010/09/25 20:10:19 | 000,000,000 | ---D | C] -- C:\Users\reguloh\Bluetooth Software
[2010/09/25 20:08:55 | 000,080,176 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys
[2010/09/25 20:08:55 | 000,016,560 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys
[2010/09/25 20:08:54 | 000,078,128 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys
[2010/09/25 20:08:51 | 000,229,376 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\BtwRSupport.dll
[2010/09/25 20:08:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-MX
[2010/09/25 20:08:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-AR
[2010/09/25 20:08:36 | 000,000,000 | ---D | C] -- C:\Archivos de programa\WIDCOMM
[2010/09/25 20:01:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\ESP
[2010/09/25 20:01:01 | 000,936,728 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\imsmudlg.exe
[2010/09/25 20:01:01 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2010/09/25 20:01:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/09/25 20:00:47 | 000,277,784 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys
[2010/09/25 19:54:26 | 000,094,208 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
[2010/09/25 19:54:25 | 001,601,536 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stlang.dll
[2010/09/25 19:54:24 | 004,952,064 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stacgui.cpl
[2010/09/25 19:53:50 | 000,144,896 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\staco.dll
[2010/09/25 19:53:49 | 000,587,776 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stapo.dll
[2010/09/25 19:53:49 | 000,492,544 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctapo32.dll
[2010/09/25 19:53:49 | 000,326,656 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2010/09/25 19:53:49 | 000,326,144 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stcplx.dll
[2010/09/25 19:53:49 | 000,244,736 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stapi32.dll
[2010/09/25 19:53:49 | 000,045,568 | ---- | C] (Creative Technology Ltd) -- C:\Windows\System32\ctppld.dll
[2010/09/25 19:53:49 | 000,000,000 | ---D | C] -- C:\Archivos de programa\SigmaTel
[2010/09/25 19:50:12 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Synaptics
[2010/09/25 19:49:23 | 000,196,608 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCtrl.dll
[2010/09/25 19:49:23 | 000,182,456 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys
[2010/09/25 19:49:23 | 000,163,840 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCOM.dll
[2010/09/25 19:49:23 | 000,143,360 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPAPI.dll
[2010/09/25 19:49:23 | 000,110,592 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPCo4.dll
[2010/09/25 19:46:04 | 000,000,000 | -H-D | C] -- C:\Archivos de programa\InstallShield Installation Information
[2010/09/25 19:46:01 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\System32\cximage.dll
[2010/09/25 19:46:01 | 000,385,024 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.dll
[2010/09/25 19:46:01 | 000,331,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.crl
[2010/09/25 19:46:01 | 000,235,584 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Dev.sys
[2010/09/25 19:46:01 | 000,141,376 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Afx.sys
[2010/09/25 19:46:01 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe
[2010/09/25 19:46:01 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.dll
[2010/09/25 19:46:01 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
[2010/09/25 19:46:01 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\CtCamMgr.dll
[2010/09/25 19:46:01 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Hwx.dll
[2010/09/25 19:46:01 | 000,028,672 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Cfg.exe
[2010/09/25 19:46:01 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Srv.exe
[2010/09/25 19:46:01 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.crl
[2010/09/25 19:46:01 | 000,007,424 | ---- | C] (EyePower Games Pte. Ltd.) -- C:\Windows\System32\drivers\OEM02Vfx.sys
[2010/09/25 19:35:11 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2010/09/25 19:35:05 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\InstallShield
[2010/09/25 19:35:02 | 007,110,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010/09/25 19:35:02 | 006,844,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010/09/25 19:35:02 | 003,620,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvsr.dll
[2010/09/25 19:35:02 | 003,395,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvs.dll
[2010/09/25 19:35:02 | 003,235,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgamesr.dll
[2010/09/25 19:35:02 | 003,145,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgames.dll
[2010/09/25 19:35:02 | 002,854,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmoblsr.dll
[2010/09/25 19:35:02 | 002,379,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwssr.dll
[2010/09/25 19:35:02 | 002,113,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwss.dll
[2010/09/25 19:35:02 | 001,410,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010/09/25 19:35:02 | 000,958,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmobls.dll
[2010/09/25 19:35:02 | 000,458,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccssr.dll
[2010/09/25 19:35:02 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe
[2010/09/25 19:35:02 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2010/09/25 19:35:02 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccs.dll
[2010/09/25 19:35:02 | 000,188,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccss.dll
[2010/09/25 19:35:02 | 000,086,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2010/09/25 19:35:02 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2010/09/25 19:35:02 | 000,067,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhotkey.dll
[2010/09/25 19:35:02 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccsrs.dll
[2010/09/25 19:35:01 | 008,433,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010/09/25 19:35:01 | 006,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdisps.dll
[2010/09/25 19:35:01 | 005,427,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispsr.dll
[2010/09/25 19:35:01 | 004,763,648 | ---- | C] (NVidia Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010/09/25 19:35:01 | 001,069,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll
[2010/09/25 19:35:01 | 000,815,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcplui.exe
[2010/09/25 19:35:01 | 000,521,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe
[2010/09/25 19:35:01 | 000,344,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010/09/25 19:35:01 | 000,143,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcolor.exe
[2010/09/25 19:35:01 | 000,073,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.cpl
[2010/09/25 19:35:01 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod100.dll
[2010/09/25 19:35:01 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010/09/25 19:32:15 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll
[2010/09/25 19:32:15 | 000,043,520 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2010/09/25 19:32:15 | 000,037,376 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2010/09/25 19:32:15 | 000,032,256 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2010/09/25 19:29:43 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/09/25 19:29:43 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2010/09/25 19:29:43 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010/09/25 19:29:37 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsquirt.exe
[2010/09/25 19:29:27 | 000,022,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\streamci.dll
[2010/09/25 18:49:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/09/25 18:48:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2010/09/25 18:48:09 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010/09/25 18:46:55 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Intel
[2010/09/25 18:46:47 | 000,000,000 | ---D | C] -- C:\Intel
[2010/09/25 18:46:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/09/25 18:46:28 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/09/25 18:45:32 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Broadcom
[2010/09/25 18:45:00 | 000,000,000 | ---D | C] -- C:\dell
[2010/09/25 18:29:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2010/09/25 18:29:05 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Dell
[2010/09/25 18:28:37 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/09/25 18:26:08 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Searches
[2010/09/25 18:26:00 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\Identities
[2010/09/25 18:25:58 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Contacts
[2010/09/25 18:25:57 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Local\VirtualStore
[2010/09/25 18:25:54 | 000,000,000 | --SD | C] -- C:\Users\reguloh\AppData\Roaming\Microsoft
[2010/09/25 18:25:54 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Videos
[2010/09/25 18:25:54 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Saved Games
[2010/09/25 18:25:54 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Pictures
[2010/09/25 18:25:54 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Music
[2010/09/25 18:25:54 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Links
[2010/09/25 18:25:54 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Favorites
[2010/09/25 18:25:54 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Downloads
[2010/09/25 18:25:54 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Documents
[2010/09/25 18:25:54 | 000,000,000 | R--D | C] -- C:\Users\reguloh\Desktop
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\AppData\Local\Temporary Internet Files
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\SendTo
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Reciente
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Plantillas
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Documents\Mis vídeos
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Documents\Mis imágenes
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Mis documentos
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Documents\Mi música
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Menú Inicio
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Impresoras
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\AppData\Local\Historial
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Entorno de red
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Datos de programa
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\AppData\Local\Datos de programa
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Cookies
[2010/09/25 18:25:54 | 000,000,000 | -HSD | C] -- C:\Users\reguloh\Configuración local
[2010/09/25 18:25:54 | 000,000,000 | -H-D | C] -- C:\Users\reguloh\AppData
[2010/09/25 18:25:54 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Local\Temp
[2010/09/25 18:25:54 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Local\Microsoft
[2010/09/25 18:25:54 | 000,000,000 | ---D | C] -- C:\Users\reguloh\AppData\Roaming\Media Center Programs
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plantillas
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mis vídeos
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mis imágenes
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mi música
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menú Inicio
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Escritorio
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Datos de programa
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\Archivos de programa
[2010/09/25 18:24:16 | 000,000,000 | -HSD | C] -- C:\Archivos de programa\Archivos comunes
[2010/09/25 13:46:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/09/25 13:45:47 | 000,000,000 | -HSD | C] -- C:\Boot
[2010/09/25 13:45:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2010/09/08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts

========== Files - Modified Within 30 Days ==========

[2010/10/06 09:27:52 | 001,572,864 | -HS- | M] () -- C:\Users\reguloh\NTUSER.DAT
[2010/10/06 08:57:46 | 000,102,361 | ---- | M] () -- C:\Users\reguloh\AppData\Roaming\nvModes.dat
[2010/10/06 08:57:43 | 000,102,361 | ---- | M] () -- C:\Users\reguloh\AppData\Roaming\nvModes.001
[2010/10/06 08:56:55 | 002,989,034 | -H-- | M] () -- C:\Users\reguloh\AppData\Local\IconCache.db
[2010/10/06 08:38:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/06 08:38:42 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/06 08:38:42 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/05 20:17:14 | 000,691,180 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2010/10/05 20:17:14 | 000,613,046 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/05 20:17:14 | 000,123,364 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2010/10/05 20:17:14 | 000,104,768 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/10/05 20:17:13 | 001,522,250 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/10/05 20:11:08 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/10/05 20:10:51 | 2145,431,552 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/05 17:05:53 | 000,002,614 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/10/05 12:05:44 | 000,092,672 | ---- | M] () -- C:\Users\reguloh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/05 11:08:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\reguloh\Desktop\OTL.exe
[2010/10/05 11:08:11 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/10/04 18:19:45 | 000,000,680 | ---- | M] () -- C:\Users\reguloh\AppData\Local\d3d9caps.dat
[2010/10/04 09:38:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/10/04 09:03:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010/10/04 09:03:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/10/04 08:58:43 | 000,369,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/04 08:55:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010/10/04 08:55:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/10/04 08:55:46 | 000,038,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010/10/04 08:55:46 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wdf01000.sys.mui
[2010/10/04 08:55:46 | 000,000,003 | ---- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010/10/04 08:38:03 | 000,567,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2010/10/04 08:38:03 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2010/10/04 08:38:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2010/10/04 08:35:23 | 000,001,903 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2010/10/01 10:54:09 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/10/01 10:54:09 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/10/01 10:54:09 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/10/01 10:54:09 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/09/28 13:35:20 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2010/09/27 17:10:54 | 000,000,943 | ---- | M] () -- C:\Users\reguloh\Desktop\Dropbox.lnk
[2010/09/27 17:10:54 | 000,000,923 | ---- | M] () -- C:\Users\reguloh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2010/09/27 10:17:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/09/27 10:17:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/27 09:48:37 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/09/26 17:13:08 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\TweetDeck.lnk
[2010/09/26 01:38:33 | 002,421,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/09/26 01:38:33 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/09/26 01:37:54 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/09/26 01:37:54 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/09/26 01:37:54 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/09/26 01:37:39 | 000,171,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/09/26 01:37:38 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/09/25 23:36:07 | 000,000,902 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2010/09/25 22:17:34 | 000,099,864 | ---- | M] () -- C:\Users\reguloh\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/09/25 22:08:35 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/09/25 22:08:30 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/09/25 22:01:49 | 000,000,000 | -H-- | M] () -- C:\Users\reguloh\Documents\Default.rdp
[2010/09/25 21:31:07 | 000,000,240 | ---- | M] () -- C:\Windows\win.ini
[2010/09/25 21:25:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf
[2010/09/25 20:36:10 | 000,000,076 | RHS- | M] () -- C:\Windows\CT4CET.bin
[2010/09/25 20:08:42 | 000,000,807 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
[2010/09/25 19:50:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/09/25 19:29:43 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/09/25 19:29:43 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2010/09/25 19:29:43 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010/09/25 19:29:37 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fsquirt.exe
[2010/09/25 19:29:27 | 000,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\streamci.dll
[2010/09/25 18:50:45 | 000,058,530 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/09/25 18:39:41 | 000,524,288 | -HS- | M] () -- C:\Users\reguloh\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/09/25 18:39:41 | 000,524,288 | -HS- | M] () -- C:\Users\reguloh\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/09/25 18:39:41 | 000,065,536 | -HS- | M] () -- C:\Users\reguloh\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/09/25 18:25:54 | 000,000,020 | -HS- | M] () -- C:\Users\reguloh\ntuser.ini
[2010/09/25 13:45:48 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/09/24 10:28:47 | 000,000,539 | ---- | M] () -- C:\Users\reguloh\Documents\Mis accesos al servidor.lnk
[2010/09/20 10:32:16 | 000,022,856 | ---- | M] (Softland) -- C:\Windows\System32\dopdfmn7.dll
[2010/09/20 10:32:16 | 000,019,784 | ---- | M] (Softland) -- C:\Windows\System32\dopdfmi7.dll
[2010/09/08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts

========== Files Created - No Company Name ==========

[2010/10/05 11:08:11 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/10/04 09:38:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/10/04 09:03:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010/10/04 09:03:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/10/04 08:55:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010/10/04 08:55:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/10/04 08:55:46 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010/10/04 08:35:23 | 000,001,903 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2010/09/28 09:58:02 | 000,007,549 | ---- | C] () -- C:\Windows\System32\dopdf7.ctm
[2010/09/27 17:10:54 | 000,000,943 | ---- | C] () -- C:\Users\reguloh\Desktop\Dropbox.lnk
[2010/09/27 17:10:54 | 000,000,923 | ---- | C] () -- C:\Users\reguloh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2010/09/27 10:17:31 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/09/27 10:17:31 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/09/27 09:48:37 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/09/26 17:13:08 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\TweetDeck.lnk
[2010/09/25 23:36:07 | 000,000,902 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2010/09/25 22:13:03 | 000,092,672 | ---- | C] () -- C:\Users\reguloh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/25 22:08:35 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/09/25 22:08:30 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/09/25 22:01:59 | 000,000,539 | ---- | C] () -- C:\Users\reguloh\Documents\Mis accesos al servidor.lnk
[2010/09/25 22:01:49 | 000,000,000 | -H-- | C] () -- C:\Users\reguloh\Documents\Default.rdp
[2010/09/25 21:31:32 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/09/25 20:36:10 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/09/25 20:08:42 | 000,000,807 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
[2010/09/25 19:50:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/09/25 19:49:23 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2010/09/25 19:48:05 | 000,102,361 | ---- | C] () -- C:\Users\reguloh\AppData\Roaming\nvModes.001
[2010/09/25 19:48:04 | 000,102,361 | ---- | C] () -- C:\Users\reguloh\AppData\Roaming\nvModes.dat
[2010/09/25 19:46:01 | 000,260,330 | ---- | C] () -- C:\Windows\System32\OEM02Cvw.bff
[2010/09/25 19:46:01 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02Pvc.bmp
[2010/09/25 19:46:01 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02PC.bmp
[2010/09/25 19:46:01 | 000,004,510 | ---- | C] () -- C:\Windows\OEM002.uns
[2010/09/25 19:35:02 | 000,081,050 | ---- | C] () -- C:\Windows\System32\nvwsapps.xml
[2010/09/25 19:35:01 | 000,111,544 | ---- | C] () -- C:\Windows\System32\nvapps.xml
[2010/09/25 19:35:01 | 000,006,054 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu
[2010/09/25 19:32:15 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2010/09/25 18:52:05 | 2145,431,552 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/25 18:50:16 | 000,002,614 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010/09/25 18:25:55 | 000,000,680 | ---- | C] () -- C:\Users\reguloh\AppData\Local\d3d9caps.dat
[2010/09/25 18:25:54 | 001,572,864 | -HS- | C] () -- C:\Users\reguloh\NTUSER.DAT
[2010/09/25 18:25:54 | 000,524,288 | -HS- | C] () -- C:\Users\reguloh\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/09/25 18:25:54 | 000,524,288 | -HS- | C] () -- C:\Users\reguloh\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/09/25 18:25:54 | 000,262,144 | -H-- | C] () -- C:\Users\reguloh\ntuser.dat.LOG1
[2010/09/25 18:25:54 | 000,065,536 | -HS- | C] () -- C:\Users\reguloh\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/09/25 18:25:54 | 000,000,020 | -HS- | C] () -- C:\Users\reguloh\ntuser.ini
[2010/09/25 18:25:54 | 000,000,000 | -H-- | C] () -- C:\Users\reguloh\ntuser.dat.LOG2
[2010/09/25 13:45:48 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010/09/25 13:45:47 | 000,438,840 | RHS- | C] () -- C:\bootmgr
[2010/09/25 13:45:23 | 000,000,036 | RH-- | C] () -- C:\Windows\DELL_VERSION
[2006/11/03 17:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003/04/11 13:14:14 | 000,005,827 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
< End of report >

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6000
Number of processors #2
==============================================
>Drivers
==============================================
0x8AF37000 C:\Windows\system32\DRIVERS\nvlddmkm.sys 7114752 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 101.43 )
0x81C00000 C:\Windows\system32\ntkrnlpa.exe 3805184 bytes (Microsoft Corporation, NT Kernel & System)
0x81C00000 PnpManager 3805184 bytes
0x81C00000 RAW 3805184 bytes
0x81C00000 WMIxWDM 3805184 bytes
0x91E00000 Win32k 2093056 bytes
0x91E00000 C:\Windows\System32\win32k.sys 2093056 bytes (Microsoft Corporation, Controlador Win32 multiusuario)
0x8B640000 C:\Windows\system32\DRIVERS\NETw3v32.sys 1835008 bytes (Intel® Corporation, Intel® Wireless LAN Driver)
0x876F8000 C:\Windows\System32\Drivers\Ntfs.sys 1081344 bytes (Microsoft Corporation, Controlador del sistema de archivos NTFS)
0x81AFC000 C:\Windows\system32\drivers\ndis.sys 1064960 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x8051F000 C:\Windows\system32\CI.dll 921600 bytes (Microsoft Corporation, Módulo de integridad de código)
0x99B22000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x8BA09000 C:\Windows\System32\drivers\tcpip.sys 856064 bytes (Microsoft Corporation, TCP/IP Driver)
0x8AAE2000 C:\Windows\System32\Drivers\dump_iaStor.sys 778240 bytes
0x806F8000 C:\Windows\system32\DRIVERS\iaStor.sys 778240 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x8AE9B000 C:\Windows\System32\drivers\dxgkrnl.sys 638976 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x98732000 C:\Windows\system32\drivers\spsys.sys 581632 bytes (Microsoft Corporation, security processor)
0x9551F000 C:\Windows\system32\drivers\btwaudio.sys 503808 bytes (Broadcom Corporation., Bluetooth Audio Device)
0x804AE000 C:\Windows\system32\drivers\Wdf01000.sys 462848 bytes (Microsoft Corporation, Motor en tiempo de ejecución del marco de controlador en modo kernel)
0x81A92000 C:\Windows\System32\Drivers\ksecdd.sys 434176 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x9559A000 C:\Windows\system32\drivers\btwavdt.sys 417792 bytes (Broadcom Corporation., Broadcom Bluetooth AVDT Service)
0x9939A000 C:\Windows\system32\drivers\HTTP.sys 417792 bytes (Microsoft Corporation, Pila del protocolo HTTP)
0x8BB6D000 C:\Windows\system32\drivers\stwrt.sys 339968 bytes (SigmaTel, Inc., NDRC)
0x8B9AF000 C:\Windows\system32\DRIVERS\rixdptsk.sys 331776 bytes (REDC, RICOH XD SM Driver)
0x80277000 C:\Windows\system32\mcupdate_GenuineIntel.dll 323584 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x99235000 C:\Windows\System32\DRIVERS\srv.sys 311296 bytes (Microsoft Corporation, Server driver)
0x807B6000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8BD77000 C:\Windows\system32\drivers\afd.sys 290816 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x8046B000 C:\Windows\system32\drivers\acpi.sys 274432 bytes (Microsoft Corporation, Controlador ACPI para NT)
0x8B916000 C:\Windows\system32\DRIVERS\storport.sys 262144 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8AE5E000 C:\Windows\system32\DRIVERS\USBPORT.SYS 249856 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8022B000 C:\Windows\system32\CLFS.SYS 241664 bytes (Microsoft Corporation, Common Log File System Driver)
0x8BCD3000 C:\Windows\system32\DRIVERS\rdbss.sys 241664 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x901B6000 C:\Windows\System32\Drivers\bthport.sys 237568 bytes (Microsoft Corporation, Controlador de bus Bluetooth)
0x9013F000 C:\Windows\system32\DRIVERS\OEM02Dev.sys 237568 bytes (Creative Technology Ltd., Video Capture Device Driver)
0x992B7000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x8062C000 C:\Windows\system32\drivers\NETIO.SYS 233472 bytes (Microsoft Corporation, Network I/O Subsystem)
0x81A5C000 C:\Windows\system32\drivers\volsnap.sys 221184 bytes (Microsoft Corporation, Controlador de instantánea de volumen)
0x81FA1000 ACPI_HAL 212992 bytes
0x81FA1000 C:\Windows\system32\hal.dll 212992 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x8B83C000 C:\Windows\system32\DRIVERS\usbhub.sys 212992 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x8BD45000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x806A0000 C:\Windows\system32\drivers\fltmgr.sys 200704 bytes (Microsoft Corporation, Administrador de filtros del sistema de archivos de Microsoft)
0x8AE2F000 C:\Windows\system32\DRIVERS\b57nd60x.sys 192512 bytes (Broadcom Corporation, Broadcom NetXtreme Gigabit Ethernet NDIS6.0 Driver.)
0x8BB40000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8B956000 C:\Windows\system32\DRIVERS\msiscsi.sys 176128 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x80665000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x986C7000 C:\Windows\system32\DRIVERS\nwifi.sys 176128 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x8B602000 C:\Windows\system32\DRIVERS\SynTP.sys 176128 bytes (Synaptics, Inc., Synaptics Touchpad Driver)
0x8B87A000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x90117000 C:\Windows\System32\Drivers\fastfat.SYS 163840 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x8B807000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x81A37000 C:\Windows\System32\drivers\ecache.sys 151552 bytes (Microsoft Corporation, Special Memory Device Cache)
0x80446000 C:\Windows\system32\drivers\pci.sys 151552 bytes (Microsoft Corporation, Enumerador PCI Plug and Play de NT)
0x99281000 C:\Windows\System32\DRIVERS\srv2.sys 147456 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x8B8C6000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x81A05000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8BB13000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x9930E000 C:\Windows\system32\drivers\mrxdav.sys 126976 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x806DA000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x992F0000 C:\Windows\system32\DRIVERS\mrxsmb.sys 122880 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x972C5000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, Controlador de filtros de virtualización de archivos LUA)
0x98609000 C:\Windows\System32\DRIVERS\srvnet.sys 110592 bytes (Microsoft Corporation, Server Network driver)
0x9019C000 C:\Windows\system32\DRIVERS\bthpan.sys 106496 bytes (Microsoft Corporation, Bluetooth Personal Area Networking)
0x9726B000 C:\Windows\system32\drivers\WudfPf.sys 106496 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x99341000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8BDE7000 C:\Windows\System32\drivers\fwpkclnt.sys 102400 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x8B981000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x8AE17000 C:\Windows\system32\DRIVERS\sdbus.sys 98304 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0x8BC72000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Client MUP Surrogate Driver)
0x8B8F4000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x90179000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0x97AEA000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x8BD2F000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, Programador de paquetes QoS)
0x8BDD2000 C:\Windows\system32\DRIVERS\tdx.sys 86016 bytes (Microsoft Corporation, TDI Translation Driver)
0x9932D000 C:\Windows\System32\drivers\mpsdrv.sys 81920 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8AE03000 C:\Windows\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0x8BDBE000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x8B62D000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, Controlador de puerto de i8042)
0x8B8B3000 C:\Windows\system32\DRIVERS\raspptp.sys 77824 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x986B4000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x8BD0E000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8AAD0000 C:\Windows\system32\DRIVERS\HDAudBus.sys 73728 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x992A5000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 73728 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x81A26000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x90000000 C:\Windows\system32\DRIVERS\rfcomm.sys 69632 bytes (Microsoft Corporation, Bluetooth RFCOMM Driver)
0x80690000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x88570000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x88530000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x8041D000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x88580000 C:\Windows\System32\Drivers\NDProxy.SYS 65536 bytes (Microsoft Corporation, NDIS Proxy)
0x88590000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x95400000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x80606000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x80615000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x8764B000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8B8A4000 C:\Windows\system32\DRIVERS\termdd.sys 61440 bytes (Microsoft Corporation, Terminal Server Driver)
0x80437000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x8AAC2000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xA0B2E000 C:\Windows\system32\DRIVERS\bthmodem.sys 57344 bytes (Microsoft Corporation, Bluetooth Communications Driver)
0x96410000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x8A400000 C:\Windows\system32\DRIVERS\intelppm.sys 57344 bytes (Microsoft Corporation, Processor Device Driver)
0x8BD21000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8BADA000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8040F000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8AAB4000 C:\Windows\system32\DRIVERS\rimmptsk.sys 57344 bytes (REDC, RICOH MMC Driver)
0x8AA09000 C:\Windows\system32\DRIVERS\usbehci.sys 57344 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8021D000 C:\Windows\system32\drivers\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)
0x8A447000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0xAE721000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Controlador del dispositivo de módem)
0x8A43A000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x8A420000 C:\Windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x98AA8000 C:\Windows\System32\Drivers\BTHUSB.sys 49152 bytes (Microsoft Corporation, Bluetooth Miniport Driver)
0x8BB34000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8B999000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Controlador de clase de teclado)
0x8B9A4000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Controlador del tipo de Mouse)
0x8BAE8000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8B8E9000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x90191000 C:\Windows\System32\drivers\tcpipreg.sys 45056 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8B90B000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x8A40E000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8AA17000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x8042D000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x900EF000 C:\Windows\system32\DRIVERS\BthEnum.sys 40960 bytes (Microsoft Corporation, Bluetooth Bus Extender)
0x9006D000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8B870000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x900B3000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x8BC89000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x900D1000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x876EF000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x8A51D000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x8A55C000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xA8994000 C:\Windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, Controlador de filtro de teclado HID)
0x806D1000 C:\Windows\system32\drivers\msahci.sys 36864 bytes (Microsoft Corporation, MS AHCI 1.0 Standard Driver)
0xA0F0F000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x8026E000 C:\Windows\system32\PSHED.dll 36864 bytes (Microsoft Corporation, Controlador de errores de hardware específicos de la plataforma)
0x8A52F000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x96400000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8765A000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8A56E000 C:\Windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x80214000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x80407000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x80266000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x802C6000 C:\Windows\system32\kdcom.dll 32768 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x8A5A8000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, Controlador de filtro de mouse HID)
0x8020C000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8A5B0000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8A5B8000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x80624000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8AA61000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x8AA68000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x80202000 C:\Windows\system32\drivers\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x8AA5A000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x8844C000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xA30AE000 C:\Windows\system32\DRIVERS\btwrchid.sys 12288 bytes (Broadcom Corporation., Bluetooth Remote Control HID Minidriver)
0x80209000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x8800C000 C:\Windows\system32\DRIVERS\OEM02Vfx.sys 8192 bytes (EyePower Games Pte. Ltd., Advanced Video FX Filter
Driver (Win2K based))
0x88018000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x8801E000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================

Attached Files



#10 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:58 AM

Posted 07 October 2010 - 04:14 AM

Hi,

this is looking pretty good, please run a scan with Kaspersky next:

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
      Extended (if available otherwise Standard)
    • Scan Options:
      Scan Archives
      Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
      Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

How is the Pc doing?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#11 regulov

regulov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 08 October 2010 - 03:49 PM

Hi Myrti, thanks again. my pc is working well... but i see a network drive is with a virus in some files (that files are not important. i can delete it). But i surprise it doesn´t see any virus on drive D: that is the restore drive. Anyway here is the kaspersky report.

Happy weekend

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, October 8, 2010
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit (build 6000)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Friday, October 08, 2010 07:38:01
Records in database: 4289254
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
Z:\

Scan statistics:
Objects scanned: 160974
Threats found: 3
Infected objects found: 23
Suspicious objects found: 0
Scan duration: 03:09:48


File name / Threat / Threats count
Z:\Archivos Régulo\regulop\Respaldo Pen drive (2)\autorun.inf Infected: Trojan.Win32.AutoRun.mh 1
Z:\Archivos Régulo\regulop\Respaldo Pen drive del 6-11-09\autorun.inf Infected: Trojan.Win32.AutoRun.mh 1
Z:\Ivrametal\De compras\Documentos en desuso\Estadistica de Productos para la compra.rar Infected: Trojan.Win32.Agent.amiu 19
Z:\Utiles\Vnc\vnc-4_1_3-x86_win32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.ad 2

Selected area has been scanned.


#12 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:58 AM

Posted 11 October 2010 - 04:48 AM

Hi,

the files found are from an infected flash drive. The items I found in the logs also pointed to a flash drive infection. It is possible that the infection never spread to your PC, but was blocked by your anti virus program.

If you do not clean that flash drive it will reinfect you every time you insert the flash drive. I suspect that it is not your vista master drive that is infected but your flash drive and that the infection after reformatting did not come from the master copy, but from the inserted flash drive. Is that possible?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users